Parse the consequences of hacking MS-CHAPv2 for Wi-Fi (WPA / WPA2-Enterprise)
At the last DEFCON, hacking of the MS-CHAPv2 authentication protocol was demonstrated (it’s long past). As a result, many media outlets broke out that "thousands of VPN and WPA2 devices are in danger." Consider how true this statement is for a Wi-Fi network implementing WPA2.
Scandals? Intrigue? Investigations?
In order not to produce entities unnecessarily, I’m there a squeeze out with basic facts and conclusions, as well as links to primary sources for those who are interested in details.
Background: blog authors of the attack . It is alleged that MS-CHAPv2 is cracked with a performance of 100%. The details are given, from which it is clear that you need to intercept the exchange via the MS-CHAPv2 protocol, after which, using the vulnerabilities in encryption, you can calculate the user's details. It is argued that MS-CHAPv2 is used in VPN and WPA2-Enterprise systems. At the same time, both VPN and WPA2 are mentioned in the context of AAA servers, which is quite logical, since it is there that the unencrypted MS-CHAP is caught. So yes, MS-CHAPv2 is hacked. If you intercept MS-CHAPv2 exchange between the client and the AAA server, you can calculate the user's details.
')
After that, articles like this started to appear, where WPA2 is already being used outside the context of AAA servers. At the same time, quite serious statements are made: “ For a VPN / WPA2 hack, it’s enough to intercept one login attempt) and up to “ people It shouldn't stop using VPN and WPA2 products that rely on MS-CHAP (people should immediately stop using VPN / WPA2 with MS-CHAP).
Well, for starters, remember that WPA2 exists in two forms: WPA2-Personal (PSK) and WPA2-Enterprise (802.1x / EAP). MS-CHAPv2 is used only in Enterprise, so PSK users can sleep well.
In Enterprise, MS-CHAPv2 is only one of the possible EAP methods (there is still quite popular GTC, TTLS, etc.). The popularity of MS-CHAPv2 is due to the fact that it is the easiest method to integrate with Microsoft products (IAS, AD, etc.).
However, has anyone ever seen a WPA2-Enterprise implementation with pure EAP / MS-CHAPv2? I do not remember ... Any knowledgeable person will say that there must be another tunnel (PEAP or TLS). So, if there is a tunnel, interception of the MS-CHAPv2 session is no longer possible, since you must first crack the encryption of the tunnel, so that the sensation is canceled.
However, it is still too early to relax. A tunnel is built between the client and the access point. If you impersonate the access point, you can easily get both the client and his “clean” MS-CHAPv2 session with all the consequences. Hence the conclusion from the category “how many times they told the world”: put certificates on access points and turn on certificate checking on clients .
Thus, for a well-built wireless network with WPA2-Enterprise based on PEAP / MS-CHAPv2, the new attack is not terrible. Is it possible to break into the channel between the authenticator (TD, controller) and the AAA server, but this no longer applies to WPA.
Details, illustrations and recommendations for customization can be found in friends of respected industry experts: Andrew VonNagy and Devin Akin .
More examples of marketing and journalism (see tags):
Scandals? Intrigue? Investigations?
In order not to produce entities unnecessarily, I’m there a squeeze out with basic facts and conclusions, as well as links to primary sources for those who are interested in details.
Scandals
Background: blog authors of the attack . It is alleged that MS-CHAPv2 is cracked with a performance of 100%. The details are given, from which it is clear that you need to intercept the exchange via the MS-CHAPv2 protocol, after which, using the vulnerabilities in encryption, you can calculate the user's details. It is argued that MS-CHAPv2 is used in VPN and WPA2-Enterprise systems. At the same time, both VPN and WPA2 are mentioned in the context of AAA servers, which is quite logical, since it is there that the unencrypted MS-CHAP is caught. So yes, MS-CHAPv2 is hacked. If you intercept MS-CHAPv2 exchange between the client and the AAA server, you can calculate the user's details.
')
Intrigue
After that, articles like this started to appear, where WPA2 is already being used outside the context of AAA servers. At the same time, quite serious statements are made: “ For a VPN / WPA2 hack, it’s enough to intercept one login attempt) and up to “ people It shouldn't stop using VPN and WPA2 products that rely on MS-CHAP (people should immediately stop using VPN / WPA2 with MS-CHAP).
Investigations
Well, for starters, remember that WPA2 exists in two forms: WPA2-Personal (PSK) and WPA2-Enterprise (802.1x / EAP). MS-CHAPv2 is used only in Enterprise, so PSK users can sleep well.
In Enterprise, MS-CHAPv2 is only one of the possible EAP methods (there is still quite popular GTC, TTLS, etc.). The popularity of MS-CHAPv2 is due to the fact that it is the easiest method to integrate with Microsoft products (IAS, AD, etc.).
However, has anyone ever seen a WPA2-Enterprise implementation with pure EAP / MS-CHAPv2? I do not remember ... Any knowledgeable person will say that there must be another tunnel (PEAP or TLS). So, if there is a tunnel, interception of the MS-CHAPv2 session is no longer possible, since you must first crack the encryption of the tunnel, so that the sensation is canceled.
However, it is still too early to relax. A tunnel is built between the client and the access point. If you impersonate the access point, you can easily get both the client and his “clean” MS-CHAPv2 session with all the consequences. Hence the conclusion from the category “how many times they told the world”: put certificates on access points and turn on certificate checking on clients .
Thus, for a well-built wireless network with WPA2-Enterprise based on PEAP / MS-CHAPv2, the new attack is not terrible. Is it possible to break into the channel between the authenticator (TD, controller) and the AAA server, but this no longer applies to WPA.
Details, illustrations and recommendations for customization can be found in friends of respected industry experts: Andrew VonNagy and Devin Akin .
More examples of marketing and journalism (see tags):
Source: https://habr.com/ru/post/149076/
All Articles