RE: PEAP / MSCHAP2 / LDAP
I just can't leave it alone sorry...
You talk about an attacker attacking the NTHASH...
Why did you bring this in? I thought the discussion was about
PEAP-MSCHAPV2 LDAP compatibility...
PEAP makes sure the attacker can't get at MSCHAPV2 and MSCHAPV2
allows the use of an database fill of hashed passwords which
could be considered safer than clear text...
So why talk about attacking the NTHASH... I don't understand... why?
Maybe you were talking about an inside attack, when the NTHASH
is retreived from LDAP? But again can't SSL be used to secure the line?
bye,
Tom.
-Original Message-
From: Tom Rixom
Sent: Thursday, February 26, 2004 10:37 AM
To: [EMAIL PROTECTED]
Subject: RE: PEAP / MSCHAP2 / LDAP
Are you trying to help or is this just one of those pointless
discussions in
where we show off how much we know about encryption, PS
sorry I meant hashing...
bye,
Tom.
-Original Message-
From: Artur Hecker [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 26, 2004 9:46 AM
To: [EMAIL PROTECTED]
Subject: Re: PEAP / MSCHAP2 / LDAP
hi
Tom Rixom wrote:
How do you explain that Microsoft Clients almost all use
MSCHAP in some form
to authenticate and that all Microsoft passwords are stored
in encrypted form... ;)
remark: i've never talked about encryption. encryption is always
reversible, provided that you have the key.
i've also never tried to explain ms-chap. simply read the
original mail,
there is a claim inside which can be understood as take
hashX, store
the passwords hashed with hashX, and it'll be ok for your
challenge/response system. ahem, no, it won't!
I can't recall the exact specs of MSCHAPV2 but the I
remember it to be
something like:
Client Server
--- CHALLENGE
HASH( CHALLENGE + NTHASH(PASSWORD))
server retrieves NTHASH(PASSWORD) from LDAP database.
server verifies HASH(CHALLENGE + NTHASH(PASSWORD))
what you've sent here is exactly what i've sent: replace
password with
nthash(password). this is like renaming X to Y. if i am an
attacker and
i'm trying to attack such a system, why would i bother to
want to know
the password? the nthash of it is sufficient. even the
dictionary attack
is not really more difficult here; you have to hash twice...
that's not
an improvement.
otherwise it is like chap. i would agree however that in
that scheme
nthash does not have to be reversible; however, it is not
used on the
challenge neither. thus, that was not the point of my email.
the point was that you can't say that using the same hash
function will
work. indeed, in your example above the HASH and the NTHASH
function
need not be equivalent.
ciao
artur
--
__
Artur Heckerhttp://www.enst.fr/~hecker
Groupe Accs et Mobilit / Computer Science and Networks
E N S T Paris ___
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
.mmzyv
.+-wmmzmyv+?+-
m
Re: PEAP / MSCHAP2 / LDAP
that's getting quite consuming, but who says a must say b, right? :-) Please do not take my e-mails personally... I must say that I thought you might be one of those show offs who pick through peoples e-mails looking for mistakes and then completely mis the point of the e-mail. My appologies if I am mistaken. i actually almost never reply :-) one thing, if i was a show-off, wouldn't it be much more comfortable for me to take 5 min in order to take a look at the specs and show off even more instead of making assumptions based only on what has been said before? just type nt-hash in google :-) I just think you might have misread the post you reacted to. perhaps! i will immediately admit that. It is possible to use PEAP / MSCHAPv2 with LDAP, however one must store the NT-Hash password in LDAP. I've had the same problem with crypts as my password encryption in LDAP. I ended having to create an extra LDAP attribute for NT-Hash passwords. this is the part which i understand as misleading. since the author talks about crypt, one could suppose that this is the general approach. i.e. if the protocol uses crypt, you should store the crypt-password in the DB, etc. you see, when you try to explain the basic problem, you have to insist on the fact that the database and the client must hash the same data, be this data X or hash(X) or DES(X) - it doesn't change anything. this data must be available on both ends, point. perhaps my reaction was due to somebody who's recently proposed to me the following trick to make PEAP work with backend Unix' system authentication: with the same argument of double hashing, the idea was to type the string stored in the shadow file at the PEAP prompt... now after the discussion with you i see that applied to ms-chap the post seems to be correct. that's the reason why i've written i think that this is wrong and not this is wrong in my original post. ciao artur -- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
PEAP / MSCHAP2 / LDAP
I would like to use PEAP / MSCHAP2 / LDAP But I have got this kind of erros and my users cant authenticate rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: No LM-Password or NT-Password attribute found. Cannot perform MS-CHAP authentication. My password is stored in my LDAP directory using Crypt. I dont understand what is LM or NT password. Why it dont use the LDAP passwd ??? Have u got an idea ??? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP / MSCHAP2 / LDAP
See many many previous discussions in this list on the requirement of cleartext passwords for MS-CHAP. --Mike On Wed, 2004-02-25 at 08:30, Arthur EBEL wrote: I would like to use PEAP / MSCHAP2 / LDAP But I have got this kind of erros and my users cant authenticate rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: No LM-Password or NT-Password attribute found. Cannot perform MS-CHAP authentication. My password is stored in my LDAP directory using Crypt. I dont understand what is LM or NT password. Why it dont use the LDAP passwd ??? Have u got an idea ??? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- --Mike -- Michael Griego Wireless LAN Project Manager The University of Texas at Dallas - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: PEAP / MSCHAP2 / LDAP
On Wed, 2004-02-25 at 08:30, Arthur EBEL wrote: I would like to use PEAP / MSCHAP2 / LDAP My password is stored in my LDAP directory using Crypt. See many many previous discussions in this list on the requirement of cleartext passwords for MS-CHAP. OK, time for some user education has to happen here. (Feel free to correct me if this is in any way wrong) NT-Hash is a password encryption technology just like crypt is a password encryption technology. If you have a clear text password you can encrypt it and come out with a NT-Hash password, or you could encrypt it and come out with a crypt password. However, once it is in an encrypted form it is impossible to compare two different encryption forms to tell if it is the same password. PEAP / MSCHAPv2 passes the password encrypted with NT-Hash encryption, so it is impossible to compare it against the crypt password stored in LDAP. It is also impossible to decrypt the NT-Hash password back to a clear text password, so the password passed with PEAP / MSCHAPv2 cannot be used in a LDAP bind either. It is possible to use PEAP / MSCHAPv2 with LDAP, however one must store the NT-Hash password in LDAP. I've had the same problem with crypts as my password encryption in LDAP. I ended having to create an extra LDAP attribute for NT-Hash passwords. Whenever a user now goes through a password change, the NT-Hash password attribute will also be populated at the same time the crypt password is changed in LDAP. After you set this up, make sure to define the attribute in the ldap.attrmap for NT-Password and it will work great with PEAP / MSCHAPv2. Chris Wieringa [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
