(LiveHacking.com) — Moxie Marlinspike and David Hulton recently made a presentation at Defcon 20 on cracking MS-CHAPv2; now they have now integrated the techniques presented into the CloudCracker service.
MS-CHAP2 is an old authentication protocol which was first introduced by Microsoft with NT4.0 SP4 and Windows 98. Today, nearly 15 years later, the protocol is still widely used for PPTP VPNs, as well as in WPA2 Enterprise environments.
Since it was introduced the protocol has been analysed many times and various weaknesses have been found. These weaknesses severely reduce the complexity of brute-force attacks and made them realistic with modern hardware. Now Marlinspike and Hulton have reduced the complexity of breaking MS-CHAPv2 to that of breaking a single DES key.
David Hulton’s company, PicoComputing, which specializes in building FPGA hardware for cryptography applications, has built a box which can crack MS-CHAP2 in at most 24 hours and often in just half that amount of time.
The FPGAs (field programmable gate arrays) implement DES as a pipeline and can perform one DES operation per clock cycle. The box uses 48 cores at 450Mhz giving a performance of more than 18 billion keys/second.
The pair have also published a tool called chapcrack, which parses a network capture for any MS-CHAPv2 handshakes. For each handshake found, it outputs the username along with the various ciphertexts and a token which can be used directly with CloudCracker.
Once CloudCracker has cracked the authentication, the result can be put back into the chapcrack tool and it will decrypt the entire network capture (and all future captures for that user). Also the user’s VPN service will become exposed.
The power and ease of the cracking process now means that:
- All users and providers of PPTP VPN solutions should immediately start migrating to a different VPN protocol. PPTP traffic should be considered unencrypted.
- Enterprises who are depending on the mutual authentication properties of MS-CHAPv2 for connection to their WPA2 Radius servers should immediately start migrating to something else.