Sign In

Communications of the ACM

ACM TechNews

Computer Scientists Break Security Token Key in Record Time


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
Chris Peikert

Georgia Tech security researcher Chris Peikert

Credit: Georgia Tech

A group of computer scientists dubbed Team Prosecco says it has found a way to extract a security key from a widely used RSA electronic token in 13 minutes.

The researchers say they can hack into the SecurID 800 RSA Dongle, as well as similar devices produced by other companies.

RSA Security is currently using its own computer scientists to determine if the claim is valid. "If there is a potential serious security vulnerability or threat to our customers, RSA will move quickly to address it," says RSA's Kevin Kempskie.

Researchers had assumed it would be impractical for hackers to break into RSA security devices because it would take too much time, says Georgia Institute of Technology cryptographer Chris Peikert. Team Prosecco also says it has created another algorithm that enables five types of security hardware devices to be cracked, all in relatively short periods of time.

"Cryptography breaks very slowly. It's the molasses of computer science," says security researcher Dan Kaminsky. "There are many technologies we abstractly know are problematic and we prioritize fixing them less than things that are obviously on fire."

From New York Times 
View Full Article

Abstracts Copyright © 2012 Information Inc. External Link, Bethesda, Maryland, USA


 

No entries found