Re: Wireless WPA2 MSCHAPv2

[Caroline Couture <caroline () POBOX UPENN EDU>]

Hi Frank,

I have a training meeting at 1:30 that I'm afraid might run late. How about we do next week. Just email me when you 
know you will be back. Are you trying to do this on your office computer or your Mac? I can try some testing before 
hand.

Caroline

"Vulnerability is not weakness. I define vulnerability as emotional risk, exposure, uncertainty. It fuels our daily 
lives. And I've come to the belief -- this is my 12th year doing this research -- that vulnerability is our most 
accurate measurement of courage -- to be vulnerable, to let ourselves be seen, to be honest." - Brene Brown

________________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Steve Bohrer 
[skbohrer () SIMONS-ROCK EDU]
Sent: Tuesday, July 31, 2012 11:36 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Wireless WPA2 MSCHAPv2

On Jul 31, 2012, at 8:58 AM, Parker, Ben C wrote:

> Reading through the news, I saw that at Defcon MSCHAPv2  has been
> effectively compromised. https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/This
>  includes the use of it in WPA2 connections to radius servers for
> authentication.  Per the article, the current recommendation for
> enterprise wireless deployments is to move to using client
> certificates for authentication.

I'm over my head on crypto stuff, but in discussion about this crack
on slashdot ( http://science.slashdot.org/story/12/07/30/167210/new-moxie-marlinspike-tool-cracks-crypto-passwords
  ) a couple of commenters suggest that the PEAP layer of PEAP-
MSCHAPv2 802.1x wireless auth protects the MSCHAPv2 from the sort of
sniffing that this crack exploits.

Here's quotes from two comments:

 From http://science.slashdot.org/comments.pl?sid=3014645&cid=40821639 :
"For WPA2-Enterprise the MSCHAPv2 session is usually wrapped in a PEAP
(SSL) session. This should be safe as long as your client is
configured to validate the server-side certificate only against CAs
that are not likely to be compromised (i.e. a rougue cert generated).
Preferably, one should also validate the certificate's subject
(usually the name of the RADIUS server)."


 From http://science.slashdot.org/comments.pl?sid=3014645&cid=40822837 :
"Those eduroam sites that use MSCHAPv2 use PEAP-MSCHAPv2. You have to
crack the PEAP before you can crack the MSCHAPv2."

Any of the experts here wish to confirm or deny if PEAP-MSCHAPv2 is
still okay in the face of this new tool?

Thanks,

Steve Bohrer
Network Admin
Bard College at Simon's Rock
413-528-7645