Security Vulnerabilities and Cryptanalysis
Several weaknesses have been found in MS-CHAPv2, some of which severely reduce the complexity of brute-force attacks making them feasible with modern hardware.
- Cryptanalysis of Microsoft's PPTP Authentication Extensions (MS-CHAPv2), co-written by Bruce Schneier
- Exploiting known security holes in Microsoft's PPTP Authentication Extensions (MS-CHAPv2), by Jochen Eisinger
In 2012 the complexity of breaking MS-CHAPv2 was reduced to that of breaking a single DES key:
- Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate by Moxie Marlinspike.
Read more about this topic: MS-CHAP
Famous quotes containing the word security:
“The contention that a standing army and navy is the best security of peace is about as logical as the claim that the most peaceful citizen is he who goes about heavily armed. The experience of every-day life fully proves that the armed individual is invariably anxious to try his strength. The same is historically true of governments. Really peaceful countries do not waste life and energy in war preparations, with the result that peace is maintained.”
—Emma Goldman (1869–1940)