This is the published company line, and the response to queries like yours
is uniform accross SecurID. That is one reason why I do not recomend them
to my customers, and I try and discourage their use as much as possible.
If it needs obscurity, there has to be a problem somewhere.
I hope they don't carry this idea down to their newly aquired divisions.
At 05:10 96-10-24 +0200, the sage Bernd Eckenfels scribed:
>> Anyway, I was asking about the _algorithm_, not the source code. I can
>> hack little things like that myself, thankyouverymuch.
>I was talking to a german SecurID Salesperson about this. I asked fot the
>mathematical Algorithm (which PNG is used and which Hash. Asked about the
>internal Bit-Length and so on. All I got was the Answer:
>We dont publish this, since it would make SecurID more insecure.
>I was dicussing with him a big time, but he was unable to understand that
>secure Algortihms dont need the be secure. I realy hpe the developers of
>SecuID know that better and dont use a weak PNG and keep it secure just to
Thus end the quotation from the scroll
Chris Liljenstolpe - "The Engineer formerly known as Swanson"
Mr. Saftey himself - Currently living with the penguins as
the Network Engineer at McMurdo Station, Antarctica
PGP Key 2047/37DDC209 E0 0F 16 97 33 16 F0 DD 41 B6 BC AF 20 31 AC FC