Researchers have discovered a vulnerability in the widely used Radius authentication protocol. It contains a collision bug that makes it possible to carry out a man-in-the-middle attack. This is possible because server authentication works on the MD5 hash algorithm.
Researchers call this weakness Explosion radius. This is also where the vulnerability lies: in the Remote Authentication Dial-Up User Service protocol. This is an old authentication protocol, but it is still widely used and is primarily used in business networking equipment. It is also used to establish connections in fiber optic connections or VPNs. The vulnerability is traced to CVE-2024-3596According to the researchers, all Radius applications that run over UDP are vulnerable. Several manufacturers have now released patches for this bug. The researchers recommend that administrators turn to those specific manufacturers for a solution. In addition to the researchers Description of relief.
The vulnerability is actually an MD5 collision attack, but according to the researchers, it is more sophisticated than a regular attack. Radius still uses MD5, a hashing algorithm that has not been considered secure for at least twenty years. “Although MD5 collision was first demonstrated in 2004, it does not appear possible to exploit it in the context of the Radius protocol,” the researchers wrote.
The vulnerability lies in the way Radius validates the access acceptance response when creating authentication. This is done using an MD5 hash that times out after a few minutes. As a result, a serious collision attack would not have been possible, as the attacker would need more than a few minutes to do so.
Researchers now say what is called Selected prefixCollision. This is possible because access request packets do not contain integrity checks. In their attack, the researchers demonstrated that they could prefix an access request with its prefix, making it easier to perform a collision.
In practice, the researchers say, such a collision would still take minutes to occur. They created a proof of concept where it took them three to six minutes to calculate the collision. But the researchers note that their algorithm could easily be optimized on different machines, allowing an attacker with the right resources to work tens to hundreds of times faster.