This worrying cyberattack targets one of the key protocols propping up the whole internet

Pls share this post


Listen to this article

Different devices, all over the internet, could be vulnerable to endpoint takeover, due to running a decades-old encryption protocol, experts have warned.

Academic researchers Sharon Goldberg, Miro Haller, Nadia Heninger, Mike Milano, Dan Shumow, Marc Stevens, and Adam Suhl recently published a paper detailing how multiple devices, including industrial controllers, telecommunications services, and others, built by 90 different vendors, still operate on Remote Authentication Dial-In User Service, or RADIUS for short, which was first introduced back in 1991. 

RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service. It was developed to authenticate remote users and grant them access to the network while ensuring that their actions are logged and monitored.

READ ALSO  Would you eat a robot? Swiss scientists want to create fully edible electronics — but I am not sure I want to have a bite at R2D2 anytime soon

MD5 woes

When a user tries to connect to a network, a request is sent to a RADIUS server, which verifies their identity by checking their credentials, such as a username and password, against a database. If the credentials are correct, the RADIUS server authorizes the user to access the network and specifies the level of access granted. It also keeps a record of the user’s activity, including the duration of their session and the resources they accessed.

Despite being decades old, RADIUS is still used for VPN access, DSL and Fiber, Wi-Fi and 802.1X authentication, 2G and 3G roaming, 5G Data Network Name authentication, mobile data offloading, and more. 

READ ALSO  How to bring the same B2C customer experience to B2B customers

“The core of the RADIUS protocol predates modern secure cryptographic design,” the researchers said in the paper. “Surprisingly, in the two decades since Wang et al. demonstrated an MD5 hash collision in 2004, RADIUS has not been updated to remove MD5. In fact, RADIUS appears to have received notably little security analysis given its ubiquity in modern networks.”

MD5 was a widely used cryptographic hash function, but over time it was found to be flawed, which is why since 2012 it was being phased out. 

Now, the researchers are saying that many of the 90 vendors have already implemented short-term fixes and are currently working on long-term solutions.

READ ALSO  China Using AI-Generated Content to Sow Division in US, Microsoft Finds

More from TechRadar Pro

Source



Pls share this post
Previous articleMovavi Video Editor makes creating content a breeze with AI-powered tools
Next articleElon Musk gives an update on Neuralink’s brain-chip business. These are 5 things you can expect in the near future.