For years private companies and government agencies have given their employees a card or token that produces a constantly changing set of numbers. Those devices became the preferred method of securing confidential communications online. No one could have access to the data without a secret key generated by the device.
Computer scientists say they have now figured out how to extract that key from a widely used RSA electronic token in as little as 13 minutes.
The scientists, who call themselves Team Prosecco, said their experiment can pry open one model of the RSA dongle — the SecurID 800 — as well as similar tools produced by other companies. They published their findings in a research paper to be presented at a cryptography conference in August; the findings were first reported Monday morning by Ars Technica, a technology news site.
keyboard shortcuts: V vote up article J next comment K previous comment