![]() Once the user enters the username, RSA takes in the user-name and searches their database to find what seed record is associated with the token and runs the same hashing algorithm thereby taking in current time and seed record to generate the 8 digit output that must match the 8 digit output entered by the user along with the username. Nonetheless, from the 8-bit output, it is impossible to reverse engineer to generate the 128-bit seed record.Īs shown in Figure 2, below, token code generated is supplied to the website or VPN Client that pass the token to the authentication server run by RSA. ![]() ![]() Though confusing, it is important to note that this has no resemblance to RSA public key cryptography that is based on Asymmetric keys or Public-Private key pair. The algorithm typically used during this step is based on the AES-128 Symmetric cryptography standard. ![]() For every 60 seconds, the processor in the SecurID device takes in a 64-bit current time and 128-bit seed record that generates a very large number (via algorithm) that is finally hashed down to produce 6 or 8-digit output.
0 Comments
Leave a Reply. |