The User-Password Cipher Scheme
The way in which the User-Password
attribute is handled, on a very
general basis, is known as a stream cipher. A stream
cipher
is an encryption method that works with
continuous streams of input, which is usually a stream of plain-text
bits rather than fixed blocks; its opposite is a block
cipher
, which is an
encryption method that processes input in fixed blocks of input,
which are typically 64- or 128-bits long. A stream cipher generates a
keystream
,
and this is used in the encryption: when you combine this
keystream with the plain-text input stream using
the XOR operation, the contents of the stream are encrypted. The
generation of the keystream can be independent
of the plain text and
ciphertext
,
yielding what is termed a synchronous stream cipher, or it can depend
on the data and its encryption, in which case the stream cipher is
said to be self-synchronizing.
In the User-Password scheme, the first 16 octets act as a synchronous stream cipher, since the plain text input is independent of the keystream. However, after the first 16 octets, the keystream integrates the previous plain-text input and now becomes self-synchronizing. While this may seem overtly technical, the security of this cipher is questionable: the RADIUS protocol specification doesn’t make clear what the requirements are for this cipher. MD5 hashes are generally meant to be cryptographic hashes, not stream ciphers. There may be a security problem in this possible misuse. ...