Robertson, Paul writes:
> Is anyone using the Security Dynamics system in conjunction with a firewall?
> We use it for dial-up access, and are pleased with it.
The firewall toolkit has hooks in its authentication server for
using SecurID; so if you've already got it in house, you're golden.
> Also, does anyone have any info on what algorithm they use?
Their clock-sync algorithm is patented, but should be intuitively
obvious. Looks like they just DES encrypt the clock modulo some granularity
with a secret key that is stored on the card. The server performs the same
encryption using its clock, then applies a skew based on the last time the
card successfully authenticated, with a sliding window to allow for greater
drift latitude over time. Just a guess, though.