How to Break EAP-MD5

Abstract : We propose an efficient attack to recover the passwords, used to authenticate the peer by EAP-MD5, in the IEEE 802.1X network. First, we recover the length of the used password through a method called length recovery attack by on-line queries. Second, we crack the known length password using a rainbow table pre-computed with a fixed challenge, which can be done efficiently with great probability through off-line computations. This kind of attack can also be implemented successfully even if the underlying hash function MD5 is replaced with SHA-1 or even SHA-512.
Document type :
Conference papers
Complete list of metadatas

Cited literature [11 references]  Display  Hide  Download

https://hal.inria.fr/hal-01534313
Contributor : Hal Ifip <>
Submitted on : Wednesday, June 7, 2017 - 3:03:45 PM
Last modification on : Tuesday, September 3, 2019 - 3:04:02 PM
Long-term archiving on : Friday, September 8, 2017 - 12:53:57 PM

File

978-3-642-30955-7_6_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Fanbao Liu, Tao Xie. How to Break EAP-MD5. 6th International Workshop on Information Security Theory and Practice (WISTP), Jun 2012, Egham, United Kingdom. pp.49-57, ⟨10.1007/978-3-642-30955-7_6⟩. ⟨hal-01534313⟩

Share

Metrics

Record views

49

Files downloads

949