%0 Conference Proceedings
%T How to Break EAP-MD5
%+ School of Computer [Chine]
%A Liu, Fanbao
%A Xie, Tao
%Z Part 3: Protocols (Short Papers)
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 6th International Workshop on Information Security Theory and Practice (WISTP)
%C Egham, United Kingdom
%Y Ioannis Askoxylakis
%Y Henrich C. Pöhls
%Y Joachim Posegga
%I Springer
%3 Information Security Theory and Practice. Security, Privacy and Trust in Computing Systems and Ambient Intelligent Ecosystems
%V LNCS-7322
%P 49-57
%8 2012-06-20
%D 2012
%R 10.1007/978-3-642-30955-7_6
%K EAP-MD5
%K IEEE 802.1X
%K Challenge and Response
%K Length Recovery
%K Password Cracking
%K Rainbow Table
%Z Computer Science [cs]Conference papers
%X We propose an efficient attack to recover the passwords, used to authenticate the peer by EAP-MD5, in the IEEE 802.1X network. First, we recover the length of the used password through a method called length recovery attack by on-line queries. Second, we crack the known length password using a rainbow table pre-computed with a fixed challenge, which can be done efficiently with great probability through off-line computations. This kind of attack can also be implemented successfully even if the underlying hash function MD5 is replaced with SHA-1 or even SHA-512.
%G English
%Z TC 11
%Z WG 11.2
%2 https://inria.hal.science/hal-01534313/document
%2 https://inria.hal.science/hal-01534313/file/978-3-642-30955-7_6_Chapter.pdf
%L hal-01534313
%U https://inria.hal.science/hal-01534313
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-TC11
%~ IFIP-WISTP
%~ IFIP-WG11-2
%~ IFIP-LNCS-7322