Posts To the Future and Back: Hacking a TOTP Hardware Token (SYSS-2021-007)

To the Future and Back: Hacking a TOTP Hardware Token (SYSS-2021-007)

During a research project, SySS IT security expert Matthias Deeg found a security issue in the RFID-based TOTP hardware token Protectimus SLIM NFC. Due to a design error, the time (internal real-time clock) of this time-based one-time password (TOTP) hardware token can be set independently from the used cryptographic secret key (seed value) for generating one-time passwords without any required authentication.

Thus, an attacker with short-time physical access to a Protectimus SLIM token can set the internal real-time clock (RTC) to the future, generate one-time passwords at will, and afterwards reset the clock to the current time. This allows for generating valid future time-based one-time passwords without having further access to the hardware token. From a security perspective, this is an undesired property for this kind of security device.

We have reported this security issue in the course of our responsible disclosure program to the manufacturer via our security advisory SySS-2021-007 (CVE-2021-32033).

The described time traveler attack against the Protectimus SLIM NFC is demonstrated in our SySS PoC video To the Future and Back - Attacking a TOTP Hardware Token.

You can also find the source code of our developed Lua script for the Proxmark3 RFID platform on our GitHub site.

This post is licensed under CC BY 4.0 by the author.