1 / 27

RADIUS

RADIUS. In This Presentation …. Why Do We Need It? What is RADIUS? RADIUS Operation RADIUS Packets Operation Examples Attacks on RADIUS RADIUS ’ EAP Support. Why Do We Need It?. Embedded Network Devices Multiple Users & Workstations Simple Network Access Servers (NAS)

sierra-mcclain
Download Presentation

RADIUS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. RADIUS

  2. In This Presentation… • Why Do We Need It? • What is RADIUS? • RADIUS Operation • RADIUS Packets • Operation Examples • Attacks on RADIUS • RADIUS’ EAP Support RADIUS

  3. Why Do We Need It? • Embedded Network Devices • Multiple Users & Workstations • Simple Network Access Servers (NAS) • Central User Administration • User Roaming • Protection Against Sniffing / Active Attacker RADIUS

  4. What is RADIUS? • Remote Authentication Dial-In User Service • Key Features: • Client / Server Model • Network Security • Flexible Authentication Methods • Extensible Protocol • De-Facto Standard For Remote Authentication RADIUS

  5. Application RADIUS TCP / UDP IP Link Physical What is RADIUS? RADIUS

  6. RADIUS Operation RADIUS Server LAN / WAN RADIUS Client (NAS – Network Access Server) Dial-In Dial-In User RADIUS

  7. RADIUS Operation • RADIUS Uses UDP. Why? • Significantly Different Timing Requirements • However, retransmission capabilities are still needed • Stateless Protocol • Clients and servers come and go • Simplifies Server Implementation • Keep-Alives Considered Harmful RADIUS

  8. RADIUS Operation • Operation Modes • User-Name / Password • Challenge / Response • Interoperation with PAP and CHAP • Proxy RADIUS

  9. RADIUS Packets 1 Byte 1 Byte 2 Bytes Code Identifier Length Authenticator 4 Words Attributes… RADIUS

  10. RADIUS Packets • Packet Types • Access-Request • Access-Accept • Access-Reject • Access-Challenge RADIUS

  11. RADIUS Packets • The Authenticator • Request Authenticator • Unpredictable and unique over the lifetime of a secret • Used for user-password hiding • Response Authenticator • Calculated by an MD-5 hash: MD5(Code + ID + Length + RequestAuth + Attributes + Secret) RADIUS

  12. Examples • User Telnet To Specified Host • User Authenticating With CHAP • User With Challenge-Response Card RADIUS

  13. Attacks On RADIUS • Weaknesses Of The Protocol • Operation Modes • User Name / Password Mode • Challenge / Response Mode RADIUS

  14. Attacks On RADIUS • Response Authenticator Based Shared Secret Attack • Attacker listens to requests and server responses, and pre-compute MD5 state, which is the prefix of the response authenticator: MD5(Code+ID+Length+ReqAuth+Attrib) • Perform an exhaustive search on shared secret, adding it to the above MD5 state each time. • Many implementations receive shared secret as an ASCII string from keyboard, and limit size to 16 bytes. RADIUS

  15. Attacks On RADIUS • User-Password Attribute Based Shared Secret Attack • The attacker attempts a connection to the NAS, and intercepts the access-request. • XORs the user password attribute with the password he used to obtain: MD5(Secret+ReqAuth) • Perform an exhaustive search on shared secret. • Cannot pre-compute MD5 state. • Finding the MD5 value, is useful for other attacks. RADIUS

  16. Attacks On RADIUS • User-Password Based Password Attack • The attacker attempts a connection to the NAS, intercepts the access-request and computes MD5(Secret+ReqAuth). • Performs an exhaustive / dictionary attack on password, XORing it with above MD5 and sending it each time in appropriate attribute. • Bypasses any login restriction imposed by NAS. • Possible due to no authentication on request packet. RADIUS

  17. Attacks On RADIUS • Request Authenticator Based Attacks • Possible due to bad implementations: • Poor Pseudo Random Number Generator • Predictable Request ID RADIUS

  18. Attacks On RADIUS • Request Authenticator Based Attacks • Passive User-Password Compromise through Repeated Request Authenticators • Attacker builds a dictionary of ReqAuth and user-password attribute sent by NAS. • When a ReqAuth repeats itself, attacker can XOR user-password attributes and obtain: password1 XOR password2 • Perform a dictionary attack, combined with the fact that the longer password is padded with 0’s, causing the other password’s characters XORed with it to remain unchanged. RADIUS

  19. Attacks On RADIUS • Request Authenticator Based Attacks • Active User-Password Compromise through Repeated Request Authenticators • Attacker builds a dictionary as before. • When he predicts he can cause NAS to use a certain ReqAuth, he tries to connect it and intercepts access-request. • Calculates “password1 XOR password2”, but this time password2 is known, thus user password is compromised. RADIUS

  20. Attacks On RADIUS • Request Authenticator Based Attacks • Replay of Server Responses through Repeated Request Authenticators • The attacker builds a dictionary with ReqAuth, ID and entire server response. • Most server responses will be access-accept. • The attacker will attempt a connection to NAS, predicting the ReqAuth and ID, intercept the access-request, and inject the NAS with the packet from the dictionary which is an access-accept, and has same ReqAuth and ID. RADIUS

  21. Attacks On RADIUS • Request Authenticator Based Attacks • DoS Arising from the Prediction of the Request Authenticator • Much like previous attack. • This time, attacker connects to NAS many times, and building same dictionary as before, only this time with access-rejects. • When user tries to connect, and NAS uses repeated ReqAuth, the attacker injects his access-reject, causing a denial of service. RADIUS

  22. Attacks On RADIUS • Summary • User-Password Protection Technique • The Response-Authenticator • Access-Request Packets • Random Number Generators • Shared Secrets RADIUS

  23. RADIUS’ EAP Support • RADIUS-Encapsulated EAP Packets • Proprietary Protocol Between RADIUS Server and Backend Security Server • Proxied RADIUS requests • Retransmission and Fragmentation Issues RADIUS

  24. RADIUS’ EAP Support • Security Considerations • Separation of EAP Server and PPP Authenticator • Connection Hijacking • Man-in-the-Middle Attack • Multiple Databases • Negotiation Attacks RADIUS

  25. Conclusion • RADIUS is a remote authentication protocol. • RADIUS is a de-facto standard for remote authentication. • RADIUS has several weaknesses. • RADIUS is an extensible protocol, and can support many authentication methods (e.g. EAP). RADIUS

  26. What Next? • Diameter • "Diameter clients, such as Network Access Servers (NASes) and Foreign Agents MUST support IP Security, and MAY support TLS. Diameter servers MUST support TLS, but the administrator MAY opt to configure IPSec instead of using TLS. Operating the Diameter protocol without any security mechanism is not recommended." RADIUS

  27. Questions ? RADIUS

More Related