By: pepe
Regarding the point that robustness of smartcards is not taken seriously, this work is also worth mentioning: http://secgroup.ext.dsi.unive.it/projects/security-apis/pkcs11-security/tookan/
View ArticleBy: Jeff Randall
SecurID is the one-time-password portion of the SecurID 800 product, which is in no way affected by the issues with PKCS#11. That particular product is poorly named in that it implies that any flaws...
View ArticleBy: Sam Curry
This is a good point, pepe, and you’ll notice that if you scroll down on the page to the table of vendors that RSA is linked as one of the only vendors to respond. The link there goes to the following...
View ArticleBy: Nate Lawson
Their own blog calls it the “RSA SecurID 800″ so your issue is with them, not me.
View ArticleBy: Nate Lawson
Repeating your previous claims but more forcefully does not make them more valid. It’s clear to me this is only a PR exercise for you since you continue to overlook the aspects to this that you have no...
View ArticleBy: pepe
“RSA has explicitly asked us to publish the following information”…yes, I can imagine how that came to be. You know, when presenting the paper at CCS, the authors gave some very entertaining and also...
View Article
