[Crypto] Two factor auth, RSA tokens

My bank gave me this:

To login to my bank's website I should supply my contract's number, password and the number on token's display, which changes every minute. This is also a bar (like network strength bar on cellular phone) that shows, when the next change will happen.

I kept it on my desk all the time, using it for fortune-telling purposes. Instead of crystall ball, magic 8-ball, tarot cards, etc.

It's interesting that it can be implemented easily.

There is a counter in the token, counting minutes. At each moment, it shows how many minutes lasted from the 'startup' or 'boot'.

There is also a key. Let's say, a 128-bit key. The key is known only to bank. It's also contained in token's ROM. Ideally, it's not shared with anyone else.

A token runs AES encryption function with this secret key. Using minutes counter as a input data to encrypt. (This is close to CTR encryption mode.)

On the other hand, this is very close to CPRNG.

The result is used partially. Take first 6 digits, for example. Of course, this number can't be very long -- user have to input it no more than in 10 seconds.

The number is sent to your bank via Internet. Bank has a secret key. It also knows, when your token was 'started' or 'booted'. It can calculate precise number of minutes lasted until that moment. It does the same encryption operation and gets the 6-digit number. And compare them both.

This is why it's required for cryptoalgorithms to be simple and efficient -- so they can run on a cheap low-power circuits. My token worked for several years before the battery died.

Probably, its power consumption is comparable to a cheap digital watch, I believe. (Ideally it's curcuit shouldn't be more complex than the one of digital watch.)

Attacks

Of course, token manufacturers trying to protect tokens from side-channel attacks and decapsulations.

Further reading: Wikipedia, stoken is a tokencode generator compatible with RSA SecurID 128-bit (AES) tokens.

Using hash function

Like SHA2, SHA3...

$hash(Secret\_key + counter) \mod 10^6$

$hash(Secret\_key \oplus counter) \mod 10^6$

$hash(Secret\_key || counter) \mod 10^6$

(Two pipes '||' are used in cryptographical (text)books for concatenation.)


List of my other blog posts. My company.

Yes, I know about these lousy Disqus ads. Please use adblocker. I would consider to subscribe to 'pro' version of Disqus if the signal/noise ratio in comments would be good enough.