Firewalls: Re: SecurID White Paper

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: SecurID White Paper
From:	lists @ lina . inka . de (Bernd Eckenfels)
Date:	Wed, 4 Sep 1996 02:58:33 +0200 (MET DST)
To:	peiterz @ secnet . com (Peiter Z)
Cc:	firewalls @ greatcircle . com
In-reply-to:	<199609041738 . LAA01415 @ silence . secnet . com> from "Peiter Z" at Sep 4, 96 11:38:40 am

Hi,

> Topics dealt with in the paper include:
>  . Race attacks based upon fixed length responses (still valid even with
>       the current patch)
>  . Denial of Service attacks based upon server patches
>  . Server - Slave separation and replay attacks
>  . Vulnerabilities in the communications with the ACE Server
>  . A quick analysis of the communications with the ACE Server
>  . Problems with out-of-band authentication 

What about the Relationship between the Serial Number of a Card (or any
other nformation printed on it) and the Seed of the PNG? How does a Admin
announce new Cards to the Ace Server? Is this a "keep it secret" thing, or
is it cryptogrfically secure?

Greetings
Bernd

Follow-Ups:

Re: SecurID White Paper
From: Adam Shostack <adam @ homeport . org>

References:

SecurID White Paper
From: Peiter Z <peiterz @ secnet . com>

Indexed By Date	Previous:	SecurID White Paper From: Peiter Z <peiterz @ secnet . com>
Indexed By Date	Next:	No toolz at cdm From: potlicker @ morebbs . com
Indexed By Thread	Previous:	SecurID White Paper From: Peiter Z <peiterz @ secnet . com>
Indexed By Thread	Next:	Re: SecurID White Paper From: Adam Shostack <adam @ homeport . org>