Breaking PPTP VPNs via RADIUS Encryption

  • Matthias HorstEmail author
  • Martin Grothe
  • Tibor Jager
  • Jörg Schwenk
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10052)


We describe an efficient cross-protocol attack, which enables an attacker to learn the VPN session key shared between a victim client and a VPN endpoint. The attack recovers the key which is used to encrypt and authenticate VPN traffic. It leverages a weakness of the RADIUS protocol executed between a VPN endpoint and a RADIUS server, and allows an “insider” attacker to read the VPN traffic of other users or to escalate its own privileges with significantly smaller effort than previously known attacks on MS-CHAPv2.


Stream Cipher Virtual Private Network Radius Server Random Nonce Client Response 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    The Point-to-Point protocol (PPP). RFC 1661, IETF, July 1994Google Scholar
  2. 2.
    Aboba, B.D., Calhoun, P.: RADIUS (remote authentication dial in user service) support for extensible authentication protocol (EAP). RFC 3579, IETF, September 2003Google Scholar
  3. 3.
    Amy, V.: The state of the art in key cracking (2016).
  4. 4.
    Eisinger, J.: Exploiting known security holes in microsoft’s PPTP authentication extensions (MS-CHAPv2). University of Freiburg [cit. 27 May 2008], Dostupné (2001)Google Scholar
  5. 5.
    Hamzeh, K., Pall, G., Verthein, W., Taarud, J., Little, W., Zorn, G.: Point-to-Point tunneling protocol. RFC 2637, IETF, July 1999Google Scholar
  6. 6.
    Hanks, S., Li, T., Farinacci, D., Traina, P.: Generic routing encapsulation (GRE). RFC 1701, IETF, October 1994Google Scholar
  7. 7.
    Marlinspike, M.M., Hulton, D., Ray, M.: Defeating PPTP VPNs and WPA2 enterprise with MS-CHAPv2. Defcon, July 2012Google Scholar
  8. 8.
    Ornaghi, A., Valleri, M.: Man in the middle attacks demos. Blackhat 19 (2003)Google Scholar
  9. 9.
    Pall, G., Zorn, G.: Microsoft Point-To-Point encryption (MPPE) protocol. RFC 3078, IETF, March 2001Google Scholar
  10. 10.
    Paterson, K.G., Poettering, B., Schuldt, J.C.N.: Big bias hunting in amazonia: large-scale computation and exploitation of RC4 biases (invited paper). In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 398–419. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-45611-8_21 Google Scholar
  11. 11.
    Project, F.S.: Freeradius server.
  12. 12.
    Rigney, C., Willens, S., Rubens, A., Simpson, W.: Remote authentication dial in user service (RADIUS). RFC 2865, IETF, June 2000Google Scholar
  13. 13.
    Schneier, B., Mudge, P.: Cryptanalysis of microsoft’s point-to-point tunneling protocol (PPTP), pp. 132–141. In: CCS (1998)Google Scholar
  14. 14.
    Site, T.O.P.: Detailed VPN comparison chart.
  15. 15.
    Zorn, G.: Microsoft PPP CHAP extensions, version 2. RFC 2759, IETF, January 2000Google Scholar
  16. 16.
    Zorn, G.: Deriving keys for use with microsoft Point-to-Point encryption (MPPE). RFC 3079, IETF, March 2001Google Scholar
  17. 17.
    Zorn, G., Leifer, D., Rubens, A., Shriver, J., Holdrege, M., Goyret, I.: RADIUS attributes for tunnel protocol support. RFC 2868, IETF, June 2000Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Matthias Horst
    • 1
    Email author
  • Martin Grothe
    • 1
  • Tibor Jager
    • 1
  • Jörg Schwenk
    • 1
  1. 1.Horst Görtz InstituteRuhr-University BochumBochumGermany

Personalised recommendations