[5056] in bugtraq
Re: Shared Secret Recovery in RADIUS
daemon@ATHENA.MIT.EDU (Riku Meskanen)
Wed Jul 30 16:37:25 1997
Date: Wed, 30 Jul 1997 22:00:17 +0300
Reply-To: Riku Meskanen <mesrik@CC.JYU.FI>
From: Riku Meskanen <mesrik@CC.JYU.FI>
X-To: "Thomas H. Ptacek" <tqbf@enteract.com>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199707300214.VAA00280@enteract.com>
On Tue, 29 Jul 1997, Thomas H. Ptacek wrote:
> This attack was sent to Livingston and posted to the RADIUS discussion
> list (I'm at a loss for the name of it) last year. I think it's worthwhile
> to note that the attacks you're pointing out are actively being exploited,
> and have been for awhile. "Global roaming" systems involving RADIUS
> proxies will dramatically increase the implications of this attack.
>
Some work seems to be done by Dale Cook <cdm@hyperk.com> of SCIENTECH to
solve these issues, see
http://www.livingston.com/Tech/Technotes/Security/RADIUS-RSA.shtml
:-) riku
--
[ This .signature intentionally left blank ]
