I have one of those key fobs. Does the code somehow inform the power the be about the drift in the built in clock? Or is the time element of the code so sloppy that the drift is acceptable?
-----Original Message----- From: Jim Lux <[email protected]> Sender: [email protected] Date: Mon, 03 Dec 2012 15:45:24 To: <[email protected]> Reply-To: Discussion of precise time and frequency measurement <[email protected]> Subject: Re: [time-nuts] Time security musing - attacking the clock itself On 12/3/12 9:32 AM, dlewis6767 wrote: > I agree, Bob. > > Like the billboard on the side of the highway says: - Does Advertising > Work? JUST DID - > > The bad guys can read this list same as the good guys. > > Security through obscurity never works in the long run. Much better to discuss vulnerabilities in the open, and discuss countermeasures that are robust. Clock synchronization is of great interest in a variety of crypto systems where keys are changed on a predetermined schedule (the RSA two factor authentication key fob is an interesting instance). It's even trickier when you have to distribute "time" in a secure way (in the sense that not only is the "at the tone, the time is" message is reliable, but also that the timing of the "tone" is reliable). The various redundancy and reasonableness checks (e.g. for GPS) are in this area as well. The question is: "Can I distribute timing information through a network reliably" _______________________________________________ time-nuts mailing list -- [email protected] To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there. _______________________________________________ time-nuts mailing list -- [email protected] To unsubscribe, go to https://www.febo.com/cgi-bin/mailman/listinfo/time-nuts and follow the instructions there.
