02. RADIUS auth - PAP, CHAP, MS-CHAP ...
- 01. How do RADIUS attributes work?
- 02. RADIUS auth - PAP, CHAP, MS-CHAP ...
You probably met one of these already, either as end user configuring PPPoE connection or your PC or as an administrator in your ISP. Security is big issue and understanding these terms can help you.
There is an important security question when authenticating someone against RADIUS: How does NAS transfers password to RADIUS server? Yes, it is sent using RADIUS packets as we described in previous post, but is it encrypted? Obfuscated? Or as plain text? How hard is to break it?
Here come protocols that encrypt passwords over network:
PAP or Password authentication protocol is simplest of them all. Password is not sent as plain text, but nearly as bad. It is obfuscated using special "secret" word configured both on NAS and RADIUS. Process is easily reversible so anyone knowing "secret" can de-obfuscate it. Even without secret, it should be no problem to break it using brute force.
CHAP or Challenge-Handshake Authentication Protocol is much more secured protocol. If you heard of salted password hashing (not a food) which is pretty much used everywhere - it is basically it. It means password is processed along with random string ("salt") and "secret" we spoke of earlier to get meaningless string ("digest"). Process is theoretically one way and you can't get back password from "digest". Both "digest" and "salt" are sent over network, and once RADIUS gets them, it uses "salt" and stored plain password to try to build same "digest". If they match - passwords are same. If anyone get hold of "digest" and "salt" by sniffing network packets, it usually won't do them any good.
MS-CHAP and MS-CHAP-V2 are Microsoft variants of CHAP protocol that try to upgrade weaknesses. Remember story that anyone that get hold of "digest" and "salt" usually won't break the password? Well, if "secret" is chosen poorly ("12345" or "password" anyone?), or hashing algorithm is old (MD5) or "salt" is generated not too randomly - it is very possible to break it. That is why there are newer "CHAP" protocols. Basic idea is sound and same for all, but implementations are full of holes.
So, when you are choosing protocol, you must go for latest, powerful, most secured, right? MS-CHAP-V2, right?
Or in more words - it depends of what your possible threats are. Security concerns boil down to two possible scenarios:
Someone taps into your internal network, somewhere between your RADIUS server and NAS, sniffs your packets, extract passwords using lot of CPU cycles. (keep in mind that security from clients computer to NAS is covered by different set of protocols and encryption, like WEP on WiFi network, so it is not relevant for this topic.)*
Someone breaks into your RADIUS server and get hold of your database.
This changes perspective a bit. Let us check protocols again, this time from the point of how the password is stored in database:
PAP - for authentication to work, no decryptable password is required. Password can be stored using most insanely powerful hashing algorithm known to man. If it falls in wrong hands it won't be of any use to them and no one, even you, knows what passwords really are.
CHAP - must be stored in decryptable format
MS-CHAP - must be stored in decryptable format
MS-CHAP-V2 - must be stored in decryptable format
Seems that "weakest" protocols "weakness" is actually a strength in some cases.
So now is question what is more likely to happen to your setup. For someone to hack your network it takes lot of time, infrastructure and internal work. It exposes single passwords as they are used, so it takes even more time to collect lot of data. Hacking database, on the other hand, is fairly common scenario that can expose all of your passwords in matter of minutes.
So take your pick what is more secure.
Copyright © 2014 - 2018 LightBulb Software™ All Rights Reserved.
- BlissRADIUS Embedded™ 1.5 is released with new proxy features and advanced caching for better resilience.
- BlissRADIUS Embedded™ 1.4 maintenance release is out! No significant changes, lot of small fixes. And we finally updated documentation on custom integration.
- BlissRADIUS Embedded™ 1.3 is released. It is incremental release with more fixes and tweaks than new features.
- BlissRADIUS Embedded™ 1.2 is out! It brings many performance and stability enhancements.
- BlissRADIUS Embedded™ 1.0 is out! This is important milestone that marks more than a year of successful production use. 1.0 is backward compatible with 0.x and brings incremental improvements and bug fixes.
- BlissRADIUS Embedded™ 0.9 brings integration with Blesta billing. There is also a new "local" standalone mode to run program without third-party billing. Manual has been updated accordingly.