Lecture 3.1: Handling Remote Access: RADIUS Motivation

More documents

Recommendations

Info

Birthday paradox again Digest = D bits Number of messages = K 1. How many messages K to observe to get 50% probability to have my same digest? 2. How many messages K to observe to get 50% probability to have two same digest? e e k Giuseppe Bianchi e = e Giuseppe Bianchi = e ⎛ 1 ⎜1− ⎝ 2 D ( 2 ) n! / ( n − k)! n n −1 n − ( k −1) = ⋅ ⋅⋅⋅ = k n n n n k −1 ⎛ 1 ⎞⎛ 2 ⎞ ⎛ k −1⎞ ⎛ = ⎜1− ⎟⎜1− ⎟⋅ ⋅⋅ ⎜1− ⎟ = ∏⎜1 − ⎝ n ⎠⎝ n ⎠ ⎝ n ⎠ i= 1 ⎝ ≈ k −1 i= 1 2 −k / 2n ⇒ ∏ −i / n 2 = ∑ − = e 1 2 ⇒ k−1 i i= 1 n = 2log( 2) ⋅n 2 −k / 2n −k ( k−1) / 2n ⇒ D K ⎞ ⎟ ⎠ = 1 2 ⇒ 2 K ≈ 2 D D 2 ! / ( 2 − K)! 1 D D = ⇒ K ≈ 1. 177 2 ≈ 2 K 2 ≈ e −log( 2) 2 −k / 2n ⇒ k = 1. 177 n i n ⎞ ⎟ ≈ ⎠ Ricordando che per x piccolo 1-x approx e^(-x) D / 2 12
Message digest size Must be considered against birthday paradox! 32 bits (RAND) 50% collision after 2 16 msg 60.000 (very little!) 56 bits (DES) 50% collision after 2 28 msg 250M (still little!) 128 bits (MD5) 50% collision after 2 64 msg 1.8x10 19 (OK!) 160 bits SHA-1 Giuseppe Bianchi MD5 iterative construction Merkle-Damgard approach Initialization Vector (known) Giuseppe Bianchi K bits Message (any size) N x 512 bits Padding 10000 Chunk (512 bits) Chunk (512 bits) Chunk (512 bits) Chunk (512 bits) Length K mod 2 64 128 bits F 128 bits F 128 bits F 128 bits F 128 bits Compression function (if it is resistant, also iteration is) Hash 13
Page 1 and 2: Giuseppe Bianchi Lecture 3.1: Handl
Page 3 and 4: RADIUS Security features Per-packet
Page 5 and 6: packet format Code: type of radius
Page 7 and 8: Native User-Password Step 1: paddin
Page 9 and 10: PPP CHAP support with RADIUS CHAP
Page 11: Properties of a good hash function
Page 15 and 16: RADIUS Security Weaknesses Recommen
Page 17 and 18: Attack to shared secret based on Us
Page 19 and 20: poor PRNG implementations Attack to
Page 21 and 22: Giuseppe Bianchi Giuseppe Bianchi A
Page 23 and 24: Why “duplicating duplicating”
Page 25: Diameter improvements at a glance /

Lecture 3.1: Handling Remote Access: RADIUS Motivation

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?