RE: PEAP / MSCHAP2 / LDAP

Thu, 26 Feb 2004 01:36:23 -0800 

Are you trying to help or is this just one of those pointless discussions in
where we show off how much we know about encryption, OOOOPS sorry I meant hashing...

bye,

Tom.

> -----Original Message-----
> From: Artur Hecker [mailto:[EMAIL PROTECTED]
> Sent: Thursday, February 26, 2004 9:46 AM
> To: [EMAIL PROTECTED]
> Subject: Re: PEAP / MSCHAP2 / LDAP
> 
> 
> hi
> 
> 
> Tom Rixom wrote:
> > How do you explain that Microsoft Clients almost all use 
> MSCHAP in some form
> > to authenticate and that all Microsoft passwords are stored 
> in encrypted form... ;)
> 
> remark: i've never talked about encryption. encryption is always 
> reversible, provided that you have the key.
> 
> i've also never tried to explain ms-chap. simply read the 
> original mail, 
> there is a claim inside which can be understood as "take hashX, store 
> the passwords hashed with hashX, and it'll be ok for your 
> challenge/response system". ahem, no, it won't!
> 
> 
> > I can't recall the exact specs of MSCHAPV2 but the I 
> remember it to be
> > something like:
> >  
> > Client                       Server                      
> > <------------------- CHALLENGE 
> > ----> HASH( CHALLENGE + NTHASH(PASSWORD))
> >  
> > server retrieves NTHASH(PASSWORD) from LDAP database.
> > server verifies HASH(CHALLENGE + NTHASH(PASSWORD))
> 
> what you've sent here is exactly what i've sent: replace 
> password with 
> nthash(password). this is like renaming X to Y. if i am an 
> attacker and 
> i'm trying to attack such a system, why would i bother to 
> want to know 
> the password? the nthash of it is sufficient. even the 
> dictionary attack 
> is not really more difficult here; you have to hash twice... 
> that's not 
> an improvement.
> 
> otherwise it is like chap. i would agree however that in that scheme 
> nthash does not have to be reversible; however, it is not used on the 
> challenge neither. thus, that was not the point of my email.
> 
> the point was that you can't say that using the same hash 
> function will 
> work. indeed, in your example above the HASH and the NTHASH function 
> need not be equivalent.
> 
> 
> ciao
> artur
> 
> -- 
> __________________________________________________________
> Artur Hecker                  http://www.enst.fr/~hecker
> Groupe AccÃs et Mobilità  /  Computer Science and Networks
> E N S T  Paris ___________________________________________
> 
> 
> - 
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> 
â²Ø~ì®&Þþéì®&ÞIçÚÿ0~·ž­§bºÊ+ƒùb²ßî±êì†Ù

Reply via email to