"Computer Scientists Discover Vulnerabilities in a Popular Security Protocol"
The Remote Authentication Dial-In User Service (RADIUS) protocol, a widely used security protocol dating back to the days of dial-up Internet, has been found to contain vulnerabilities that leave many networked devices exposed to an attack and enable an adversary to gain control of traffic on an organization's network. A research team led by computer scientists from the University of California San Diego analyzed the RADIUS protocol, discovering a vulnerability they dubbed "Blast-RADIUS." According to the researchers, the vulnerability stems from the fact that RADIUS was created prior to proper cryptographic protocol design being well understood. This article continues to discuss the RADIUS protocol and the vulnerabilities found in it.
Submitted by grigby1