1

I am wondering if there is a FIPS compliant solution for authenticating with a RADIUS server via .NET , such as http://code.google.com/p/radius-net/source/browse/trunk/radius-net/src/?r=4

The problem with the linked one that makes it not compliant with FIPS is the use of MD5, which is not a secure algorithm according to this standard.

Ben Voigt
  • 277,958
  • 43
  • 419
  • 720
Eton B.
  • 6,121
  • 5
  • 31
  • 43
  • possible duplicate of [Does RADIUS’s use of the MD5 algorithm make it not FIPS compliant for an application that allows RADIUS authentication?](http://stackoverflow.com/questions/3771256/does-radiuss-use-of-the-md5-algorithm-make-it-not-fips-compliant-for-an-applica) – Ben Voigt Dec 12 '11 at 22:35
  • @Ben Voigt: not a duplicate at all. the answer in that post states "So MD5-based Radius is out" , i am asking if there is a non-MD5-based Radius for .NET – Eton B. Dec 12 '11 at 22:36
  • 1
    If it didn't use MD5, it wouldn't be RADIUS. You should see if your authentication server supports any other protocol, such as Kerberos. – Ben Voigt Dec 12 '11 at 22:39
  • 1
    Ben: http://aboba.drizzlehosting.com/RADEXT/NIST-RADIUS.ppt implies that running RADIUS over IPsec would make it FIPS compliant. – Gabe Dec 12 '11 at 22:48
  • Sort of a pity RADIUS doesn't support different algorithms or a selection process. Anyway, [this article](http://www.untruth.org/~josh/security/radius/radius-auth.html) discusses how SHA-1 *could* benefit RADIUS. –  Dec 12 '11 at 22:49
  • Someone desiring FIPS validation doesn't necessarily use FIPS-validated components, but components which are amenable to future validation. Also the edit introduced bad grammar. So I rolled it back. – Ben Voigt Feb 15 '14 at 18:25

1 Answers1

2

MD5 makes the whole RADIUS protocol non-compliant, not just one particular client.

See Does RADIUS’s use of the MD5 algorithm make it not FIPS validated for an application that allows RADIUS authentication?

There is no such thing as a FIPS-compliant implementation of an algorithm that isn't FIPS-compliant.

And you've been told this before: Override MD5 to make it FIPS validated?

Community
  • 1
  • 1
Ben Voigt
  • 277,958
  • 43
  • 419
  • 720
  • I am currently reading http://aboba.drizzlehosting.com/RADEXT/NIST-RADIUS.ppt which implies there is a way to make RADIUS not use MD5. If anything, your linked answer implies that there is a non-MD5-based implementation of RADIUS (server modification taken into consideration) – Eton B. Dec 12 '11 at 22:51
  • 1
    @EtonB It says no such thing about a non-MD5 RADIUS (and actually says removing/replacing MD5 is infeasible to do -- "requires a *major* protocol change"). Rather, the presentation argues that FIPS-compliance can be achieved *when RADIUS is [only] used in certain encrypted channels*, such as IPSec. –  Dec 12 '11 at 22:53
  • @pst Thanks for the clarification, I was reading the presentation wrong (probably my lazy self wanted things to work easily). Do you have any insight as to what could need to be modified in the library I provided to gain advantage of using RADIUS over IPSec? – Eton B. Dec 12 '11 at 23:00
  • @EtonB IPSec [generally] runs at a lower level, so it seems like the server would remain unchanged, and the "solution as a whole" would account for the IPSec security requirement (perhaps a firewall/proxy to a local-only server), and then some pretty lawyer-written FIPS statement of why it's okay if said "sub module" uses MD5 as the "real data transfer" happens over IPSec. Of course, I'm no lawyer, FIPS or otherwise :) –  Dec 12 '11 at 23:12
  • @EtonB Of course, in a way, that sort of defeats RADIUS to begin with :) How do *other* products/solutions address this? –  Dec 12 '11 at 23:19
  • @pst The thing is that even though a person might evaluate the application and accept it as FIPS compliant for the reasons you mentioned, Windows will make the application throw an exception as soon as an MD5 object is instantiated. I'm still researching for another algorithm I could use instead of MD5 and remain compatible with RADIUS over IPSEC... – Eton B. Dec 13 '11 at 00:12
  • @EtonB If modifying the server is required *anyway* -- either a different algorithm or a different library/access method for the same algorithm -- then the linked answer in the reply is valid? –  Dec 13 '11 at 01:17
  • @Eton: You could probably get a module FIPS certified if it were running RADIUS over IPSec. I have certified modules that authenticate web sessions with MD5, and what makes it possible is that the web sessions are running over TLS with a FIPS-certified cipher. But that's neither here nor there because you'll never be able to use MD5 from a FIPS-certified encryption module (like Windows' bcrypt.dll). A module (bcrypt.dll still) will not pass certification if it exposes MD5 for direct use like that, so you will have to use an MD5 implementation from a non-FIPS encryption module. – indiv Dec 13 '11 at 18:15
  • @Ben Voigt - "There is no such thing as a FIPS-compliant..." - there's not such things a FIPS Compliant. Its either *FIPS Validated* cryptography, or its not. I know NIST and DHS pulled a bunch of switches made by a vendor in US Federal because the company's marketing department claimed "FIPS Complaint" rather than "FIPS Validated". – jww Feb 15 '14 at 16:19
  • @noloader: There's no such thing as being certified FIPS-compliant, only FIPS-validated, that is true. But from a development perspective, there are things which are compliant (capable of later being certified), and things which are not. – Ben Voigt Feb 15 '14 at 18:01
  • @Ben Voigt - There no such thing as FIPS certified, either ;) – jww Feb 15 '14 at 18:10
  • @noloader: "FIPS-validated" is a certification. You need something that is compatible with being so certified, if you want to ever get the "FIPS-validated" label. Right? – Ben Voigt Feb 15 '14 at 18:16