Sciweavers

FSE
2004
Springer

Fast Software-Based Attacks on SecurID

14 years 5 months ago
Fast Software-Based Attacks on SecurID
SecurID is a widely used hardware token for strengthening authentication in a corporate environment. Recently, Biryukov, Lano, and Preneel presented an attack on the alleged SecurID hash function [1]. They showed that vanishing differentials – collisions of the hash function – occur quite frequently, and that such differentials allow an attacker to recover the secret key in the token much faster than exhaustive search. Based on simulation results, they estimated that the running time of their attack would be about 248 full hash operations when using only a single 2-bit vanishing differential. In this paper, we present techniques to improve the [1] attack. Our theoretical analysis and implementation experiments show that the running time of our improved attack is about 245 hash operations. We then investigate into the use of extra information that an attacker would typically have: multiple vanishing differentials or knowledge that other vanishing differentials do not occur in a...
Scott Contini, Yiqun Lisa Yin
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Where FSE
Authors Scott Contini, Yiqun Lisa Yin
Comments (0)