[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Counterpane Cracks MS's PPTP

To: Brad Kemp <[email protected]>
Subject: Re: Counterpane Cracks MS's PPTP
From: Xcott Craver <[email protected]>
Date: Tue, 2 Jun 1998 18:31:45 -0500 (CDT)
cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

On Tue, 2 Jun 1998, Brad Kemp wrote:

> It is possible to recover all the clear text from a PPTP session,
> even if most of the traffic is going in one direction only.
> The failure is in MPPE.  When MPPE gets a sequenceing error, it
> resets the key.  This causes the cipher stream to be reset.  It is
> partially covered in section 5.4.

	I really think the XOR weaknesses deserve as much publicity 
	as possible, because they are IMHO the simplest to exploit,
	and the result of the dumbest mistakes.

	So far we have three:  40-bit RC4 uses the same key with every 
	session (!!), the client and server seems to encrypt with the same
	key stream going both ways (!!!), and then this resequencing
	attack.

	Are all three of these fixed?  The certainly aren't 
	"theoretical." 

==-  Xcott Craver -- [email protected] -- http://www.math.niu.edu/~caj/  -==
"This is a different thing:  it's spontaneous and it's called 'wit.'"
                                                      -The Black Adder

References:
- Re: Counterpane Cracks MS's PPTP
  - From: Brad Kemp <[email protected]>

Prev by Date: WinNT C2?
Next by Date: Re: WinNT C2?
Prev by thread: Re: Counterpane Cracks MS's PPTP
Next by thread: Re: Counterpane Cracks MS's PPTP
Index(es):
- Date
- Thread