For at least 15 years there's been general grumbling that the MD5 based stream cipher used for confidentiality in RADIUS looks like snake oil.
Given how widely used the protocol is, and the failure of various successor protocols (cute names and all -- TANGENT anyone?) I have always been surprised that the cipher seems not to have received any serious cryptanalytic attention. On the other hand I am not mathy enough to frequently read the primary literature. Does anyone know of any work that's been done on this? Thor _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography