Definitions[]
A token (also referred to as an electronic token, security token, hardware token, hard token, authentication token, cryptographic token, access token, or key fob) is
“ | [s]omething that the claimant possesses and controls (typically a key or password) used to authenticate the claimant's identity.[1] | ” |
“ | [a] data structure that contains authorization information for a user or group. A system uses an access token to control access to securable objects and to control the ability of a user to perform various system-related operations on a local computer.[2] | ” |
“ | [a] small device with an embedded computer chip that can be used to store and transmit electronic information.[3] | ” |
Overview[]
It may be a physical device or software that an authorized user of computer services is given to assist in authentication.
Tokens are used to prove one's identity electronically (as in the case of a customer trying to access their bank account). The token is used in addition to or in place of a password to prove that the customer is who they claim to be. The token acts like an electronic key to access something.
Token threats[]
If an attacker can gain control of a token, they will be able to masquerade as the token's owner. Threats to tokens can be categorized into attacks on the three factors:
- Something you have may be stolen from the owner or cloned by the attacker. For example, an attacker who gains access to the owner’s computer might copy a software token. A hardware token might be stolen or duplicated.
- Something you know may be disclosed to an attacker. The attacker might guess a password or PIN. Where the token is a shared secret, the attacker could gain access to the CSP or verifier and obtain the secret value. An attacker may install malicious software (e.g., a keyboard logger) to capture this information. Finally, an attacker may determine the secret through off-line attacks on network traffic from an authentication attempt.
- Something you are may be replicated. An attacker may obtain a copy of the token owner's fingerprint and construct a replica.[4]
Mitigating threats[]
There are several complementary strategies to mitigate these threats:
- Multiple factors raise the threshold for successful attacks. If an attacker needs to steal a cryptographic token and guess a password, the work factor may be too high.
- Physical security mechanisms may be employed to protect a stolen token from duplication. Physical security mechanisms can provide tamper evidence, detection, and response.
- Complex passwords may reduce the likelihood of a successful guessing attack. By requiring use of long passwords that do not appear in common dictionaries, attackers may be forced to try every possible password.
- System and network security controls may be employed to prevent an attacker from gaining access to a system or installing malicious software.[5]
References[]
- ↑ NIST Special Publication 800-63.
- ↑ Cyber Security Combined Glossary Project, at 7.
- ↑ FFIEC IT Examination Handbook, Glossary (full-text).
- ↑ Id.
- ↑ Id.