RE: PEAP / MSCHAP2 / LDAP
I just can't leave it alone sorry... You talk about an attacker attacking the NTHASH... Why did you bring this in? I thought the discussion was about PEAP-MSCHAPV2 LDAP compatibility... PEAP makes sure the attacker can't get at MSCHAPV2 and MSCHAPV2 allows the use of an database fill of hashed passwords which could be considered safer than clear text... So why talk about attacking the NTHASH... I don't understand... why? Maybe you were talking about an inside attack, when the NTHASH is retreived from LDAP? But again can't SSL be used to secure the line? bye, Tom. -Original Message- From: Tom Rixom Sent: Thursday, February 26, 2004 10:37 AM To: [EMAIL PROTECTED] Subject: RE: PEAP / MSCHAP2 / LDAP Are you trying to help or is this just one of those pointless discussions in where we show off how much we know about encryption, PS sorry I meant hashing... bye, Tom. -Original Message- From: Artur Hecker [mailto:[EMAIL PROTECTED] Sent: Thursday, February 26, 2004 9:46 AM To: [EMAIL PROTECTED] Subject: Re: PEAP / MSCHAP2 / LDAP hi Tom Rixom wrote: How do you explain that Microsoft Clients almost all use MSCHAP in some form to authenticate and that all Microsoft passwords are stored in encrypted form... ;) remark: i've never talked about encryption. encryption is always reversible, provided that you have the key. i've also never tried to explain ms-chap. simply read the original mail, there is a claim inside which can be understood as take hashX, store the passwords hashed with hashX, and it'll be ok for your challenge/response system. ahem, no, it won't! I can't recall the exact specs of MSCHAPV2 but the I remember it to be something like: Client Server --- CHALLENGE HASH( CHALLENGE + NTHASH(PASSWORD)) server retrieves NTHASH(PASSWORD) from LDAP database. server verifies HASH(CHALLENGE + NTHASH(PASSWORD)) what you've sent here is exactly what i've sent: replace password with nthash(password). this is like renaming X to Y. if i am an attacker and i'm trying to attack such a system, why would i bother to want to know the password? the nthash of it is sufficient. even the dictionary attack is not really more difficult here; you have to hash twice... that's not an improvement. otherwise it is like chap. i would agree however that in that scheme nthash does not have to be reversible; however, it is not used on the challenge neither. thus, that was not the point of my email. the point was that you can't say that using the same hash function will work. indeed, in your example above the HASH and the NTHASH function need not be equivalent. ciao artur -- __ Artur Heckerhttp://www.enst.fr/~hecker Groupe Accs et Mobilit / Computer Science and Networks E N S T Paris ___ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html .mmzyv .+-wmmzmyv+?+-m
Re: PEAP / MSCHAP2 / LDAP
that's getting quite consuming, but who says a must say b, right? :-) Please do not take my e-mails personally... I must say that I thought you might be one of those show offs who pick through peoples e-mails looking for mistakes and then completely mis the point of the e-mail. My appologies if I am mistaken. i actually almost never reply :-) one thing, if i was a show-off, wouldn't it be much more comfortable for me to take 5 min in order to take a look at the specs and show off even more instead of making assumptions based only on what has been said before? just type nt-hash in google :-) I just think you might have misread the post you reacted to. perhaps! i will immediately admit that. It is possible to use PEAP / MSCHAPv2 with LDAP, however one must store the NT-Hash password in LDAP. I've had the same problem with crypts as my password encryption in LDAP. I ended having to create an extra LDAP attribute for NT-Hash passwords. this is the part which i understand as misleading. since the author talks about crypt, one could suppose that this is the general approach. i.e. if the protocol uses crypt, you should store the crypt-password in the DB, etc. you see, when you try to explain the basic problem, you have to insist on the fact that the database and the client must hash the same data, be this data X or hash(X) or DES(X) - it doesn't change anything. this data must be available on both ends, point. perhaps my reaction was due to somebody who's recently proposed to me the following trick to make PEAP work with backend Unix' system authentication: with the same argument of double hashing, the idea was to type the string stored in the shadow file at the PEAP prompt... now after the discussion with you i see that applied to ms-chap the post seems to be correct. that's the reason why i've written i think that this is wrong and not this is wrong in my original post. ciao artur -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
PEAP / MSCHAP2 / LDAP
I would like to use PEAP / MSCHAP2 / LDAP But I have got this kind of erros and my users cant authenticate rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: No LM-Password or NT-Password attribute found. Cannot perform MS-CHAP authentication. My password is stored in my LDAP directory using Crypt. I dont understand what is LM or NT password. Why it dont use the LDAP passwd ??? Have u got an idea ??? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP / MSCHAP2 / LDAP
See many many previous discussions in this list on the requirement of cleartext passwords for MS-CHAP. --Mike On Wed, 2004-02-25 at 08:30, Arthur EBEL wrote: I would like to use PEAP / MSCHAP2 / LDAP But I have got this kind of erros and my users cant authenticate rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: No LM-Password or NT-Password attribute found. Cannot perform MS-CHAP authentication. My password is stored in my LDAP directory using Crypt. I dont understand what is LM or NT password. Why it dont use the LDAP passwd ??? Have u got an idea ??? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- --Mike -- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP / MSCHAP2 / LDAP
On Wed, 2004-02-25 at 08:30, Arthur EBEL wrote: I would like to use PEAP / MSCHAP2 / LDAP My password is stored in my LDAP directory using Crypt. See many many previous discussions in this list on the requirement of cleartext passwords for MS-CHAP. OK, time for some user education has to happen here. (Feel free to correct me if this is in any way wrong) NT-Hash is a password encryption technology just like crypt is a password encryption technology. If you have a clear text password you can encrypt it and come out with a NT-Hash password, or you could encrypt it and come out with a crypt password. However, once it is in an encrypted form it is impossible to compare two different encryption forms to tell if it is the same password. PEAP / MSCHAPv2 passes the password encrypted with NT-Hash encryption, so it is impossible to compare it against the crypt password stored in LDAP. It is also impossible to decrypt the NT-Hash password back to a clear text password, so the password passed with PEAP / MSCHAPv2 cannot be used in a LDAP bind either. It is possible to use PEAP / MSCHAPv2 with LDAP, however one must store the NT-Hash password in LDAP. I've had the same problem with crypts as my password encryption in LDAP. I ended having to create an extra LDAP attribute for NT-Hash passwords. Whenever a user now goes through a password change, the NT-Hash password attribute will also be populated at the same time the crypt password is changed in LDAP. After you set this up, make sure to define the attribute in the ldap.attrmap for NT-Password and it will work great with PEAP / MSCHAPv2. Chris Wieringa [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html