http://arstechnica.com/security/2012...k-steals-keys/
Scientists have devised an attack that takes only minutes to steal the sensitive cryptographic keys stored on a raft of hardened security devices that corporations and government organizations use to access networks, encrypt hard drives, and digitally sign e-mails.
The exploit, described in a paper to be presented at the CRYPTO 2012 conference in August, requires just 13 minutes to extract a secret key from RSA's SecurID 800, which company marketers hold out as a secure way for employees to store credentials needed to access confidential virtual private networks, corporate domains, and other sensitive environments. The attack also works against other widely used devices, including the electronic identification cards the government of Estonia requires all citizens 15 years or older to carry, as well as tokens made by a variety of other companies.
...
More than 24 hours after this article was published, and 72 hours after Ars Technica sought comment from RSA, company representatives have issued a statement saying they "strongly disagree with the suggested implications of the Ars Technica article." Among other things, the statement says: "While RSA would agree that the research paper demonstrates an improvement of the padding oracle attack, the attack is better characterized as against the PKCS #1 V1.5 standard rather than any particular device."
The statement, and an accompanying blog post titled Don't believe Everything You Read ... Your RSA SecurID Token is not cracked, come after RSA officials challenged claims in this article that said the attack could be used to extract cryptographic keys from the SecurID 800. These officials now concede that the attack can be used to access symmetric keys stored on the device. They now take issue with use of the word "crack" in the headline and say that the exploit described in the original paper is an "academic exercise" and "not a useful attack."
Ars Technica stands by the reporting in this article.
The exploit, described in a paper to be presented at the CRYPTO 2012 conference in August, requires just 13 minutes to extract a secret key from RSA's SecurID 800, which company marketers hold out as a secure way for employees to store credentials needed to access confidential virtual private networks, corporate domains, and other sensitive environments. The attack also works against other widely used devices, including the electronic identification cards the government of Estonia requires all citizens 15 years or older to carry, as well as tokens made by a variety of other companies.
...
More than 24 hours after this article was published, and 72 hours after Ars Technica sought comment from RSA, company representatives have issued a statement saying they "strongly disagree with the suggested implications of the Ars Technica article." Among other things, the statement says: "While RSA would agree that the research paper demonstrates an improvement of the padding oracle attack, the attack is better characterized as against the PKCS #1 V1.5 standard rather than any particular device."
The statement, and an accompanying blog post titled Don't believe Everything You Read ... Your RSA SecurID Token is not cracked, come after RSA officials challenged claims in this article that said the attack could be used to extract cryptographic keys from the SecurID 800. These officials now concede that the attack can be used to access symmetric keys stored on the device. They now take issue with use of the word "crack" in the headline and say that the exploit described in the original paper is an "academic exercise" and "not a useful attack."
Ars Technica stands by the reporting in this article.