RSA SecurID Cracking Claims ‘Are Codswallop’

RSA SecurID tokens have not been cracked open as researchers had suggested, according to EMC’s security arm

The security arm of EMC has hit out at claims its RSA SecurID 800 tokens could be “cracked” within just 13 minutes.

Project Team Prosecco put out some research, claiming it had found a way of gaining protected data from devices like SecurID 800. Other affected devices included Siemens’ CardOS, which was cracked in only 22 minutes.

Team Prosecco claimed to have taken data by doing what is known as a “padding oracle” attack, where encrypted key import functions are exploited. In particular, they took advantage of a flaw in  a padding standard for encryption – PKCS#1v1.5 – designed to eradicate cipher predictability.

“Due to a perfect storm of (subtle, but not novel) cryptographic flaws, an attacker can extract sensitive keys from several popular cryptographic token devices. This is obviously not good, and it may have big implications for people who depend on tokens for their day-to-day security,” explained Matthew Green, cryptographer and research professor at Johns Hopkins University, in a blog post.

“The more specific (and important) lesson for cryptographic implementers is: if you’re using PKCS#1v1.5 padding for RSA encryption, cut it out.”

Not a ‘useful attack’ on SecurID

Yet RSA has refuted the claims that its token is insecure, saying the claims were exaggerated. It said “this is not a useful attack”, as  it requires access to the RSA SecurID 800 smartcard and the user’s smartcard PIN. If the attacker has those, there is no need to perform an attack at all, the security giant said.

“This is an alarming claim and should rightly concern customers who have deployed the RSA SecurID 800 authenticator. The only problem is that it’s not true,” said CTO for RSA’s identity and data protection business unit, Sam Curry, in a blog post.

“Much of the information being reported overstates the practical implications of the research, and confuses technical language in ways that make it impossible for security practitioners to assess risk associated with the products they use today accurately. The initial result is time wasted by product users and the community at large, determining the true facts of the situation.”

He claimed the research “doesn’t cover any meaningful new ground” and “does not highlight any practical risk” to users of the SecurID 800 product.

“The vulnerability outlined by the researchers makes it possible (however unlikely) that an attacker with access to the user’s smartcard device and the user’s smartcard PIN could gain access to a symmetric key or other encrypted data sent to the smartcard. It does not, however, allow an attacker to compromise private keys stored on the smartcard. Repeat, it does not allow an attacker to compromise private keys stored on the smartcard,” Curry added.

RSA’s SecurID products were in the spotlight last year when attackers managed to compromised the EMC company and steal information relating to the tokens.

Earlier this year, RSA denied there was a flaw with the algorithm for its X.509 public-key certificates, after Swiss researchers claimed a number of RSA public encryption keys offered “no security at all”. They analysed 7.1 million RSA encryption keys and found that 0.02 percent of them were improperly generated.

Are you a security boff? Try our quiz!