How to break EAP-MD5

Authors:
Fanbao Liu;Tao Xie
Affiliations:
School of Computer, National University of Defense Technology, Changsha, Hunan, P.R. China;School of Computer, National University of Defense Technology, Changsha, Hunan, P.R. China
Venue:
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Year:
2012

Citing 5
Cited 1

Message authentication with one-way hash functions

ACM SIGCOMM Computer Communication Review
Password recovery attack on authentication protocol MD4(Password||Challenge)

Proceedings of the 2008 ACM symposium on Information, computer and communications security
On the Security of Digest Access Authentication

CSE '11 Proceedings of the 2011 14th IEEE International Conference on Computational Science and Engineering
A cryptanalytic time-memory trade-off

IEEE Transactions on Information Theory
On the security of PPPoE network

Security and Communication Networks

Fast password recovery attack: application to APOP

Journal of Intelligent Manufacturing

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose an efficient attack to recover the passwords, used to authenticate the peer by EAP-MD5, in the IEEE 802.1X network. First, we recover the length of the used password through a method called length recovery attack by on-line queries. Second, we crack the known length password using a rainbow table pre-computed with a fixed challenge, which can be done efficiently with great probability through off-line computations. This kind of attack can also be implemented successfully even if the underlying hash function MD5 is replaced with SHA-1 or even SHA-512.