Firewalls: Re: Secure Slip Dial in ??

Firewalls
(October 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Secure Slip Dial in ??
From:	Marcus J Ranum <mjr @ tis . com>
Organization:	Trusted Information Systems, Inc. Glenwood, MD
Date:	Wed, 26 Oct 1994 09:57:22 -0400 (EDT)
To:	proberts @ moc1 . gannett . com (Robertson, Paul)
Cc:	luttinen @ s1 . msi . umn . edu, firewalls-owner @ GreatCircle . COM, rwright @ moc1 . gannett . com, firewalls @ greatcircle . com
In-reply-to:	<2EAE7F8C @ smtpgate . gannett . com> from "Robertson, Paul" at Oct 26, 94 09:10:00 am
Phone:	301-854-6889

Robertson, Paul writes:
> Is anyone using the Security Dynamics system in conjunction with a firewall?
> We use it for dial-up access, and are pleased with it. 

	The firewall toolkit has hooks in its authentication server for
using SecurID; so if you've already got it in house, you're golden.
  
> Also, does anyone have any info on what algorithm they use?

	Their clock-sync algorithm is patented, but should be intuitively
obvious. Looks like they just DES encrypt the clock modulo some granularity
with a secret key that is stored on the card. The server performs the same
encryption using its clock, then applies a skew based on the last time the
card successfully authenticated, with a sliding window to allow for greater
drift latitude over time. Just a guess, though.

mjr.

Follow-Ups:

Re: Secure Slip Dial in ??
From: lavondes @ tidtest . total . fr (Michel Lavondes)

References:

Re: Secure Slip Dial in ??
From: "Robertson, Paul" <proberts @ moc1 . gannett . com>

Indexed By Date	Previous:	RE: Firewalls-Digest V3 #376 From: "cpark::beazley"@belmnt.enet.dec.com
Indexed By Date	Next:	Firewall solutions From: Beppe . Coffano @ ITS . IT
Indexed By Thread	Previous:	Re: Secure Slip Dial in ?? From: "Robertson, Paul" <proberts @ moc1 . gannett . com>
Indexed By Thread	Next:	Re: Secure Slip Dial in ?? From: lavondes @ tidtest . total . fr (Michel Lavondes)