Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Key Management Biggest Factor In Determining Security Of OTP Systems

ActivIdentity : 11 August, 2011  (Technical Article)
ActivIdentity examines the security concerns over One-Time Passwords and focuses on key management as the main determining factor
Key Management Biggest Factor In Determining Security Of OTP Systems
There’s a lot of chatter at the moment, for understandable reasons, about whether OTP tokens can still be considered secure. But according to Julian Lovelock, Senior Director, ActivIdentity, there’s no black and white answer.

Julian Lovelock stated: “Much of the concern around the security of
OTP tokens stems from their underlying reliance on a symmetric key model. What that means in practical terms is that you need to load into the authentication server an exact copy of the key that’s injected into the OTP token. These keys, often referred to as ‘seeds’, therefore need to be managed. And the processes and systems that manage those keys/seeds are great places for attackers to go after.”

“When determining whether
OTP tokens are secure enough, enterprises should take a look at how the keys are being managed. In many cases the process is as follows. The token vendor injects a key into the token during manufacturing. In parallel a seed file is created containing all the keys for a batch of tokens. The tokens are shipped to the customer along with the seed file. An administrator at the customer site loads the seed file into the authentication server,” he continued.

According to Julian Lovelock there are actually six potential points of compromise in the chain:

1 The manufacturing process that generates the seed file
2 The transport of that seed file to the customer site
3 The management of that seed file on site, prior to being loaded into the authentication server
4 The secure storage of the seed file within the authentication server
5 The retention by the customer of that seed file (often on a CD) subsequent to its being loaded into the authentication server
6 The retention of that seed file by the
OTP token vendor

Julian Lovelock continued: “A far more secure model is one in which customers can initialise
OTP tokens themselves from the admin console of the authentication server. In this model those pesky seed files are removed from the process because the key is simultaneously injected into the token and authentication server database. This eliminates five of the six potential points of compromise that attackers can go after,”

“Going forward RSA will no doubt take extraordinary steps to ensure that seed files can’t be stolen from their internal systems. But, if you have six unlocked doors in your house, then just locking the one the burglars came through last time doesn’t necessarily make for a secure home. Of course there is a way to avoid all six points of compromise, which is to deploy smart cards, since these rely on an asymmetric key model,” concluded Julian Lovelock.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo