The User-Password Shared Secret
Since the
User-Password
attribute is protected by a stream
cipher, as described earlier, it’s certainly
possible for attackers to obtain information on the shared secret if
they can sniff network traffic and try to authenticate against a
RADIUS server. For example, an attacker could attempt to authenticate
using a password known to him. He then receives and captures an
Access-Request packet and uses a hash on a
combination of the protected portion of the
User-Password and the password he originally used.
Once that computation is complete, he has the result of the MD5
(shared secret + request authenticator) operation. He already knows
the request authenticator from his original request, so he can now
use a brute-force attack on the shared secret and determine it
offline.