RADIUS Server Authentication
Hi Im in a dilemma on how this process works,especially about the shared key.
Im currently learning Fundamentals of Network Security and came across this chapter on access-control protocols where they talk about RADIUS,TACACS+ nad Kerberos.
I have never set up a Radius system before.
This is what the book says that got me confused.
"The shared secret is never sent out in the network".
If its never sent out how dpes the authentication happen? How does the R.Server knows that the R.Client is trustable by not exchanging secret key? How is the password encrypted?
These are the 2 websites that got me even confused. 1 stated that the secret key is used for encryption with MD5 together with a random Request Authenticator string and then the resulting hash would be XORed with the password.
The other stated the password would just directly go through a MD5 algorithm.
http://www.untruth.org/~josh/security/radius/radius-auth.html
http://www.giac.org/resources/whitepaper/access/157.php
Software/Hardware used:
Software/Hardware used:
ASKED:
November 20, 2010 3:28 PM
UPDATED:
November 22, 2010 11:15 PM
Answer Wiki:
As far as I remember, both the RADIUS client and server must have the shared key pre-configured and they will use it to encrypt/decrypt or sign the messages they exchange. They do not send the secret but use it to authenticate the messages they exchange.
-------------------
To see all answers submitted to the Answer Wiki: View Answer History.
RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
