[TriLUG] OT: RSA Securid - how does it work?

Barry Gaskins barry.gaskins at gmail.com
Sat Mar 8 09:29:28 EST 2008 

   Well only RSA knows for sure but they are not publishing any details.

   But we can guess at a few things.  First of all the date on the
back does not really matter.  When you get your key you have to
activate it by waiting until the number changes and then typing in the
number so it only has to be close when you activate it.  Also it would
not have to be exact down to the second since it only changes every
minute and it takes a few seconds to type in the number and log in
anyway.  If I were writing the software then I would allow the last
number to work for a while after I knew it was supposed to change.
They could even make the window wider depending on how long it was
since the key was "activated".

   Of course they would want it to quit working every few years just
to make you pay to buy another one...

   - Barry Gaskins

On Sat, Mar 8, 2008 at 9:17 AM, Joseph Mack NA3T <jmack at wm7d.net> wrote:
> I have one of these keys, which gives a different random
>  number every minute, so I can logon at work. I'm wondering
>  how it keeps synchronisation with the server. Searches on
>  google for "RSA Securid how does it work" only come up with
>  pages on how to login with it (and shills from RSA telling
>  me how wonderful these keys are).
>
>  I assume that the key has a free running crystal oscillator
>  in which case the setting and long term drift will not be
>  better than 1:10^6 and it would go out of synch in 2yrs
>  (60*10^6 secs). Mine has a date of Nov 2003 on the back, so
>  presumably it's been running for 4 years. Assuming the
>  battery will last 10yrs, this would mean that the accuracy
>  of the crystal would have to be 1:10^7 to maintain synch
>  over this time. This tolerance is a bit tighter than I would
>  expect is possible.
>
>  Anyone know how these things keep synchronised with the
>  server?
>
>  Thanks Joe
>
>  --
>  Joseph Mack NA3T EME(B,D), FM05lw North Carolina
>  jmack (at) wm7d (dot) net - azimuthal equidistant map
>  generator at http://www.wm7d.net/azproj.shtml
>  Homepage http://www.austintek.com/ It's GNU/Linux!
>  --
>  TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug
>  TriLUG Organizational FAQ  : http://trilug.org/faq/
>  TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
>

More information about the TriLUG mailing list