On Tue, 19 Nov 2002 at 10:59:02AM +0800, Patrick Hsieh wrote: Greetings from the cold North that is the state of Michigan,
> Thank you. I think the weakness is due to the password-based authentication. > The attacker can use dictionary attack to pass the authentication,right? Incorrect, there are weaknesses in the actual algorithms and protocols. As I suggested, search google and you will find long detailed papers filled with mathematical formulas explaining the weakness (being not a math person I did not understand the gory details). What I do know is the original MPPE key is based on the MSCHAPV2 handshake, which according to many papers is insecure in its protocol. > How difficult it is to pass the MS-CHAPv2 with MPPE-128bit encryption by > using > the dictionary attack? I mean, will it take a long time to pass the > authentication by dictionary attack? Yes, a dictionary attack would be hard. But with some of the papers I have read you could extract the password from a session. Then again I read these about 9 months ago and MS may have fixed the protocol. I would figure they would give a new V# to a new protocol though... > BTW, is it reasonable to say that any VPN without PKI is insecure? PKI is currently the safest best AFAIK. > Another question is, is there any IPSEC-based VPDN solution? I have played with IPSEC a good deal. The problem lies that there is no standard IPSEC behavior defined yet. Therefore each vendor is filling in the hole, much like we saw with CD (back in the day) and DVD Burners. If you are going to use IPSEC make sure to use the same implementation on each end, this will minimize complications. Bottom line, if security is an absolute must deploy a Linux box on the remote network to act as a VPN-Gateway using IPSEC. Regards and stay warm, wherever you are, -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #206: It's stuck in the Web.
