The Point-to-Point Tunneling Protocol (PPTP) [HP+97] is a protocol that allows Point-to-Point Protocol (PPP) connections [Sim94] to be tunneled through an IP network, creating a Virtual Private Network (VPN). Microsoft has implemented its own algorithms and protocols to support PPTP. This implementation of PPTP, called Microsoft PPTP, is used extensively in commercial VPN products precisely because it is already a part of the Microsoft Windows 95, 98, and NT operating systems.
The authentication protocol in Microsoft PPTP is the Microsoft Challenge / Reply Handshake Protocol (MS-CHAP) [ZC98]; the encryption protocol is Microsoft Point to Point Encryption (MPPE) [PZ98]. After Microsoft’s PPTP was cryptanalyzed [SM98] and significant weaknesses were publicized, Microsoft upgraded their protocols [Zor98a, Zor98b, Zor99]. The new version is called MS-CHAP version 2 (MS-CHAPv2); the older version has been renamed as MS-CHAP version 1 (MS-CHAPv1). MS-CHAPv2 is available as an upgrade for Microsoft Windows 95, Windows 98, and Windows NT 4.0 (DUN 1.3) [Mic98a, Mic98b]. Even though this upgrade is available, we believe that most implementation of PPTP use MS-CHAPv1.
This paper examines MS-CHAPv2 and discusses how well it addresses the security weaknesses outlined in [SM98].
The most significant changes from MS-CHAPv1 to MS-CHAPv2 are:
• The weaker LAN Manager hash is no longer sent along with the stronger Windows NT hash. This is to prevent automatic password crackers like L0phtcrack [L99] from first breaking the weaker LAN Manager hash and then using that information to break the stronger NT hash [L97].
• An authentication scheme for the server has been introduced. This is to prevent malicious servers from masquerading as legitimate servers.
• The change password packets from MS-CHAPv1 have been replaced by a single change password packet in MS-CHAPv2. This is to prevent the active attack of spoofing MS-CHAP failure packets.
• MPPE uses unique keys in each direction. This is to prevent the trivial cryptanalytic attack of XORing the text stream in each direction to remove the effects of the encryption [SM98]
Download pdf Cryptanalysis of Microsoft’s PPTP Authentication Extensions
Related Searches: microsoft pptp, handshake protocol, authentication protocol, password crackers, encryption protocol
Categories
Archives
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
Today's Search Terms:
- renault radio bedienungsanleitung pdf - vw golf 5 tdi service - ford galaxy online manual - honda motorcycle owners manual download free - renault laguna repair manual pdf - download vw beetle workshop manual - bmw r 1150 r katalog pdf - Download Canon Pixma 1700 Software - max payne 2 full indir - 1988 camaro fuse box diagram - free sap ebooks - free polo repair manual 1 4 1996 - download STATA analysis - honda outboard repair manual download - free service manual honda motorcycle cr125 2005 - stronghold crusader free hack dowloand - data book engine wv golf3 1 6i - E-learning project vb net free download - what is vista ultimate activation key code free - free online pontiac firebird parts diagrams - bmw e38 owners manuel - wiring diagram tdi vw - audi concert iii manual 2008 - audi tt owners manual pdf -ebay -dealtime -lycos -yahoo -kelkoo -edirectory -ciao -pricegrabber -newegg - downloads PT Cruiser Service Manual pdf - bmw Automotive Repair Manuals 1999 - 2005 rapidshare - downloads PT Cruiser Service Manual pdf - 3d environment scene files in maya free download - free diesel marine engine manual - peugeot 306 manual free downloadMost Popular
- iPod shuffle User's Guide (Manual)
- Renault Workshop Repair Manual PDF
- VolksWagen Golf and Jetta Routine Maintenance and Servicing Manual
- VolksWagen Golf & Jetta Service and Repair Manual
- Volkswagen Beetle Manual PDF
- Hacking the XBOX 360 for Noobs Tutorial
- VW Golf and Jetta Braking System PDF Manual
- Renault Workshop Repair Manual PDF
- VolksWagen Golf III / Jetta III Wiring Diagram Manual
- Renault All Types Service Manual PDF
Random Posts
- 1999 Audi A4 Quick Tips™ Quick Tips
- Acura manual 810 dilution pipette APPLICATION NOTE
- Defeating Microsoft Windows XP SP2 Heap protection and DEP bypass
- Installation instructions for Stratmosphere Audi S4 Short Manual
- Jetspeed -j2o- The Web 2.0 Desktop for Portlets
- Volkswagen Beetle 1.8T BCS (Boost Control System) engine installation instructions
- Nissan Outboard Motors Owners Operating Manual PDF
- PENTAX IQ Zoom EZY Operating Manual
- Developing Applications with WebLogic SIP Server
- Chrysler Sebring Coupe 2004 Owner’s Manual
Free Ebook Manual Download is proudly powered by WordPress - BloggingPro theme by: Design Disease
RSS feed for comments on this post · TrackBack URI
Leave a reply