LEAP weaknesses

MS-CHAPv2 weaknesses:

  • No salt in stored NT (double MD4) hashes - permits pre-computed dictionary attacks

  • Weak DES key selection for challenge/response

  • Username is sent in clear-text

LEAP client-AP Challenge/response weaknesses:

  1. The AP sends a random 8-byte challenge to the client

  2. The client uses a 16 byte NT hash (MD4) of the user password to generate 3 DES keys (NT1-NT7) (NT8-NT14) (NT15-NT16+"\0\0\0\0\0")

  3. Each DES key is used to encrypt the challenge (each generating 8 bytes of output) and the 24-byte response is sent back to the AP.

  4. The AP responds with a success or failure message