Microsoft Challenge Handshake Authentication Protocol.ppt

Microsoft Challenge Handshake Authentication Protocol CS265 Spring 2005 ChungShun Wei Private Network Restrict from outside access Highly secure if no bad guy has access to the physical LAN But you are also blocked if not locally Even Internet will not help Virtual Private Network (VPN) Through VPN server Remote user can connect to intranet through public internet VPN Authentication Password Authentication Protocol (PAP) Username password in clear text Use it only when VPN server only support PAP Challenge Handshake Authentication Protocol (CHAP) Encrypt password Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) Base on CHAP MS-CHAP version 1 and version 2 MS-CHAP v2 is an improvement over MS-CHAP v1 Request Login Challenge Generate 8-byte Challenge Generate 24-byte MS-CHAP Reply Retrieve Password From DB Authenticate Authenticator Response Find Out 8-byte Challenge Although 8-byte challenge did not send through in clear text Attack can easily compute 8-byte challenge by listening 16-byte random challenge from server, Peer Authenticator Challenge, and client’s username Analysis MS-CHAP Reply Attack on MS-CHAP Reply Attackers do not need 2192 effort But 256 + 256 + 216 ≈ 257 * * Request login challenge 16-byte random challenge Client Client 24-byte reply Peer Authenticator Challenge client’s username Client username Password VPN Server Match 20-byte Authenticator Response VPN Server will use 16-byte Peer Authenticator Challenge and Client’s hashed password to create 20-byte Authenticator Response Client computes its own Authenticator Response to compare with Server’s. If match, server is authenticated sanjose askjKeL35h2k49kj (16 byte) NT hash askjKeL35h2k49kj00000 (21 byte) Pad with 0 to 21 byte askjKeL 35h2k49 kj00000 Iwe652nWn8mxhUw0xjO82nzx Encrypt challenge n8mxhUw0 Iwe652nW xjO82nzx Iwe652nWn8mxhUw0xjO82nzx askjKeL35h2k49kj (16 byte) NT hash askjKeL35h2k49kj00000 (21 byte) askjKeL 35h2k49 kj00000 Encrypt challenge Iwe652nWn8mxhUw0xjO82nzx Iwe