Salted SHA security

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon Feb 23 22:29:57 CET 2015


> On 23 Feb 2015, at 15:48, Robert Graham <robert_graham at uhaul.com> wrote:
> 
> Question for the Freeradius programmers/admins:
> 
> How does the authentication for the Salted SHA-512 get handled?
> 
> Yes, I know you can pull the hashed/salted password from a sql database or
> locally, but how does the FreeRadius server compare the users input
> password which would only be the first 64 bytesand the rest being the
> salt, when the user has only entered in their username and password at the
> prompts (I.E. mobile devices or laptops). Doesnt the server need to have
> the users password and salt to be able to compare the pulled password with
> the entered in password?

It needs the user's plaintext password yes. For EAP you'd need to use
EAP-TTLS-PAP or some other method that'd give you the plaintext password.

EAP-PEAP wraps MSCHAPv2 in TLS, and MSCHAPv2 doesn't give you the plaintext
password.

> If I use radtest everything works just fine locally,

Great

> but once PEAP is
> integrated into the mix, it fails (i.e. laptop,cell phone). Am I reading
> the protocol compability matrix incorrectly then?

Yep.

EAP-PEAP will only work if in the database, the user's password is MD4 hashed
or it's in plaintext.

There's a great article here which shows why knowing the MD4 password works:

	https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

...and also shows why MSCHAPv2 isn't a great idea unless you can guarantee
the TLS tunnel it established with a trusted party.

If you could give us an idea of the client systems that'll be authenticating
we might be able to offer suggestions on what EAP flavour/supplicant might
work.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150223/ffdaa9cf/attachment.sig>


More information about the Freeradius-Users mailing list