LDAP

Tom Rixom Thu, 26 Feb 2004 01:48:25 -0800

I just can't leave it alone.... sorry...

You talk about an attacker attacking the NTHASH...


Why did you bring this in? I thought the discussion was about 
PEAP-MSCHAPV2 LDAP compatibility...

PEAP makes sure the attacker can't get at MSCHAPV2 and MSCHAPV2
allows the use of an database fill of hashed passwords which
could be considered safer than clear text...

So why talk about attacking the NTHASH... I don't understand... why?

Maybe you were talking about an inside attack, when the NTHASH
is retreived from LDAP? But again can't SSL be used to secure the line?

bye,

Tom.



> -----Original Message-----
> From: Tom Rixom 
> Sent: Thursday, February 26, 2004 10:37 AM
> To: [EMAIL PROTECTED]
> Subject: RE: PEAP / MSCHAP2 / LDAP
> 
> 
> Are you trying to help or is this just one of those pointless 
> discussions in
> where we show off how much we know about encryption, OOOOPS 
> sorry I meant hashing...
> 
> bye,
> 
> Tom.
> 
> > -----Original Message-----
> > From: Artur Hecker [mailto:[EMAIL PROTECTED]
> > Sent: Thursday, February 26, 2004 9:46 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: PEAP / MSCHAP2 / LDAP
> > 
> > 
> > hi
> > 
> > 
> > Tom Rixom wrote:
> > > How do you explain that Microsoft Clients almost all use 
> > MSCHAP in some form
> > > to authenticate and that all Microsoft passwords are stored 
> > in encrypted form... ;)
> > 
> > remark: i've never talked about encryption. encryption is always 
> > reversible, provided that you have the key.
> > 
> > i've also never tried to explain ms-chap. simply read the 
> > original mail, 
> > there is a claim inside which can be understood as "take 
> hashX, store 
> > the passwords hashed with hashX, and it'll be ok for your 
> > challenge/response system". ahem, no, it won't!
> > 
> > 
> > > I can't recall the exact specs of MSCHAPV2 but the I 
> > remember it to be
> > > something like:
> > >  
> > > Client                       Server                      
> > > <------------------- CHALLENGE 
> > > ----> HASH( CHALLENGE + NTHASH(PASSWORD))
> > >  
> > > server retrieves NTHASH(PASSWORD) from LDAP database.
> > > server verifies HASH(CHALLENGE + NTHASH(PASSWORD))
> > 
> > what you've sent here is exactly what i've sent: replace 
> > password with 
> > nthash(password). this is like renaming X to Y. if i am an 
> > attacker and 
> > i'm trying to attack such a system, why would i bother to 
> > want to know 
> > the password? the nthash of it is sufficient. even the 
> > dictionary attack 
> > is not really more difficult here; you have to hash twice... 
> > that's not 
> > an improvement.
> > 
> > otherwise it is like chap. i would agree however that in 
> that scheme 
> > nthash does not have to be reversible; however, it is not 
> used on the 
> > challenge neither. thus, that was not the point of my email.
> > 
> > the point was that you can't say that using the same hash 
> > function will 
> > work. indeed, in your example above the HASH and the NTHASH 
> function 
> > need not be equivalent.
> > 
> > 
> > ciao
> > artur
> > 
> > -- 
> > __________________________________________________________
> > Artur Hecker                        http://www.enst.fr/~hecker
> > Groupe AccÃs et MobilitÃ  /  Computer Science and Networks
> > E N S T  Paris ___________________________________________
> > 
> > 
> > - 
> > List info/subscribe/unsubscribe? See 
> > http://www.freeradius.org/list/users.html
> > 
> .mmzyv
> 
.+-ŠwèþË±ÊâmïîžË±Êâmäžzm§ÿðÃëyêÚv+¬¢¸?–+-þë®Èmš

RE: PEAP / MSCHAP2 / LDAP

Reply via email to