Grand Idea Studio

Security

DS1991 MultiKey iButton Dictionary Attack

Thursday, Jan 18th, 2001

Dallas Semiconductor's (now Maxim Integrated Products) iButton devices are hardware tokens deployed globally in applications such as cashless transactions, stored-value debit/electronic wallets, software copyright protection, user authentication, and access control. Each dime-sized device contains a 64-bit unique identifier and various sizes of memory storage.The DS1991 makes use of three distinct …

[ continue ]

RSA SecurID Algorithm Cryptanalysis

Monday, Jan 1st, 2001

This short paper examines several discovered statistical irregularities in functions used within the RSA Security's SecurID algorithm: the time computation and final conversion routines. Where and how these irregularities can be mitigated by usage and policy are explored. The primary concern is the possibility to generate a complete cycle of …

[ continue ]

Attacks on USB Hardware Token Devices

Thursday, Oct 12th, 2000

This paper presents the methods used to attempt access to private data stored in Universal Serial Bus (USB) hardware tokens without having legitimate credentials. We look at the current state-of-the-art products of the commercial world. Our research is based on an approach of using only common, off-the-shelf tools, yet we …

[ continue ]

Compromising Voice Messaging Systems

Tuesday, May 2nd, 2000

Voice mail systems and answering machines are an important part of the corporate information flow. However, they are frequently left unprotected and are overlooked when security assessments are performed. Access to these systems may yield valuable information and may assist attackers to further their attacks on the company's computer infrastructure. …

[ continue ]

Wardialing Brief

Sunday, Apr 2nd, 2000

Wardialing consists of using a computer to dial a given set of telephone numbers with a modem. Each phone number that answers with modem handshake tones and is successfully connected to is stored in a log. By searching a range of phone numbers for computers, one can find entry points …

[ continue ]

NewerOlder

Press

The Boston Globe

T hacking exposes a deeper clash

Wired.com

DefCon Badge Designer in New Discovery ...

Gizmodo

Upcoming Prototype This! TV Show Sounds ...

Core77

Sweet prototyping show to debut in ...