Re: PPTP and encryption / RC4 weaknesses

To: debian-security@lists.debian.org
Subject: Re: PPTP and encryption / RC4 weaknesses
From: Christoph Moench-Tegeder <ry04@rz.uni-karlsruhe.de>
Date: Mon, 4 Mar 2002 15:20:44 +0100
Message-id: <[🔎] 20020304152044.F28292@rz-ewok.rz.uni-karlsruhe.de>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20020304115828.GB7910@gnoll.homeip.net>; from jef@linuxbe.org on Mon, Mar 04, 2002 at 10:58:28PM +1100
References: <[🔎] 20020304115828.GB7910@gnoll.homeip.net>

## Jean-Francois Dive (jef@linuxbe.org):

> I was wondering: PPTP use RC4 up to 128 bit keys as an encryption mechanism. I'd like
> to have the impressions from people of the list about the cryptographic strenght of
> such algorithm, especially now that wireless WEP RC4 based encryption have been broken. 

PPTP can easily be broken if MS-CHAPv2 is used:
http://mopo.informatik.uni-freiburg.de/pptp_mschapv2/

Regards,
cmt

-- 
Spare Space

Reply to:

Follow-Ups:
- Re: PPTP and encryption / RC4 weaknesses
  - From: Jean-Francois Dive <jef@linuxbe.org>

References:
- PPTP and encryption / RC4 weaknesses
  - From: Jean-Francois Dive <jef@linuxbe.org>

Prev by Date: Re: iptables vs DHCP
Next by Date: Re: hosts.{allow,deny} vs iptables.
Previous by thread: PPTP and encryption / RC4 weaknesses
Next by thread: Re: PPTP and encryption / RC4 weaknesses
Index(es):
- Date
- Thread