Skip to Main Content
RADIUS
book

RADIUS

by Jonathan Hassell
October 2002
Intermediate to advanced content levelIntermediate to advanced
206 pages
8h 30m
English
O'Reilly Media, Inc.
Content preview from RADIUS

Authenticator

The authenticator region, often 16-octets long, is the field in which the integrity of the packet’s payload is inspected and verified. In this field, the most important octet—the value used to authenticate replies from the accounting server—is transmitted before any other.

There are two distinct types of authenticators: the request and response authenticators. Request authenticators, consisting of 16-octet MD5 checksums, are computed using a hash generated from the code, identifier, length, attributes, shared secrets, and 16 “zeroed-out” octets. The value returned from this hash is then placed into the authenticator field.

Tip

It’s important to notice the distinction between how the request authenticator is computed in the accounting phase and the authentication/authorization phase. The difference lies squarely in the fact that in accounting packets, the User-Password attribute is not included.

The response authenticator is calculated in much the same way as the request authenticator. An MD5 hash is generated using the values from the code, identifier, length, request authenticator from the original request, and response attributes; the value from this hash is placed in the authenticator field.

It also is important to point out that some early RADIUS and NAS implementations send some accounting packets with the authenticator region set to all zeroes. While the RFCs have been modified to specifically forbid this behavior, for backward compatibility purposes some RADIUS ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

TCP/IP Illustrated, Volume 1: The Protocols, 2nd Edition

TCP/IP Illustrated, Volume 1: The Protocols, 2nd Edition

Kevin R. Fall, W. Richard Stevens
TCP/IP Guide

TCP/IP Guide

Charles M. Kozierok

Publisher Resources

ISBN: 0596003226Errata Page