ActivIdentity: Not all OTP tokens are the same
August 2011 by ActivIdentity Corporation
OTP tokens are in the news these days. One particular implementation of the technology has been so successful that its name ‘SecurID’ is almost synonymous with an OTP token.
But according to Julian Lovelock, Senior Director, ActivIdentity, a global leader in secure identity solutions, recently acquired by HID Global, high profile attacks have raised questions as to whether OTP tokens are fundamentally flawed.
Julian Lovelock stated: “In February 2010 RSA announced that an APT attack had extracted information from their servers. Then in May the network at Lockheed experienced a ‘major disruption’, which was attributed in part to an attack leveraging that stolen information,”
“These attacks have inevitably raised questions amongst network security professionals as to whether OTP tokens are flawed, or does the technology just need tweaking a bit. To answer that question it’s helpful to get a better understanding of how they work. One aspect is key management; another is the token algorithm itself,” continued Julian Lovelock.
It turns out there are different flavors of token algorithm, and they differ in the way they display the ever changing number. These variations influence both the way we use them and their security.
OTP algorithms normally are based on a static key (per device) and to make the numbers (OTPs) change use variable called ‘moving factors’, often time, event or both: (See image)
“Some tokens use a time based algorithm. (RSA SecurID fits into this category). The issue with time as a moving factor is obviously that it is a common variable across all devices and everyone in the world knows what the current time is. This means that if you can get to the key of a token and then you know the algorithm (secret sauce) and the current time, voila’ you can generate the changing number,” continued Julian Lovelock.
“Some other tokens use a counter or event (the number of times a user presses the button to display the OTP) as the moving factor. This means that every token has a differing variable and hence for an attacker it is really difficult to predict what that number is for a particular token. The issue with a simple counter based OTP algorithms is that the OTP does not really expire so it is susceptible to phishing (receiving an alluring email tricking you into entering your OTP).”
Which brings us to another category of OTP algorithms that use both time and counter and hence really combine the best of properties of both time and counter based tokens. In this case they are more difficult to phish and harder to predict as each token in real life has a differing counter, making a seed compromise much less effective.
Julian Lovelock concluded: “So there you have it! There are actually different OTP tokens out there and by understanding the differences you can make an informed choice that if you want to replace a token with another you might actually want to ask for one that uses both time and event as moving factors.”