Oh Oh: RSA SecurID 800 Token broken

The RSA SecurID 800 token is a small USB device that authenticates users when they sign on to secure computers. It offers two factor authentication and contains encrypted keys and credentials that are, in theory, inaccessible to users or attackers. Now Ars Technica is reporting that researchers have a developed a new attack that recovers the keys in about 13 minutes.

Needless to say, this is really bad news for RSA. It’s also bad news for many other manufacturers of similar devices since their tokens are also susceptible to the attack. The exploit is a modified Bleichenbacher attack (from the 1990s) that reduces the work enough to make the inefficient Bleichenbacher attack practical.

The Ars Technica article has a link to a paper describing the attack but for the curious non-expert, I recommend this post by Matthew Green. It does a good job of describing the problem and gives an outline of how the attack works.

This entry was posted in General and tagged . Bookmark the permalink.