Re: [PATCH 0/2] crypto: remove MD4 generic shash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Steve,

But the answer is yes.  Both PEAP and TTLS use MSCHAP or MSCHAPv2 in some form.
   These are commonly used for Username/Password based WPA(2|3)-Enterprise
authentication.  Think 'eduroam' for example.

Can you give some background here?  IIRC MS-CHAPv2 is much worse than
the NTLMSSP case

What background are you looking for? iwd [0] is a wifi management daemon, so we implement various EAP [1] and wifi authentication protocols.

in cifs.ko (where RC4/MD5 is used narrowly).   Doesn't MS-CHAPv2 depend on DES?


You are quite correct. MSCHAPv2 also uses DES for generating the responses. EAP with TTLS+MSCHAPv2 and PEAP+MSCHAPv2 are two of the most deployed variants of WPA-Enterprise authentication using Username + Password.

Deprecating MD4, MD5, SHA1 or DES would be quite disruptive for us. We are using these through AF_ALG userspace API, so if they're removed, some combination of kernel + iwd version will break. We went through this with ARC4, and while that was justified, I don't think the same justification exists for MD4.

[0] https://git.kernel.org/pub/scm/network/wireless/iwd.git
[1] https://en.wikipedia.org/wiki/Extensible_Authentication_Protocol

Regards,
-Denis



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux