Re: PPTP and encryption / RC4 weaknesses

To: debian-security@lists.debian.org
Subject: Re: PPTP and encryption / RC4 weaknesses
From: Jean-Francois Dive <jef@linuxbe.org>
Date: Tue, 5 Mar 2002 11:41:06 +1100
Message-id: <[🔎] 20020305004106.GA497@gnoll.homeip.net>
In-reply-to: <[🔎] 20020304152044.F28292@rz-ewok.rz.uni-karlsruhe.de>
References: <[🔎] 20020304115828.GB7910@gnoll.homeip.net> <[🔎] 20020304152044.F28292@rz-ewok.rz.uni-karlsruhe.de>

On Mon, Mar 04, 2002 at 03:20:44PM +0100, Christoph Moench-Tegeder wrote:
thanks, this confirm me that i really have to avoid it ;)

cheers,

JeF

> ## Jean-Francois Dive (jef@linuxbe.org):
> 
> > I was wondering: PPTP use RC4 up to 128 bit keys as an encryption mechanism. I'd like
> > to have the impressions from people of the list about the cryptographic strenght of
> > such algorithm, especially now that wireless WEP RC4 based encryption have been broken. 
> 
> PPTP can easily be broken if MS-CHAPv2 is used:
> http://mopo.informatik.uni-freiburg.de/pptp_mschapv2/
> 
> Regards,
> cmt
> 
> -- 
> Spare Space
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 

-- 
-> Jean-Francois Dive
--> jef@linuxbe.org

Reply to:

References:
- PPTP and encryption / RC4 weaknesses
  - From: Jean-Francois Dive <jef@linuxbe.org>
- Re: PPTP and encryption / RC4 weaknesses
  - From: Christoph Moench-Tegeder <ry04@rz.uni-karlsruhe.de>

Prev by Date: Fw: CERT Advisory CA-2002-06 Radius Vulnerabilities
Next by Date: Re: iptables vs DHCP
Previous by thread: Re: PPTP and encryption / RC4 weaknesses
Next by thread: iptables vs DHCP
Index(es):
- Date
- Thread