[cryptography] Cryptanalysis of RADIUS MD5 cipher?

Thor Lancelot Simon tls at panix.com
Wed Feb 4 08:22:03 EST 2015

For at least 15 years there's been general grumbling that the MD5 based
stream cipher used for confidentiality in RADIUS looks like snake oil.

Given how widely used the protocol is, and the failure of various successor
protocols (cute names and all -- TANGENT anyone?) I have always been surprised
that the cipher seems not to have received any serious cryptanalytic
attention.  On the other hand I am not mathy enough to frequently read the
primary literature.

Does anyone know of any work that's been done on this?


More information about the cryptography mailing list