Security Vulnerabilities and Cryptanalysis
Several weaknesses have been found in MS-CHAPv2, some of which severely reduce the complexity of brute-force attacks making them feasible with modern hardware.
- Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2), co-written by Bruce Schneier
- Exploiting known security holes in Microsoft's PPTP Authentication Extensions (MS-CHAPv2), by Jochen Eisinger
In 2012 the complexity of breaking MS-CHAPv2 was reduced to that of breaking a single DES key:
- Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate by Moxie Marlinspike.
Read more about this topic: MS-CHAP
Famous quotes containing the word security:
“The three great ends which a statesman ought to propose to himself in the government of a nation, are,—1. Security to possessors; 2. Facility to acquirers; and, 3. Hope to all.”
—Samuel Taylor Coleridge (1772–1834)