Cryptanalysis of Microsoft's point-to-point tunneling protocol (PPTP)
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Introduction To Automata Theory, Languages, And Computation
Introduction To Automata Theory, Languages, And Computation
Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2)
Proceedings of the International Exhibition and Congress on Secure Networking - CQRE (Secure) '99
Password recovery attack on authentication protocol MD4(Password||Challenge)
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Password Cracking Using Probabilistic Context-Free Grammars
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
On the Security of Digest Access Authentication
CSE '11 Proceedings of the 2011 14th IEEE International Conference on Computational Science and Engineering
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Fast password recovery attack: application to APOP
Journal of Intelligent Manufacturing
Hi-index | 0.00 |
Point-to-Point Protocol over Ethernet (PPPoE) is a network protocol for encapsulating PPP frames inside Ethernet frames. It is widely used by commercial Internet service providers to provide Internet surfing for customers who pay bills. In this paper, we analyze the security of PPPoE network. We find that we can easily collect information about both the peers and the PPPoE authentication servers. We can use such information to recover the peer's authentication password by silently impersonating the server, which is undetectable in the network. We impersonate the server in the peers' LAN and get their passwords by hijacking the peers' PPPoE connections and negotiating for using the Password Authentication Protocol (PAP). We further propose an efficient password recovery attack against the Challenge-Handshake Authentication Protocol (CHAP). We first recover the length of the used password through on-line queries, based on the weakness of MD5 input pre-processing. Then, we crack the known-length password off-line, using the probabilistic context-free grammars. We point out that PPPoE cannot be used anymore until all of the weak authentication protocols including PAP, CHAP, and Microsoft CHAP are abolished right now and replaced with more secure Extensible Authentication Protocols. Copyright © 2012 John Wiley & Sons, Ltd.