General technical discussions.
User avatar
ristau5741
Post Whore
Posts:
10516
Joined:
Tue Aug 21, 2007 2:15 pm
Certs:
Instanity

FYI: MS-CHAPv2 cracked with 100% success rate

Tue Jul 31, 2012 7:29 am

yikes

directly from the ISC

Moxie Marlinspike and David Hulton gave a talk at Defcon 20 on a presentation on cracking MS-CHAPv2 with 100% success rate. This protocol is still very much in use with PPTP VPNs, and WPA2 Enterprise environments for authentication.

Moxie's recommendations [1]:

1- All users and providers of PPTP VPN solutions should immediately start migrating to a different VPN protocol. PPTP traffic should be considered unencrypted.
2- Enterprises who are depending on the mutual authentication properties of MS-CHAPv2 for connection to their WPA2 Radius servers should immediately start migrating to something else.

Knowing that MS-CHAPv2 can now be cracked, what alternatives are you considering to secure your now insecure communications? The two alternatives suggested by Moxie are "[...] OpenVPN configuration, or IPSEC in certificate rather than PSK mode."

[1] https://www.cloudcracker.com/blog/2012/ ... s-chap-v2/
[2] https://github.com/moxie0/chapcrack
Tips of the day:
- The human mind is the ultimate creation invention.
- I have so many customers, my customers have customers.
- Sausage time
- POP, stack, and store

Reggle
Post Whore
Posts:
1948
Joined:
Sun May 15, 2011 4:16 pm
Certs:
CCNA Security, CCNP, CCDP

Re: FYI: MS-CHAPv2 cracked with 100% success rate

Tue Jul 31, 2012 1:18 pm

Thanks for the info. Smart thinking there.
http://reggle.wordpress.com

User avatar
texanmutt
Post Whore
Posts:
1971
Joined:
Sat Oct 20, 2007 11:05 am
Certs:
CCNA

Re: FYI: MS-CHAPv2 cracked with 100% success rate

Fri Aug 03, 2012 8:04 am

Would this effect WPA if you are using EAP-PEAP? Wouldn't the the MS-CHAPv2 negotiation be encrypted by TLS which shouldn't be a problem as long as server certificate validation is configured properly?

User avatar
mlan
Ultimate Member
Posts:
810
Joined:
Thu Nov 17, 2011 6:09 pm

Re: FYI: MS-CHAPv2 cracked with 100% success rate

Fri Aug 03, 2012 10:41 am

texanmutt wrote:Would this effect WPA if you are using EAP-PEAP? Wouldn't the the MS-CHAPv2 negotiation be encrypted by TLS which shouldn't be a problem as long as server certificate validation is configured properly?


Correct. The crack does not affect MS-CHAPv2 that is encrypted with TLS in a EAP\PEAP session.

'

Return to General Tech

Who is online

Users browsing this forum: Majestic-12 [Bot] and 18 guests