/plushcap/analysis/cloudflare/radius-udp-vulnerable-md5-attack

RADIUS/UDP vulnerable to improved MD5 collision attack

What's this blog post about?

The MD5 cryptographic hash function, first broken in 2004, continues to be used in network protocols despite advancements in cryptography. One such protocol is RADIUS (Remote Authentication Dial-In User Service), which remains critical for remote access authentication and has been found vulnerable to an improved attack exploiting MD5's weaknesses. This post discusses the attack, its implications, and potential mitigations, including transitioning to RADIUS over TLS or requiring the Message-Authenticator attribute in all modes of RADIUS/UDP.

Company
Cloudflare

Date published
July 9, 2024

Author(s)
Sharon Goldberg, Miro Haller (Guest Author), Nadia Heninger (Guest Author), Michael Milano (Guest Author), Dan Shumow (Guest Author), Marc Stevens (Guest Author), Adam Suhl (Guest Author)

Word count
4255

Language
English

Hacker News points
36


By Matt Makai. 2021-2024.