5

Has anybody worked with or integrated the Vasco Digipass Mobile SDK OTP generator into a custom mobile app for iOS devices?

I am currently performing a full security evaluation of the solution (end-to-end) and was wondering if there was already work performed by others on this.

I am interested in the activation process of a new device, the crypto implementations, storage of local data on the mobile device, authentication mechanisms, generation of the OTP, and other attack surfaces.

user20197
  • 61
  • 1
  • 2
  • Just to clarify, OTP = One Time Pad? – NULLZ Jan 30 '13 at 13:38
  • OTP = One Time Password – user20197 Jan 30 '13 at 13:42
  • 1
    Before you head down this road, I'd recommend considering Google's [HOTP](https://tools.ietf.org/html/rfc4226)/[TOTP](http://tools.ietf.org/html/rfc6238) implentation ([Google Authenticator](https://code.google.com/p/google-authenticator/)). It's free, it's open, it's standards-based, you can use it with any system, and it's available on [all platforms](http://en.wikipedia.org/wiki/Google_Authenticator). You have no excuse for using any other system. – tylerl Jul 28 '13 at 05:34

2 Answers2

3

I don't know about 'Vasco Digipass Mobile SDK OTP generator' particularly, but I have evaluated Software OTP generators in the past and these are things I would look at.

  • Is the app protected by a PIN? If it is protected with a PIN, then what happens when you key in a wrong PIN? Does it still generate an OTP or does it report an error message. The relevance of this question: An OTP generator uses a secret key which is shared with the Authentication server. Now the secret key has to be stored somewhere on the device & hence it's vulnerable if the device is lost. Hence it's better if the app is protected with a PIN. Now next question is where is the PIN stored? If the PIN is stored on the device then the protection again becomes meaningless. Because just like the secret key, the PIN also would be vulnerable to attack if the device is lost. So what's the alternative? First alternative is to use the PIN to encrypt the secret key & not store the PIN on the device. However, this is still not a good method because, once the device is lost, it can be brute forced. So what's the better alternative. The OTP generation uses both the PIN & secret key as inputs to the OTP generation algorithm. In this case, if you type the wrong PIN, then the OTP is still generator because the app does not know if the PIN is correct or wrong. However, if you type in the wrong PIN, then the OTP generated would be wrong. Because the Server would be generating the OTP with the right PIN and hence it wouldn't match the one generated by the app. i.e. the PIN is implicitly verified and not explicitly verified. So how would you know if your app stores the PIN locally or uses the PIN to encrypt the secret key, then app typically gives an error message when you type in the wrong PIN. Whereas, if the PIN is not stored locally, then the app doesn't give an error message with the wrong PIN.

  • What algorithm does the OTP generator use? Does it use a Time based algorithm or an Event (Counter) based algorithm. Hardware OTP generators always usually use a Time based algorithm, but a lot of Software based OTP generation apps use Event based because the assumption is that the time on the mobile device may be off - may not be in sync with the server time. How is this relevant? Event based OTPs never expire. Or actually they expire only when they are used or when a more recent OTP is used. If you use your OTP generator app to generate an OTP now, you can note down the OTP & use it after any number of days as long as you haven't done any other authentication in between. i.e if you generate 2 otps & note them down, then if you use the 2nd OTP for an authentication, it will work, but the 1st one automatically expires. Since Event (Counter) based OTPs do not expire they are a little more easily offline attacked then the time based OTP. Is there a mitigation for this. There is another Event based OTP algorithm called OCRA (Challenge Response based). Here the server throws a challenge which has to be input into the app before it generates the OTP. IMHO, for a mobile device (where you may not be able to use Time based OTPS), an event based one which uses the Challenge Response mechanism may be better than a plain Event based one. However for lay users, it may be a little confusing.

  • How is activation done? Is the shared key sent over SMS or something like that? That may make it a little insecure. Some OTP generators are activated by negotiation - i.e. the client and server negotiate the shared key using some standard like DSKPP. These may be more secure than the ones where the key is sent over SMS.

user93353
  • 1,982
  • 3
  • 19
  • 33
1

Read up on these links:

How does HSBC's "Secure Key" actually work?

http://www.fcollyer.com/2012/11/04/digipass-go3-everything-i-know/

http://www.surfnet.nl/Documents/rapport_201105_evaluation_vasco_DP_Nano_1_0_0.pdf

Community
  • 1
Andy Thompson
  • 206
  • 1
  • 3