Re: Shared Secret Recovery in RADIUS

Riku Meskanen (mesrik@CC.JYU.FI)
Wed, 30 Jul 1997 22:00:17 +0300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Black Adder: "Re: mSQL vulnerabilities"
Previous message: Christopher Samuel: "ANNOUNCE: inn-1.5.1sec (fwd)"
Maybe in reply to: Reilly: "Shared Secret Recovery in RADIUS"
Next in thread: Thomas H. Ptacek: "Re: Shared Secret Recovery in RADIUS"

On Tue, 29 Jul 1997, Thomas H. Ptacek wrote:
> This attack was sent to Livingston and posted to the RADIUS discussion
> list (I'm at a loss for the name of it) last year. I think it's worthwhile
> to note that the attacks you're pointing out are actively being exploited,
> and have been for awhile. "Global roaming" systems involving RADIUS
> proxies will dramatically increase the implications of this attack.
>
Some work seems to be done by Dale Cook <cdm@hyperk.com> of SCIENTECH to
solve these issues, see

http://www.livingston.com/Tech/Technotes/Security/RADIUS-RSA.shtml

:-) riku

--
    [ This .signature intentionally left blank ]

Next message: Black Adder: "Re: mSQL vulnerabilities"
Previous message: Christopher Samuel: "ANNOUNCE: inn-1.5.1sec (fwd)"
Maybe in reply to: Reilly: "Shared Secret Recovery in RADIUS"
Next in thread: Thomas H. Ptacek: "Re: Shared Secret Recovery in RADIUS"