A synchronous password token has to operate at the same pace as the receiver. That is, the token has to advance to the next random number at the same time the receiver advances. Because of clock imprecision, the two units will not always be perfectly together; for example, the token’s clock might run 1 second per day slower than the receiver’s. Over time, the accumulated difference can be significant. Suggest a means by which the receiver can detect and compensate for clock drift on the part of the token.

What will be an ideal response?


The algorithm for SecurID is a good example of maintaining synchronization. Essentially, if the token presents a value of X, the receiver compares X to the current expected value, as well as several earlier and several later values. If any of these matches, the receiver resets its expected value to the matched point. The receiver also checks when the token’s andreceiver’s times were last synchronized. If the times have not been synchronized recently (that is, if the token has not recently been used for authentication), the receiver will allow greater possible drift between the token’s and receiver’s clocks.

Computer Science & Information Technology

You might also like to view...

An array name can be an lvalue.

Answer the following statement true (T) or false (F)

Computer Science & Information Technology

The HDMI connector is both an analog and a digital interface

Indicate whether the statement is true or false

Computer Science & Information Technology

Answer the following statement(s) true (T) or false (F)

1. A data collector is a resource for storing data such as a spreadsheet while a data container is a mechanism to obtain data from a data source. 2. A risk score for a likelihood of 1 and an impact of 5 is 1/5. 3. An information security risk assessment project sponsor can be your immediate boss. 4. When the control has been implemented and data sheets about the control are available, we call the control a repeatable control of scale of 2. 5. A final impact score is the sum of the confidentiality, integrity and availability impact scores.

Computer Science & Information Technology

Which operator performs string concatenation?

a) & b) @ c) % d) #

Computer Science & Information Technology