Saturday, September 27, 2008
Tuesday, September 23, 2008
Qualifications for the Ideal Pentester
From http://seclists.org/pen-test/2008/Sep/0153.html
What are the qualifications for the ideal "Penetration Tester"?
Your opinions and experiences are so much appreciated
This is likely going to differ from the normal tailored
answer you'll hear from the suit types so here goes. The
qualifications for pentesting if I were conducting the
interview would vary. I would prefer to find someone
with a thorough background in networking, systems
administration and programming.
The experience for me would have to be a few years in
an industry where the usage of those technologies
were heavy. For examply, I'd prefer to find someone
with hands on experience in say a NOC environment or
a SOC environment.
The candidate would HAVE to have hands on experience
first and foremost. I believe the at the bottom of
the line, experience outweighs any certifications
someone would have on their resume.
Secondly, I'd like to see them exposed professionally
in the security industry. In some capacity doing some
type of auditing, be it system level, network level.
For me, again, they'd have to have the technical know
how involved with systems administration as well as
with networking.
In the common tasks of a system administrator, there
are many learning curves for many systems (Windows,
Linux, BSD, etc.). There are many programs to be
learned and understood to effectively manage those
systems. There are duties including creating the
creation of accounts, group assigning, etc., this
exposes the candidate to the AAA concepts.
Networking is a must period. No network, no pentest.
I won't get into physical pentesting on this ramble.
Understanding networking is a tremendous advantage
since one needs to understand how things work from
the ground up. The candidate should be able to pick
apart layer by layer the OSI/DoD model to determine
a starting and exiting point when addressing their
penetration test.
Because I believe in a form of structured penetration
test, I feel the candidate should be a jack of all
trades on the protocols. They'd need to be well
versed to know when to perform networking related
security testing (MITM, packet injection, covert
channel testing) versus say application level
testing.
Next comes the core of understanding the protocol
itself. I'd want someone with a mixture of dealing
with security protocols. Perhaps someone having
experience configuring webservers with OpenSSL or
something along these lines. Someone whom I can
ask a quick question like say... What's are the
differences between aggressive and main modes of
VPN's? They'd need to understand what I'm talking
about and why I would ask something like this.
They'd need to be well versed on CVSS topics,
commonly used exploits, industry top 10's and 20's
as far as threats go, they'd need to understand a
few concepts related to doing paperwork as well.
This means understanding a broad but structured
view of topics such as BIA, DRM, ROI, etc., it's
a matter of preference, but the more experienced
in the subject matters even if its broadly based
I believe will get me a more professional pentest
expert on my team as opposed to someone who sat
around all day running tools.
I answered a question similar to this a week or
two ago; the need for those coming into the field
to understand the basics before solely focusing
solely on the usage of popular tools. My ideal
pentester would make his own tools a-la McGuyver
if they had to. There is no guarantee you will
always be able to use tools and many individuals
need to understand this concept. What happens
if you're at a client and they ask you right on
the spot to perform an assessment on their
machines without those fancy tools you'd swore
would find any hole. Would you know what to do
without them, would you know how to search for
open ports (lsof, netstat). Would you know the
system well enough for you to be able to perform
a pentest under those conditions.
Recap...
MUST
Networking, Systems, Applications, Security Concepts
What are the qualifications for the ideal "Penetration Tester"?
Your opinions and experiences are so much appreciated
This is likely going to differ from the normal tailored
answer you'll hear from the suit types so here goes. The
qualifications for pentesting if I were conducting the
interview would vary. I would prefer to find someone
with a thorough background in networking, systems
administration and programming.
The experience for me would have to be a few years in
an industry where the usage of those technologies
were heavy. For examply, I'd prefer to find someone
with hands on experience in say a NOC environment or
a SOC environment.
The candidate would HAVE to have hands on experience
first and foremost. I believe the at the bottom of
the line, experience outweighs any certifications
someone would have on their resume.
Secondly, I'd like to see them exposed professionally
in the security industry. In some capacity doing some
type of auditing, be it system level, network level.
For me, again, they'd have to have the technical know
how involved with systems administration as well as
with networking.
In the common tasks of a system administrator, there
are many learning curves for many systems (Windows,
Linux, BSD, etc.). There are many programs to be
learned and understood to effectively manage those
systems. There are duties including creating the
creation of accounts, group assigning, etc., this
exposes the candidate to the AAA concepts.
Networking is a must period. No network, no pentest.
I won't get into physical pentesting on this ramble.
Understanding networking is a tremendous advantage
since one needs to understand how things work from
the ground up. The candidate should be able to pick
apart layer by layer the OSI/DoD model to determine
a starting and exiting point when addressing their
penetration test.
Because I believe in a form of structured penetration
test, I feel the candidate should be a jack of all
trades on the protocols. They'd need to be well
versed to know when to perform networking related
security testing (MITM, packet injection, covert
channel testing) versus say application level
testing.
Next comes the core of understanding the protocol
itself. I'd want someone with a mixture of dealing
with security protocols. Perhaps someone having
experience configuring webservers with OpenSSL or
something along these lines. Someone whom I can
ask a quick question like say... What's are the
differences between aggressive and main modes of
VPN's? They'd need to understand what I'm talking
about and why I would ask something like this.
They'd need to be well versed on CVSS topics,
commonly used exploits, industry top 10's and 20's
as far as threats go, they'd need to understand a
few concepts related to doing paperwork as well.
This means understanding a broad but structured
view of topics such as BIA, DRM, ROI, etc., it's
a matter of preference, but the more experienced
in the subject matters even if its broadly based
I believe will get me a more professional pentest
expert on my team as opposed to someone who sat
around all day running tools.
I answered a question similar to this a week or
two ago; the need for those coming into the field
to understand the basics before solely focusing
solely on the usage of popular tools. My ideal
pentester would make his own tools a-la McGuyver
if they had to. There is no guarantee you will
always be able to use tools and many individuals
need to understand this concept. What happens
if you're at a client and they ask you right on
the spot to perform an assessment on their
machines without those fancy tools you'd swore
would find any hole. Would you know what to do
without them, would you know how to search for
open ports (lsof, netstat). Would you know the
system well enough for you to be able to perform
a pentest under those conditions.
Recap...
MUST
Networking, Systems, Applications, Security Concepts
Wednesday, September 17, 2008
Top 50 Quotes from Charles Barkley
50. "I can be bought. If they paid me enough, I'd work for the Klan."
49. "You got to believe in yourself. Hell, I believe I'm the best-looking guy in the world and I might be right."
48. "I don't hate anyone, at least not for more than 48 minutes, barring overtime."
47. "We better not be doing the Bulls this year. Man, they suck! Bunch of high school kids with $70 million contracts. Damn! I hate my mother for having me too soon."
46. "You can talk without saying a thing. I don't ever want to be that type of person."
45. After retiring from basketball "I'm just what America needs - another unemployed black man.
44. Ernie: "Did they recognize you in South Dakota?"
Charles: "Yes, they did. It was easy because I was the only black person there. When they see me walking down the street they say 'There he goes again'. And when I come back the next year they say 'He's back yawl!'"
43. Right after Peja won the 3-point contest: "Kenny said it was going to be an all-international night. I want to know which international brother is going to win the slam dunk contest."
42. On the Enron scandal investigation: "Almost all those politicians took money from Enron, and there they are holding hearings. That's like O.J. Simpson getting in the Rae Carruth jury pool."
41. "I had to explain to my daughter why that skank Monica Lewinski has an hour special on HBO this weekend."
40. Ernie: "Auburn is a pretty good school. To graduate from there I suppose you really need to work hard and put forth maximum effort."
Charles: "20 pts and 10 rebounds will get you through also!"
39. "Every time I think about changing a diaper, I run a little bit harder and a little bit faster to make sure I can afford a nanny until my daughter's old enough to take care of that herself."
38. EJ: "Did you graduate from Auburn?"
Charles: "No, but I have a couple people working for me who did."
37. "*** Bavetta and Moses parted the Red Sea together."
36. Ernie Johnson, on Reggie Evans being caught grabbing the rocks of Chris Kaman: "(Reggie Evans) got caught with his hand in the cookie jar."Charles Barkley: "Ernie, I don't know where you get your cookies at but the rest of us don't get ours there."
35. On his 17-year old daughter not dating yet: "Thank goodness. I just hope she doesn't start before I go in the Hall of Fame. That way, I won't have to kill anybody before I get inducted."
34. Kenny: "There's guys who go over to Europe and play overseas from America, and they dominate!"
Charles: "Those are called 'brothers'
33. After Wang has a shot blocked: "He's got to bring something stronger than that. That's like bringing milk to a bar, it's not strong enough"
32. Barkley on Turner Sports office having a betting pool on his weight: "That is starting to hurt my feelings. I don't mind skinny people making fun of me, we all do that, but I don't want fat people making fun of me."
31. "We are in the business of kicking butt and business is very, very good."
30. When the Dream Team was about to play the Angola national team, during pre-game interviews the other USA players provided diplomatic, face saving comments about how they would play hard and felt strongly they would win. When Chuck was asked about Angola and the game, he replied: "They're in a lot of trouble."
29. Charles Barkley on his thoughts about retiring before the season: "I remember sitting down with the Rockets and saying, 'Yeah. I'm going to retire.' They said, 'Well, we'll give you $9 million.' And I said, 'You got a pen on you?'"
28. Man, everything gets blamed on the Clintons, every single thing in this world. I think Bill Clinton shot JFK, too.
27. "I know why his name is DMX. Because his real name is Earl. Imagine if his name was Earl the rapper."
26. "If you go out with a girl and they say she has a great personality, she's ugly. If they tell you a guy works hard, he can't play a lick. Same thing."
25. After Kevin Garnett threw a ball into the crowd out of frustration and was ejected. They showed footage of the man that got hit by the ball being taken away in a stretcher and his daughter was crying. Charles commented that players take passes to the face all the time. He topped it off by saying: "You know why that little girl's crying? It's because she's thinking 'my daddy's a wussy'".
24. Barkley on Ernie Johnson and Kenny Smith eating a box of hot Krispy Kreme donuts in front of him: “Both of y’all are2 going to hell for that. Y’all are going to hell with a first-class ticket. Is that how you treat your partner? Krispy Kreme might be the greatest invention in the history of civilization when they’re hot. Y’all are cruel man.”
23. "It's kinda great to see the Celtics doin well again cuz that was so much fun in my day to go to the Boston Garden and they spit at you and throw things at you and talk about your mom. It sounds like dinner at Kenny Smith's house."
22. "I think that the team that wins game five will win the series. Unless we lose game five."
21. Charles Barkley after seeing a picture of Sam Cassell on the screen: "Phone home." And later he remarks to Kenny, "Sam Cassell is a good guy, but he's not going to wind up on the cover of GQ anytime soon."
20. While watching someone in Australia put $1 million worth of rubies on a table: "Damn, must not be any black folks in Australia. You can't just leave $1 million worth of jewelry lying around the 'hood."
19. Asked if he had ever been in the governor's office in Montgomery, Barkley said no. "They don't let many black people in the governor's mansion in Alabama," he said, "unless they're cleaning."
18. On the goal of the '92 Olympic Dream Team when playing Panama in the Tournament of the Americas: "To get the Canal back."
17. To Kenny: "Hakeem couldn't kick your ass cuz you were too close, kissin his!"
16. Barkley on Hanno Mottola, who, as EJ remarked "is the first NBA player from Finland". Charles replies: "Of course he is the first NBA player from Finland, he's the only person in Finland."
15. On supersized Oliver Miller: "You can't even jump high enough to touch the rim, unless they put a Big Mac on it."
14. "All I know is, as long as I led the Southeastern Conference in scoring, my grades would be fine."
13. On North Carolina missing 22 of its last 23 shots in losing to Georgetown in the NCAA tournament last weekend: "Stevie Wonder could make one of 23 shots."
12. I'd never buy my girl a watch... she's already got a clock over the stove.
11. "I always laugh when people ask me about rebounding techniques. I've got a technique. It's called just go get the damn ball."
10. On the Portland Trail Blazers (back when they were known as the Jail Blazers) serving Thanksgiving meals: "In between arrests they do community service."
9. "Yeah Ernie, its called defense, I mean I wouldn't know anything about it personally but I've heard about it through the grapevine.
8. "Well, when I went off to college, the guys I used to hang with were pumping gas and voting Democrat. Today they're still pumping gas and voting Democrat. Guess the Democrats didn't do much for them."
7. "When I was recruited at Auburn [university], they took me to a strip joint. When I saw those titties on Buffy, I knew that Auburn met my academic requirements."
6. "Hey Stanley, you could be a great player if you learned just two words: I'm full."— Barkley yelling to 300-plus-pound Houston Rockets teammate Stanley Roberts
5. "I heard Tonya Harding is calling herself the Charles Barkley of figure skating. I was going to sue her for defamation of character, but then I realized I have no character."
4. On the All-Star Game: "Hell, there ain't but 15 black millionaires in the whole country & half of 'em are right here in this room."
3. On Jerry Krause still being able to keep his job as GM of the Chicago Bulls: "Jerry Krause must have pictures of his boss's wife having sex with a monkey."
2. After throwing a guy through a 1st floor window in a bar Charles was in front of the judge.
Judge: "Your sanctions are community service and a fine, do you have any regrets?"
Charles: "Yeah I regret we weren't on a higher floor"
1. After an Olympic Dream Team victory over Angola, in which they won 116-48, Charles got into a physical altercation with a member of Angola towards the end of the game, afterwards he says: "Somebody hits me, I'm going to hit him back. Even if it does look like he hasn't eaten in a couple weeks. I thought he was going to pull a spear on me."
This guy is great.
49. "You got to believe in yourself. Hell, I believe I'm the best-looking guy in the world and I might be right."
48. "I don't hate anyone, at least not for more than 48 minutes, barring overtime."
47. "We better not be doing the Bulls this year. Man, they suck! Bunch of high school kids with $70 million contracts. Damn! I hate my mother for having me too soon."
46. "You can talk without saying a thing. I don't ever want to be that type of person."
45. After retiring from basketball "I'm just what America needs - another unemployed black man.
44. Ernie: "Did they recognize you in South Dakota?"
Charles: "Yes, they did. It was easy because I was the only black person there. When they see me walking down the street they say 'There he goes again'. And when I come back the next year they say 'He's back yawl!'"
43. Right after Peja won the 3-point contest: "Kenny said it was going to be an all-international night. I want to know which international brother is going to win the slam dunk contest."
42. On the Enron scandal investigation: "Almost all those politicians took money from Enron, and there they are holding hearings. That's like O.J. Simpson getting in the Rae Carruth jury pool."
41. "I had to explain to my daughter why that skank Monica Lewinski has an hour special on HBO this weekend."
40. Ernie: "Auburn is a pretty good school. To graduate from there I suppose you really need to work hard and put forth maximum effort."
Charles: "20 pts and 10 rebounds will get you through also!"
39. "Every time I think about changing a diaper, I run a little bit harder and a little bit faster to make sure I can afford a nanny until my daughter's old enough to take care of that herself."
38. EJ: "Did you graduate from Auburn?"
Charles: "No, but I have a couple people working for me who did."
37. "*** Bavetta and Moses parted the Red Sea together."
36. Ernie Johnson, on Reggie Evans being caught grabbing the rocks of Chris Kaman: "(Reggie Evans) got caught with his hand in the cookie jar."Charles Barkley: "Ernie, I don't know where you get your cookies at but the rest of us don't get ours there."
35. On his 17-year old daughter not dating yet: "Thank goodness. I just hope she doesn't start before I go in the Hall of Fame. That way, I won't have to kill anybody before I get inducted."
34. Kenny: "There's guys who go over to Europe and play overseas from America, and they dominate!"
Charles: "Those are called 'brothers'
33. After Wang has a shot blocked: "He's got to bring something stronger than that. That's like bringing milk to a bar, it's not strong enough"
32. Barkley on Turner Sports office having a betting pool on his weight: "That is starting to hurt my feelings. I don't mind skinny people making fun of me, we all do that, but I don't want fat people making fun of me."
31. "We are in the business of kicking butt and business is very, very good."
30. When the Dream Team was about to play the Angola national team, during pre-game interviews the other USA players provided diplomatic, face saving comments about how they would play hard and felt strongly they would win. When Chuck was asked about Angola and the game, he replied: "They're in a lot of trouble."
29. Charles Barkley on his thoughts about retiring before the season: "I remember sitting down with the Rockets and saying, 'Yeah. I'm going to retire.' They said, 'Well, we'll give you $9 million.' And I said, 'You got a pen on you?'"
28. Man, everything gets blamed on the Clintons, every single thing in this world. I think Bill Clinton shot JFK, too.
27. "I know why his name is DMX. Because his real name is Earl. Imagine if his name was Earl the rapper."
26. "If you go out with a girl and they say she has a great personality, she's ugly. If they tell you a guy works hard, he can't play a lick. Same thing."
25. After Kevin Garnett threw a ball into the crowd out of frustration and was ejected. They showed footage of the man that got hit by the ball being taken away in a stretcher and his daughter was crying. Charles commented that players take passes to the face all the time. He topped it off by saying: "You know why that little girl's crying? It's because she's thinking 'my daddy's a wussy'".
24. Barkley on Ernie Johnson and Kenny Smith eating a box of hot Krispy Kreme donuts in front of him: “Both of y’all are2 going to hell for that. Y’all are going to hell with a first-class ticket. Is that how you treat your partner? Krispy Kreme might be the greatest invention in the history of civilization when they’re hot. Y’all are cruel man.”
23. "It's kinda great to see the Celtics doin well again cuz that was so much fun in my day to go to the Boston Garden and they spit at you and throw things at you and talk about your mom. It sounds like dinner at Kenny Smith's house."
22. "I think that the team that wins game five will win the series. Unless we lose game five."
21. Charles Barkley after seeing a picture of Sam Cassell on the screen: "Phone home." And later he remarks to Kenny, "Sam Cassell is a good guy, but he's not going to wind up on the cover of GQ anytime soon."
20. While watching someone in Australia put $1 million worth of rubies on a table: "Damn, must not be any black folks in Australia. You can't just leave $1 million worth of jewelry lying around the 'hood."
19. Asked if he had ever been in the governor's office in Montgomery, Barkley said no. "They don't let many black people in the governor's mansion in Alabama," he said, "unless they're cleaning."
18. On the goal of the '92 Olympic Dream Team when playing Panama in the Tournament of the Americas: "To get the Canal back."
17. To Kenny: "Hakeem couldn't kick your ass cuz you were too close, kissin his!"
16. Barkley on Hanno Mottola, who, as EJ remarked "is the first NBA player from Finland". Charles replies: "Of course he is the first NBA player from Finland, he's the only person in Finland."
15. On supersized Oliver Miller: "You can't even jump high enough to touch the rim, unless they put a Big Mac on it."
14. "All I know is, as long as I led the Southeastern Conference in scoring, my grades would be fine."
13. On North Carolina missing 22 of its last 23 shots in losing to Georgetown in the NCAA tournament last weekend: "Stevie Wonder could make one of 23 shots."
12. I'd never buy my girl a watch... she's already got a clock over the stove.
11. "I always laugh when people ask me about rebounding techniques. I've got a technique. It's called just go get the damn ball."
10. On the Portland Trail Blazers (back when they were known as the Jail Blazers) serving Thanksgiving meals: "In between arrests they do community service."
9. "Yeah Ernie, its called defense, I mean I wouldn't know anything about it personally but I've heard about it through the grapevine.
8. "Well, when I went off to college, the guys I used to hang with were pumping gas and voting Democrat. Today they're still pumping gas and voting Democrat. Guess the Democrats didn't do much for them."
7. "When I was recruited at Auburn [university], they took me to a strip joint. When I saw those titties on Buffy, I knew that Auburn met my academic requirements."
6. "Hey Stanley, you could be a great player if you learned just two words: I'm full."— Barkley yelling to 300-plus-pound Houston Rockets teammate Stanley Roberts
5. "I heard Tonya Harding is calling herself the Charles Barkley of figure skating. I was going to sue her for defamation of character, but then I realized I have no character."
4. On the All-Star Game: "Hell, there ain't but 15 black millionaires in the whole country & half of 'em are right here in this room."
3. On Jerry Krause still being able to keep his job as GM of the Chicago Bulls: "Jerry Krause must have pictures of his boss's wife having sex with a monkey."
2. After throwing a guy through a 1st floor window in a bar Charles was in front of the judge.
Judge: "Your sanctions are community service and a fine, do you have any regrets?"
Charles: "Yeah I regret we weren't on a higher floor"
1. After an Olympic Dream Team victory over Angola, in which they won 116-48, Charles got into a physical altercation with a member of Angola towards the end of the game, afterwards he says: "Somebody hits me, I'm going to hit him back. Even if it does look like he hasn't eaten in a couple weeks. I thought he was going to pull a spear on me."
This guy is great.
Tuesday, August 19, 2008
TMac's Best Quotes
Courtesy of clutchcity.net
"It's on me."
"It's my fault some people ordered Heneiken but got budweiser. Im sorry. "
“I don’t believe in pressure. Pressure doesn’t affect me at all.”
"I know I have to keep up my image. It's all about how you handle the situation."
“I work on my game daily. Because I’m never satisfied, never going to be.”
"I just couldn't afford for us to lose this game, so I had to impose my will on it."
"I try, man, I try."
"I'll make Stromile an All-Star."
"We got Steve Francis? For real?"
"It's on me."
"It's my fault some people ordered Heneiken but got budweiser. Im sorry. "
“I don’t believe in pressure. Pressure doesn’t affect me at all.”
"I know I have to keep up my image. It's all about how you handle the situation."
“I work on my game daily. Because I’m never satisfied, never going to be.”
"I just couldn't afford for us to lose this game, so I had to impose my will on it."
"I try, man, I try."
"I'll make Stromile an All-Star."
"We got Steve Francis? For real?"
Tuesday, July 29, 2008
Ron Artest
Yeah its about time we got some heart (and crazy) back in H-Town. I present to you my new favorite Rocket.
Sunday, June 29, 2008
Wednesday, May 28, 2008
Saturday, December 29, 2007
wireless card
Just so I don't forget, here are the specs on my wireless card:
Buffalo wli-cb-g54hp
Driver : bcm43xx
Chipset : Broadcom BCM43xx
Buffalo wli-cb-g54hp
Driver : bcm43xx
Chipset : Broadcom BCM43xx
Wednesday, December 05, 2007
Tuesday, October 16, 2007
How RSA tokens work
First post in a series (hopefully) related to general computer security.
When I first started my current many years ago I was issued of these keyfob thingies which displayed a 6 digit number that changed every minute. I just blindly accepted that it did some complex random number generation that allowed me to log in to systems securely.
Here's how it works (paraphrased from this).
The token is a completely standalone unit. It does not have any sort of connection to any other electronic device.
Each token contains a clock chip and a unique seed number, which I assume is displayed on the back of the token.
Every minute, the combination of the current time and the unique seed number as input of the algorithm and produces the six digit number you see on the token (I have no information on the algorithm itself).
The server performing the authentication (known as an ACE Server) knows your unique seed number, the algorithm being used, and the time. With this information, it performs the same function on the server. It receives your code and compares it to the code it computes. If the codes match you are authenticated.
Edit:
I found a more detailed breakdown after the original post is here:
All versions of the SecurID use RSA's patented
technology to synchronize the use of Current Time in a SecurID token and
its remote authentication server, what RSA calls the
ACE/Server. (Typically, as you know, the link between the token-holder and
the ACE/Server is through an intermediary -- an ACE/Agent or RADIUS agent
-- which intercepts an authentication call and relays it to the ACE/Server
for processing.)
The classic SecurID, for 15 years, used a proprietary algorithm to
hash a token-specific 64-bit seed and Current Time. The new SecurID --
introduced at the beginning of 2003 -- uses the AES block cipher, in
standard ECB mode, to hash:
- a 128-bit token-specific true-random seed,
- a 64-bit standard ISO representation of Current Time
(yr/mo/day/hour/min/second),
- a 32-bit token-specific salt (the serial number of the token), and
- another 32 bits of padding, which can be adapted for new functions or
additional defensive layers in the future.
Conflated and hashed by the AES, these inputs generate the series
of 6-8 digit (or alphanumeric) token-codes that are continuous displayed on
the SecurID's LCD, rolling over every 60 seconds. (The standard mode of
use, as you know, requires two-factor authentication: the token-holder is
required to provide both a SecurID token-code and a user-memorized PIN to
the remote ACE/Server.)
ECB mode in AES is executed on 128-bit blocks, of course, so it is
obvious that RSA had to pad the standard 64-bit expression of Current Time
with another 64 bits. Using a token-specific salt blocks any attempt to
pre-calculate a library of possible token-codes for all 128-bit seeds. That
means that any brute-force attack on the AES SecurIDs would have be focused
on a particular token.
When I first started my current many years ago I was issued of these keyfob thingies which displayed a 6 digit number that changed every minute. I just blindly accepted that it did some complex random number generation that allowed me to log in to systems securely.
Here's how it works (paraphrased from this).
The token is a completely standalone unit. It does not have any sort of connection to any other electronic device.
Each token contains a clock chip and a unique seed number, which I assume is displayed on the back of the token.
Every minute, the combination of the current time and the unique seed number as input of the algorithm and produces the six digit number you see on the token (I have no information on the algorithm itself).
The server performing the authentication (known as an ACE Server) knows your unique seed number, the algorithm being used, and the time. With this information, it performs the same function on the server. It receives your code and compares it to the code it computes. If the codes match you are authenticated.
Edit:
I found a more detailed breakdown after the original post is here:
All versions of the SecurID use RSA's patented
technology to synchronize the use of Current Time in a SecurID token and
its remote authentication server, what RSA calls the
ACE/Server. (Typically, as you know, the link between the token-holder and
the ACE/Server is through an intermediary -- an ACE/Agent or RADIUS agent
-- which intercepts an authentication call and relays it to the ACE/Server
for processing.)
The classic SecurID, for 15 years, used a proprietary algorithm to
hash a token-specific 64-bit seed and Current Time. The new SecurID --
introduced at the beginning of 2003 -- uses the AES block cipher, in
standard ECB mode, to hash:
- a 128-bit token-specific true-random seed,
- a 64-bit standard ISO representation of Current Time
(yr/mo/day/hour/min/second),
- a 32-bit token-specific salt (the serial number of the token), and
- another 32 bits of padding, which can be adapted for new functions or
additional defensive layers in the future.
Conflated and hashed by the AES, these inputs generate the series
of 6-8 digit (or alphanumeric) token-codes that are continuous displayed on
the SecurID's LCD, rolling over every 60 seconds. (The standard mode of
use, as you know, requires two-factor authentication: the token-holder is
required to provide both a SecurID token-code and a user-memorized PIN to
the remote ACE/Server.)
ECB mode in AES is executed on 128-bit blocks, of course, so it is
obvious that RSA had to pad the standard 64-bit expression of Current Time
with another 64 bits. Using a token-specific salt blocks any attempt to
pre-calculate a library of possible token-codes for all 128-bit seeds. That
means that any brute-force attack on the AES SecurIDs would have be focused
on a particular token.
Subscribe to:
Posts (Atom)