How secure is the radius encryption

Jason Rohm jason.rohm at
Wed Apr 4 09:31:30 CEST 2012

The passwords are weakly encrypted using a mechanism that is basically an
XOR of the password and an MD5 hash of the request authenticator and the
shared secret.

It is not reasonably feasible to reverse the encryption from a single
packet without knowing the shared secret. However, since the request
authenticator and the username are readable in the packet, it is
theoretically possible to reverse engineer the shared secret if someone
would capture enough successful logins from the same user, on the same NAS,
using the same password. Once the shared secret was compromised, all
requests to/from that NAS could be decrypted.

To limit your exposure, use a strong shared secret that is unique on each
Enforce password expiration and uniqueness on user accounts.
Change your shared secrets periodically and protect them like any other
'superuser' password.
Limit the physical exposure of the transaction by using local radius
servers and/or link level encryption on the WAN.

All of these suggestions limit the number of packet an intruder can use to
attack your encryption and the window that a compromise would be useful.

Depending on the size of your network, it may be worth your time to deploy
radsec. There are very few clients that currently support the draft
standard, but I've had great success deploying localized proxies to convert
standard UDP radius to TCP/TLS encrypted radius.



On Tue, Apr 3, 2012 at 12:04 PM, Thomas Glanzmann <thomas at>wrote:

> Hello,
> I wonder if the radius encryption between radius client and radius is
> secure enough if you choose a decent password like the following:
> 'O([G6krj\9[9FN#GVn(/|9+8h5vq2!W*J:OrA;2Uvk1G&*z~-6'emgQV 2X5iD>a('
> Or if someone should always protect the connection between radius client
> to radius server using ipsec or some other VPN software like for example
> openvpn? I don't want to do radius over the internet but in a coporate
> intranet. However I want also to absolutly sure that noone is reading my
> pap passwords on the wire between radius client and radius server.
> Cheers,
>        Thomas
> -
> List info/subscribe/unsubscribe? See
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list