包阅导读总结
1.
关键词:RADIUS 协议、漏洞、网络设备、MD5、攻击
2.
总结:安全研究团队发现 RADIUS 协议存在重大漏洞,可被攻击者利用获取网络设备的未授权访问。该漏洞利用 MD5 弱点,影响 RADIUS/UDP 认证模式,除使用 EAP 及通过 TLS 发送的流量。研究者提出了多种缓解措施。
3.
主要内容:
– RADIUS 协议漏洞
– 安全研究团队发现广泛使用的 RADIUS 协议存在显著漏洞
– 可能导致攻击者未经授权访问网络设备
– 漏洞原理
– 利用 MD5 加密哈希函数的弱点
– 被称为“Blast-RADIUS”,可操纵认证响应
– 研究与应对
– 多机构合作研究开发攻击
– CERT 为漏洞分配编号
– 研究者克服诸多挑战展示概念验证攻击
– 影响范围与缓解措施
– 影响除特定模式外的 RADIUS/UDP 认证
– 建议过渡到 RADIUS over TLS 等措施
– 强调更新网络协议的挑战及持续警惕的必要性
思维导图:
文章来源:infoq.com
作者:Matt Saunders
发布时间:2024/7/24 0:00
语言:英文
总字数:614字
预计阅读时间:3分钟
评分:85分
标签:网络安全,网络安全,RADIUS 协议,漏洞,MD5 利用
以下为原文内容
本内容来源于用户推荐转载,旨在分享知识与观点,如有侵权请联系删除 联系邮箱 media@ilingban.com
A team of security researchers has discovered a significant vulnerability in the widely used RADIUS (Remote Authentication Dial-In User Service) protocol. This vulnerability could potentially allow attackers to gain unauthorised access to network devices. Cloudflare staff detailed the findings in a blog post, highlighting the ongoing challenges of maintaining security in long-standing network protocols.
RADIUS, first designed in 1991, remains a vital authentication protocol for remote access to routers, switches, and other networking equipment. Despite advancements in cryptography, RADIUS has continued to rely on outdated security measures, particularly when used over UDP (User Datagram Protocol).
The newly discovered vulnerability, dubbed “Blast-RADIUS,” exploits weaknesses in the MD5 cryptographic hash function, which has been known to be vulnerable since 2004. The attack allows a malicious actor positioned between a RADIUS client and server to manipulate authentication responses, potentially granting unauthorised administrative access to network devices.
Researchers from the University of California San Diego, CWI Amsterdam, Microsoft, and BastionZero collaborated on developing the attack. In response, CERT has assigned CVE-2024-3596 and VU#456537 to the vulnerability.
The attack targets the RADIUS Response Authenticator, an ad hoc message authentication code based on MD5. By leveraging improved MD5 collision techniques, attackers can forge valid RADIUS responses, turning Access-Reject messages into Access-Accept messages without knowing the shared secret between client and server.
To execute the attack, researchers had to overcome several challenges:
- Optimising MD5 collision attacks to work quickly enough on packets in flight
- Adapting the attack to fit within RADIUS protocol constraints
- Ensuring the attack works within the RADIUS/UDP packet format
/filters:no_upscale()/news/2024/07/radius-vulnerability/en/resources/1radius-attack-1721763374789.png)
The team demonstrated a proof-of-concept attack that could run in under five minutes using a cluster of ageing CPU cores and low-end GPUs. While this timeframe exceeds typical RADIUS timeout settings, the researchers note that a well-resourced attacker could optimise the attack further to work against default timeout configurations.
The vulnerability affects all RADIUS/UDP authentication modes except those using the Extensible Authentication Protocol (EAP). RADIUS traffic sent over TLS (sometimes called RADSEC) is not vulnerable to this specific attack.
In light of these findings, the researchers recommend several mitigations:
- Transitioning to RADIUS over TLS provides the most robust protection against this and potential future MD5-based attacks.
- For RADIUS/UDP deployments, the Message-Authenticator attribute (which uses HMAC-MD5) must be required and validated in all packets. This mitigation requires updates to both RADIUS clients and servers.
- Isolating RADIUS traffic on restricted-access management VLANs or tunnelling it over TLS or IPsec to make it more difficult for attackers to access.
The researchers emphasise that switching to RADIUS/TCP offers no security benefits, as it remains vulnerable to the same attack.
The researchers note that updating widely deployed network protocols like RADIUS can be challenging, especially given its use in legacy devices that may be difficult to upgrade. The hope is that this research will prompt network operators to review their RADIUS deployments and take advantage of patches released by vendors in response to this work. As cryptographic attacks continue to improve, constructions once considered “secure enough” may become vulnerable to practical exploits.
Writing on Reddit, user RandomMagnet notes that:
“This isn’t really new right? I mean it’s a MITM leveraging MD5’s weakness…”
User Skylis goes on to contextualise the vulnerability:
“If someone can MITM the auth packets from your network gear, you have bigger problems.”
While the immediate focus is on mitigating this specific vulnerability, the broader implication is the need for continued vigilance and proactive updating of security protocols across the networking industry. As attacks become more sophisticated, the gap between theoretical vulnerabilities and practical exploits continues to narrow. The researchers’ work shows the value of collaborative efforts between academia and industry in identifying and addressing critical security issues in widely deployed technologies.
