Sources close to RSA tell Ars that the March breach did indeed result in seeds being compromised. The algorithm is already public knowledge.
As a result, SecurID offered no defense against the hackers that broke into RSA in March. For those hackers, SecurID was rendered equivalent to basic password authentication, with all the vulnerability to keyloggers and password reuse that entails.
So they got a lot of the seeds and then were basically down to trial and error, similar to know passwords.
It seems that they were reduced to guessing the PIN's and/or brute forcing them, hence the initial comment from RSA about increasing PIN length.
One would have hoped that the LMC admins would have detected a brute force attack against their RSA servers, I guess they were already infested with keyloggers?
So the seeds are in fact equivalent to a signature made with symmetric keys... If the SecureID card used asymmetric keys with a truly private key, such incident could not have happened.
Using private keys stored in a hardware carried with the owner with a challenge Q&A seems more secure.
The SecureID device S computes S(s,t) without any input from the server the user is authenticating to. t is synchronized time and available to everyone. s is a secret specific to that device. I don't know if it's a shared secret, but the compromise suggests that either it is, or RSA kept the 'private key' part on their servers for convenience.
You're right that a different device S' that received a challenge c from the server and computed S'(c,s,t) could offer more security via public key crypto. But it would take more power (if communicating to the client machine to avoid user transcription of the challenge) or have a more cumbersome UI. I'll bet such devices are already sold.
Sources close to RSA tell Ars that the March breach did indeed result in seeds being compromised. The algorithm is already public knowledge.
As a result, SecurID offered no defense against the hackers that broke into RSA in March. For those hackers, SecurID was rendered equivalent to basic password authentication, with all the vulnerability to keyloggers and password reuse that entails.
So they got a lot of the seeds and then were basically down to trial and error, similar to know passwords.