PAM_Radius EAP-TTLS

Alan DeKok aland at deployingradius.com
Fri Aug 21 15:30:47 CEST 2015


On Aug 21, 2015, at 9:08 AM, Qrious <Qrious at semtexgaming.com> wrote:
> First of all, I'd like to add that this is not an offense to anyone, I
> just want to be able to verify your claims that the usage of an
> insecure hashing/encryption method does not compromise the entire
> security of RADIUS.

  It helps to understand *what* is insecure about MD5.  Some uses of MD5 are insecure, others are not.

> My endgoal is to have a central authentication system that is secure.

  Then stop arguing and just use RADIUS.

  Or, go read the various security papers (like I did) to see *why* RADIUS is fine.

>> That's a simplistic approach.  Relying on buzzwords is no substitute for understanding.
> 
> I wouldn't call DES/3DES/MD5 buzzwords, just the names of the relevant
> hashing and encryption algorithms.

  That's not the point.  The point is you see a buzzword / catch phrase "MD5 is insecure", and you get worked up about it, instead of understanding the issues.

> However my daily job is
> not that of security officer/expert.

  My job *is* a RADIUS expert.  Since you're not, I suggest you stop arguing about the topic.

> I was taught that the usage of
> these algorithms are reason for concern and should be avoided if
> possible.

  That's the simplistic explanation for average people.  It's correct for most situations.

> Could you please clarify (or give pointers to documentation that
> counters the statements below) why the usage of MD5 in RADIUS has no
> known security problems? Because I found resources that appear to
> indicate otherwise:
> - http://www.untruth.org/~josh/security/radius/radius-auth.html
> (Research from 2001)
> - http://www.blackhat.com/presentations/bh-asia-00/jeremy-dave/jeremy-dave-asia-00-network.ppt

  Those are all true, but aren't the complete picture.  Since you're not a security expert, I suggest you don't understand the attacks, and you won't understand the explanations as to why those attacks aren't relevant for most RADIUS situations.

> Related:
> - https://www.ietf.org/rfc/rfc6614.txt and (related)
> https://en.wikipedia.org/wiki/Diameter_(protocol)  (why would someone
> make this if RADIUS itself is secure?)

  Don't be a jackass.

  RADIUS is secure.  BUT any competent security person knows that attacks grow over time.  So... RADIUS is being made *more* secure.

  As with RFC 7360 (RADIUS over DTLS).  Which I wrote.

  Just look up "dekok RFC" on google, and note that I have a bit of a clue about this.

> - It should be noted that back in 2002 Microsoft already called the
> usage of EAP-(T)TLS or IPSEC for RADIUS traffic 'best practice' (see
> previously mentioned MSDN page).

  Since you're so interested in EAP-TLS, I suggest you implement it for the PAM module.  It's open source.  Submit patches instead of complaining.  Work to make the world better, instead of telling people with more decades more experience that they're wrong.

  The arrogance of that is a little offensive, TBH.

  Or, configure *YOUR NETWORK* so that the RADIUS traffic runs over IPSec.  You can do this yourself today.  There's no need to complain about RADIUS security.

  Alan DEKok.




More information about the Freeradius-Users mailing list