SSL renegotiation ?
Hi, I found a new man-in-the-middle attack with SSL. http://www.sslshopper.com/article-ssl-and-tls-renegotiation-vulnerability-di... I am afraid if freeRADIUS use SSL renegotiation? The freeRADIUS version is 1.1.6. We use EAP-TLS and the backend OpenLDAP server with TLS connection. Does freeRADIUS use SSL renegotiation ? Thanks. John ___________________________________________________________ 好玩贺卡等你发,邮箱贺卡全新上线! http://card.mail.cn.yahoo.com/
John wrote:
I found a new man-in-the-middle attack with SSL. http://www.sslshopper.com/article-ssl-and-tls-renegotiation-vulnerability-di...
It's a nice attack on SSL.
I am afraid if freeRADIUS use SSL renegotiation? The freeRADIUS version is 1.1.6. We use EAP-TLS and the backend OpenLDAP server with TLS connection.
Does freeRADIUS use SSL renegotiation ?
Yes and no. Yes, it uses OpenSSL, with all of the functionality of OpenSSL. No, I don't see a way for SSL renegotiation to attack RADIUS. The attack involves a MITM who (mostly) terminates the SSL connection from the client, and opens a connection to the server. All RADIUS relationships require a shared secret, so MITM attacks aren't possible at the RADIUS layer. The only place this attack *might* occur is if the MITM spoofs an 802.1X enabled access point. But the attacker can't send RADIUS packets, because he doesn't know the shared secret. The attacker then has to do a MITM at the EAPoL layer. i.e. spoof an AP to the client, and then turn around, and copy those packets to a *real* AP. If this worries you, there is a new version of OpenSSL available that isn't subject to the attack. Alan DeKok.
participants (2)
-
Alan DeKok -
John