From: =?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@stallion.ee>
Date: Thu, 8 Aug 1996 09:36:08 +0800
To: cypherpunks@toad.com
Subject: Re: F2 hash?
In-Reply-To: <199608072029.NAA29976@jobe.shell.portal.com>
Message-ID: <Pine.GSO.3.93.960808011718.28847G-100000@nebula.online.ee>
MIME-Version: 1.0
Content-Type: text/plain


 Wed, 7 Aug 1996 anonymous-remailer@shell.portal.com wrote:

> F2 is a secret hash from SecurityDynamics, and is used in
> their client software.  (Its not the hash in the cards, but
> if anyone has a copy of that, it might be fun.)

As I have to deal with SecurID tokens in the nearest future, I would like
to hear more opinions about these cards. IMHO a proprietary algorithm like
used in those cards is a bad thing and I would like an open approach much
more, I still believe SecurID OTP cards are much better then usual
passwords.

At Defcon this year they promised to tell about some security flaws in
SecurID tokens, anyone know more about that?

Personally I believe that Security Dynamics should come out with some kind
of new systems in the nearest future, now that they own RSA. 

Jüri Kaljundi
AS Stallion
jk@stallion.ee