Scott Contini (MacquarieU/Sydney)
| The SecurID card is a cryptographic hardware token used in conjunction with a password for authenticating a user when he or she logs into a remote system. The token was first created in 1986, and today is used by more than 13 million people worldwide. In 2001, the token was reverse engineered and the internal algorithms were posted on the web by I.C. Wiener. In August of 2003, Biryukov, Lano, and Preneel presented a research paper showing that the device has real security problems: collisions of the internal hash function happen far too frequently, and once one has occurred, the 64-bit key within the token can be found much faster than exhaustive search. They sketched an attack that was conjectured to be equivalent to 248 hash operations. In this talk, we will outline the Biryukov, Lano, and Preneel attack, and then show how to significantly speed it up. The improved attack takes on the order of 244 operations. We also show special data cases that happen more than 30% of the time that result in further speedups, to approximately 240 operations. This is joint work with Yiqun Lisa Yin. Our results are summarised here. |