How secure is the radius encryption

Thomas Glanzmann thomas at
Wed Apr 4 09:49:22 CEST 2012

Hello Jason,

> The passwords are weakly encrypted using a mechanism that is basically
> an XOR of the password and an MD5 hash of the request authenticator
> and the shared secret.

thanks for the thorough explanation, I'll go with IPSEC or openvpn. I
recall reading in Bruce Schneiers book 'Secret and lies' that xor is
only secure if you use the key only once, so it is very easy to break it
if you see enough traffic, probably also with different usernames.


More information about the Freeradius-Users mailing list