Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

Does anyone know of any work that's been done on this? I think the closest to what you ask is this: http://www.untruth.org/~josh/security/radius/radius-auth.html I'm not familiar with this protocol at all, but in briefly skimming this paper and the description of the cipher, it seems

Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

I'd look at the rfc before asking this. You seem to be looking for application issue (overrun or parse issues) which has nothing to do with the crypto. IIRC the password is padded up to 112 characters - Idr much more than that. ___ cryptography mailing

Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

On Wed, Feb 4, 2015 at 5:22 AM, Thor Lancelot Simon t...@panix.com wrote: Given how widely used the protocol is, and the failure of various successor protocols (cute names and all -- TANGENT anyone?) I have always been surprised that the cipher seems not to have received any serious

Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

http://www.untruth.org/~josh/security/radius/radius-auth.html I'm not familiar with this protocol at all, but in briefly skimming this paper and the description of the cipher, it seems like the there's opportunity for padding oracle attacks, provided the server somehow indicates (through

Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

Thor Lancelot Simon t...@panix.com writes: For at least 15 years there's been general grumbling that the MD5 based stream cipher used for confidentiality in RADIUS looks like snake oil. It's not snake oil, the MD5-based masking was created because it was exportable. Proper crypto like DES

Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

This is possibly old but there's a great analysis here: http://www.untruth.org/~josh/security/radius/radius-auth.html - Naveen On Wed, Feb 04, 2015 at 08:22:03AM -0500, Thor Lancelot Simon wrote: For at least 15 years there's been general grumbling that the MD5 based stream cipher used for

[cryptography] Cryptanalysis of RADIUS MD5 cipher?

For at least 15 years there's been general grumbling that the MD5 based stream cipher used for confidentiality in RADIUS looks like snake oil. Given how widely used the protocol is, and the failure of various successor protocols (cute names and all -- TANGENT anyone?) I have always been surprised

Re: [cryptography] Cryptanalysis of RADIUS MD5 cipher?

On Wed, Feb 04, 2015 at 08:22:03AM -0500, Thor Lancelot Simon wrote: For at least 15 years there's been general grumbling that the MD5 based stream cipher used for confidentiality in RADIUS looks like snake oil. Given how widely used the protocol is, and the failure of various successor