On Wed, Feb 04, 2015 at 08:22:03AM -0500, Thor Lancelot Simon wrote: > For at least 15 years there's been general grumbling that the MD5 based > stream cipher used for confidentiality in RADIUS looks like snake oil. > > Given how widely used the protocol is, and the failure of various successor > protocols (cute names and all -- TANGENT anyone?) I have always been surprised > that the cipher seems not to have received any serious cryptanalytic > attention. On the other hand I am not mathy enough to frequently read the > primary literature. > > Does anyone know of any work that's been done on this?
I think the closest to what you ask is this: http://www.untruth.org/~josh/security/radius/radius-auth.html but I guess you've seen it before? Also related is my analysis of TACACS+ from a year before: http://www.openwall.com/articles/TACACS%2B-Protocol-Security Alexander _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography