On 15/07/16 18:35, Arran Cudbard-Bell wrote:
On Jul 15, 2016, at 1:20 PM, freeradius-users@latter.org wrote:
On 15/07/16 16:52, Arran Cudbard-Bell wrote:
There's not a huge advantage in storing unsalted MD4 hashed passwords.
In terms of security? It ticks the box marked "did the best we could".
No, the best you could would be to use EAP-TLS, because PEAP and TTLS are horrifically insecure in their current OSX and Windows implementations.
Unfortunately the commercial reality of it is that we must stick to the "convenience" end of the "security-versus-convenience" scale. In a week we will have about 6000 wifi devices authenticating. Most are regular users but a fair number are only using it for the day. We have no control over what people turn up with - could be a PDP-11 or an internet-enabled fridge magnet. The devices tend more towards the MacOS / iOS than you might find in general. Most of the users are non-technical, but there's enough full-time geeks to keep us on our toes.
And it does protect those who use long passwords.
Not really, you just need to find a collision, the length of the password doesn't matter for that type of attack.
It does stop an attacker using the collided password with another service, that's about it.
Which is the point, a lot of the time, IMO.