Techly NewsGet the app

Get the latest tech news

RADIUS protocol susceptible to forgery attacks


Blast-RADIUS is a vulnerability that affects the RADIUS protocol. RADIUS is a very common protocol used for authentication, authorization, and accounting (AAA) for networked devices on enterprise and telecommunication networks.

We introduce several improvements in speed, space, and scaling for the existing MD5 attacks to demonstrate that these collisions can be computed in at most minutes and can fit within RADIUS protocol attributes. Our MD5 collisions were computed after applying some optimizations to a 15-year-old proof-of-concept codebase, which we are running on CPUs mostly dating from seven to ten years ago, because these are the resources we have access to. Reimplementing hashclash in hardware, for example on FPGAs (Field Programmable Gate Arrays) or ASICs (Application-Specific Integrated Circuits) would likely improve the running time by a factor of ten to a hundred.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of forgery attacks

forgery attacks

Photo of RADIUS protocol

RADIUS protocol

« Microsoft, Apple Drop OpenAI Board Plans as Scrutiny Grows
US officials announce the takedown of an AI-powered Russian bot farm »