Skip to main content

What is RSASecure ID and How it works


RSA SecureID is in use from long time, I think even before GPS. It uses two factor authentication mechanism. **RSA SecurID**, formerly referred to as **SecurID**, is a mechanism developed by Security Dynamics (later RSA Security and now RSA, The Security Division of EMC (RSA Security)) for performing two-factor authentication (Two-factor authentication) for a user to a network resource.

RSA secureID generates token which is then transmitted to the server where it is matched against the stored value in the server database. to understand it clearly we need to go through one use case and i hope that will make things pretty clear. This token can be transmitted using USB port or directly by user input. so 2 type of device is being used.


John Smith joins a new company, According to new company's information security policy John is instructed to use RSASecureID to authenticate himself in corporate network. From the companies IT infrastructure department he got his brand new RSASecureID
This RSASecureID has a serial number in the back. This serial ID is stored in the server database and mapped to the John's email address and few other attributes which are unique to Mr. Smith. This will be used later to match againt the input of John Smith while logging into the corporate network.
Is this the only values stored in the Server ? obviously not !

 So how is works -
There is 128 bit key which is stored in the server mapped to the serial number and user id of John Smith. This Key id often called as Seed. Point to make note is, this seed is also hardcoded in the RSASecureID. so up untill this point we know that the Seed value is constant and is available both in RSASecureID device and server. This Seed value and the timestamp is passed in to the algorithm as input which genates long length output and 8 digit hash is calculated from this long length encrypted value.
Important point to make note is the clock in the server side and in RSASecureID is synched. There are some additional intellegence built into the server, if the values does not match server calculates this by adjusting the clock to plus or minus one minite.
In the server side same process gets repeated and generated hash is compared against the one which comes from the user, if the match is successful then users gets authenticated without any issues.

 How John Smith Uses it-
John open the authentication portal and propmted to enter the username and password. His username is his email (could be anything, but lets take email for simplifying this) and password is combination of his password and the hash generated in the RSASecureID devive. This value is then transfered to server securely.
Server finds the serial number mapped to his ID and from there it picks the seed value. Server goes on to generate the encrypted value by taing the timstamp and seed. It genrates the hash and append it to the John Smith password. It will then compare it with the entered value, if the match is success then Mr. Smith is authenticated.
Labels:

Comments

Post a Comment

Popular posts from this blog

Mobile Message Organizer

Got a basic requirement that i think every mobile should have, all the mail clients have this facility and i dont see any big difficulties on this other than the storage problem which is not a problem at all as we got GB of spaces in our memory cards. Well i am talking about the organizing the messages in Inbox , categorization of messages. Suppose i want to store all the messages from one of my friend say A in a folder called Personal, my existing mobile device Nokai E71 doesn't have this feature inbuilt (Ofcourse if you want you can make a folder and move the messages manually but here i am talking about the idea of automating this procedure). Only thing we need to do is , we have to store the rules in separate location , rules will be defined by the user and then device will follow these rules.There are no or very less software available which satisfy this requirement for mobile device.this is so simple but basic requirement as per the end user. I am going to make this one
2 comments
Read more

Indian Education System : Let's shape it

Good advice is always certain to be ignored, but that's no reason not to give it.                                                                                        By Agatha Christie   This is one of the things that I wanted to write from long back and per my opinion it should be matter of at most important for any educated person of India. Today in this article I would like  focus on reminding people about the importance of education and educational departments  no matter those are government related or privately held. Whatever we are today is only because the level of education that we have, other than Jobs and money education adds lot many dimension to our life, one can easily distinguish an educated and uneducated person. Respect, honesty, integrity, values and so many useful things which are foundation of well being comes from very basic education that we get from various teachers and institute. Educational institute are known for the quality education they pr
1 comment
Read more

The Bourne Betrayal | Book Review

Novel by Eric Van Lustbader and Robert Ludlum I like all Robert Ludlum’s novels including those which are written by Evan Lastbadder. To me his novels have taken fiction to the next level. During my way back to Hyderabad from my last summer trip to hometown I bought paperback version of “The Bourne Betryal”. This novel was full of Lastbadder’s style of writing than Robert Ludlum’s one.  I took almost 6 months to complete it. This novel has something different to offer actually. Plot is exciting but the story is not very accelerating. Jason bourn and Martin Lindros, When martin Lindros decided to come back in the field operations with the aim to destroy Fadi and When Martin is out the track , Jason is the only help possible in the situation. Story takes you through various struggle of Jason to bring Martin back home. There are few things where author has not even paid any attention for example how does an ordinary Pakistani Waiter will have that much of information   Towards the e
Post a Comment
Read more