Weaknesses in MS-CHAPv2 authentication - From MS Security RD blog
blog.securitybalance.com
Interesting post from MS Security Research & Defense blog describing the newly discovered MS-CHAPv2 weaknesses: MS-CHAP is the Microsoft version of the Challenge-Handshake Authentication Protocol and is described in RFC2759. A recent presentation by Moxie Marlinspike [1] has revealed a breakthrough which reduces the security of MS-CHAPv2 to a single DES encryption (2^56) regardless of the password length. Today, we published Security Advisory 2743314 with recommendations to mitigate the effects of this issue.
Weaknesses in MS-CHAPv2 authentication - From MS Security RD blog
Weaknesses in MS-CHAPv2 authentication - From…
Weaknesses in MS-CHAPv2 authentication - From MS Security RD blog
Interesting post from MS Security Research & Defense blog describing the newly discovered MS-CHAPv2 weaknesses: MS-CHAP is the Microsoft version of the Challenge-Handshake Authentication Protocol and is described in RFC2759. A recent presentation by Moxie Marlinspike [1] has revealed a breakthrough which reduces the security of MS-CHAPv2 to a single DES encryption (2^56) regardless of the password length. Today, we published Security Advisory 2743314 with recommendations to mitigate the effects of this issue.