This worrying cyberattack targets one of the key protocols propping up the whole internet

RADIUS is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users who connect and use a network service. It was developed to authenticate remote users and grant them access to the network while ensuring that their actions are logged and monitored.

MD5 woes

When a user tries to connect to a network, a request is sent to a RADIUS server, which verifies their identity by checking their credentials, such as a username and password, against a database. If the credentials are correct, the RADIUS server authorizes the user to access the network and specifies the level of access granted. It also keeps a record of the user's activity, including the duration of their session and the resources they accessed.

Despite being decades old, RADIUS is still used for VPN access, DSL and Fiber, Wi-Fi and 802.1X authentication, 2G and 3G roaming, 5G Data Network Name authentication, mobile data offloading, and more. 

“The core of the RADIUS protocol predates modern secure cryptographic design,” the researchers said in the paper. “Surprisingly, in the two decades since Wang et al. demonstrated an MD5 hash collision in 2004, RADIUS has not been updated to remove MD5. In fact, RADIUS appears to have received notably little security analysis given its ubiquity in modern networks.”

MD5 was a widely used cryptographic hash function, but over time it was found to be flawed, which is why since 2012 it was being phased out. 

Now, the researchers are saying that many of the 90 vendors have already implemented short-term fixes and are currently working on long-term solutions.

More from TechRadar Pro

• Massive Freecycle data breach could affect 7 million users
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now