<div>The passwords are weakly encrypted using a mechanism that is basically an XOR of the password and an MD5 hash of the request authenticator and the shared secret.</div><div> </div><div>It is not reasonably feasible to reverse the encryption from a single packet without knowing the shared secret. However, since the request authenticator and the username are readable in the packet, it is theoretically possible to reverse engineer the shared secret if someone would capture enough successful logins from the same user, on the same NAS, using the same password. Once the shared secret was compromised, all requests to/from that NAS could be decrypted.</div>
<div> </div><div>To limit your exposure, use a strong shared secret that is unique on each NAS.</div><div>Enforce password expiration and uniqueness on user accounts.</div><div>Change your shared secrets periodically and protect them like any other 'superuser' password.</div>
<div>Limit the physical exposure of the transaction by using local radius servers and/or link level encryption on the WAN.</div><div> </div><div>All of these suggestions limit the number of packet an intruder can use to attack your encryption and the window that a compromise would be useful. </div>
<div> </div><div>Depending on the size of your network, it may be worth your time to deploy radsec. There are very few clients that currently support the draft standard, but I've had great success deploying localized proxies to convert standard UDP radius to TCP/TLS encrypted radius.</div>
<div> </div><div>Thanks,</div><div> </div><div>Jason <br><br></div><div class="gmail_quote">On Tue, Apr 3, 2012 at 12:04 PM, Thomas Glanzmann <span dir="ltr"><<a href="mailto:thomas@glanzmann.de">thomas@glanzmann.de</a>></span> wrote:<br>
<blockquote style="margin:0px 0px 0px 0.8ex;padding-left:1ex;border-left-color:rgb(204,204,204);border-left-width:1px;border-left-style:solid" class="gmail_quote">Hello,<br>
I wonder if the radius encryption between radius client and radius is<br>
secure enough if you choose a decent password like the following:<br>
'O([G6krj\9[9FN#GVn(/|9+8h5vq2!W*J:OrA;2Uvk1G&*z~-6'emgQV 2X5iD>a('<br>
Or if someone should always protect the connection between radius client<br>
to radius server using ipsec or some other VPN software like for example<br>
openvpn? I don't want to do radius over the internet but in a coporate<br>
intranet. However I want also to absolutly sure that noone is reading my<br>
pap passwords on the wire between radius client and radius server.<br>
<br>
Cheers,<br>
Thomas<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</blockquote></div><br>