Thread
:
My gmail account has been hacked - I am pretty sure it's related to the N900 somehow
View Single Post
CrashandDie
2010-06-25 , 23:49
Posts: 336 | Thanked: 610 times | Joined on Apr 2008 @ France
#
23
Originally Posted by
juise-
like those Verisign pseudo-RNG-dongles.
They have nothing to do with Random Numbers.
Rather, the value is specifically computed every time you actually ask it to do so (VeriSign doesn't implement Time counters, but others do, which is far more secure).
Try to imagine that you have a 3DES key, and every time you press the generation button, the Event Counter is incremented, and you generate a new 3DES key from the Event Counter and the previous 3DES key. With this key, you can generate an OTP, which is then sent to the server for authentication.
They are really, far, far more than simple RNG's; so no need to try and simplify them in that way.
Source: I work in the industry.
Quote & Reply
|
CrashandDie
View Public Profile
Send a private message to CrashandDie
Find all posts by CrashandDie