ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Cryptanalysis of Microsoft's point-to-point tunneling protocol (PPTP)
Full text PdfPdf (1.02 MB)
Source Conference on Computer and Communications Security archive
Proceedings of the 5th ACM conference on Computer and communications security table of contents
San Francisco, California, United States
Pages: 132 - 141  
Year of Publication: 1998
ISBN:1-58113-007-4
Authors
Bruce Schneier  Counterpane System, 101 East Mimehaha Parkway, Minneapolis, MN
Mudge  L0pht Heavy Industries, P.O. BOX 990857, Boston
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 61,   Citation Count: 4
Additional Information:

references   cited by   index terms   collaborative colleagues   peer to peer  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/288090.288119
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
BV98
L. Blunk and J. Vollbrecht, "PPP Extensible Authentication Protocol (EAP)," Network Working Group, RFC 2284, Mar 1998. ftp://ftp.isi.edu/innotes/ffc2284.txt.
 
CK78
T.M. Cover and R.C. King, '% Convergent Gambling Estimate of Entropy," IEEE Transactions on Information Theory, v. IT- 24, n. 4, Jul 1978, pp. 413-421.
 
HLFT94
S. Hanks, T. Li, D. Farinacci, and P. Traina, "Generic Routing Encapsulation (GRE)," Network Working Group, RFC 1701, Oct. 1994. ftp://ftp.isi.edu/in-notes/ffcl701.txt.
 
Hob97
Hobbit, "CIFS: Common Insecurities Fail Scrutiny," Avian Research, Jan 1997. http://www.avian.org.
 
HPV+97
K. Hamzeh, G.S. Pall, W. Verthein, J. Taarud, and W.A. Little, "Point-to-Point Ttmneling Protocol," internet Draft, IETF, Jul 1997. http://www.ietf.org/internetdrafts/draft-ietf-ppp ext-pptp-02.txt.
 
KSWH98
John Kelsey , Bruce Schneier , David Wagner , Chris Hall, Cryptanalytic Attacks on Pseudorandom Number Generators, Proceedings of the 5th International Workshop on Fast Software Encryption, p.168-188, March 23-25, 1998
 
Kle90
D.V. Klein, "Foiling the Cracker: A Security of, and Implications to, Password Security," Proceedings of the USENIX UNIX Security Workshop, Aug 1990, pp. 5-14.
 
Kli98
S. Klinger, "Ivlicrosoft PPTP and RRAS for Windows NT Server 4.0," LAN Times, Feb ??, 1998. http://www.lantimes.com/ 98/allowbreak 98feb/802b065b.html.
 
L97a
L0pht Heavy Industries Inc, L0phtcrack, 1997. http://www.L0pht.com/L0phtcrack/.
 
L97b
L0pht Heavy Industries Inc, ".4. L0phtCrack Technical Rant," Jul 1997. http:// www.10pht.com/10phtcrack/rant.html.
 
LS92
B. Lloyd and W. Simpson, "PPP Authentication Protocols," Network Working Group, RFC 1334, Oct 1992. ftp://ftp.isi.edu/innotes/rfc1334.txt.
 
Mey96
G. Meyer, "The PPP Encryption Control Protocol (ECP)," Network Working Group, RFC 1968, Jun 1996. ftp://ftp.isi.edu/innotes/rfc1968.txt.
 
Mic96a
Microsoft Corporation, Advanced Windows NT Concepts, New Riders Publishing, 1996. Relevent chapter at http:// www.microsoft.com/communications/ nrpptp.htm.
 
Mic96b
Microsoft Corporation, "Pont-to-Point Tunneling Protocol (PPTP) Frequently Asked Questions," Jul 199s. http://p~emium.~cro~on.co~/~d~/ library/bkgrnd/html/pptpfax.htm.
 
Mic97
Microsoft Corporation, "Response to Security Issues Raised by the L0phtcrack Tool," Apr 1997, http://www.microsoft.com/ security/10phtcrack.htm.
 
Mic98
Microsoft Corporation, "Clarification on the L0phtcrack 2.0 Tool." Mar 1998. http:// www.microsoft.com.security/10pht20.htm.
MB97
Peter Mudge , Yobie Benjamin, De´ja` vu all over again, BYTE, v.22 n.11, p.81-86, Nov. 1997
 
NBS77
National Bureau of Standards, NBS FIPS PUB 46, "Data Encryption Standard," National Bureau of Standards, U.S. Department of Commerce, Jan 1977.
 
NIST93
National Institute of Standards and Technology, "Secure Hash Standard," U.S. Department of Commerce, May 93.
 
Pal96a
G.S. Pall, "Microsoft Point-to-Point Compression (MPPC) Protocol," Network Working Group Intemet Draft, Jul 1996.
 
Pal96b
G.S. Pall, '~Iicrosoft Point-to-Point Encryption (MPPE) Protocol," Network Working Group Internet Draft, Jul 1996.
 
PZ98
G.S. Pall and G. Zorn, '~Iicrosoft Point-to- Point Encryption (MPPE) Protocol," Network Working Group, Internet Draft, IETF, Mar 1998. http://www.ietf.org/intemetdrafts/draft-ietf-ppp ext-mpp e-00.txt.
 
Ran96
D. Rand, "The PPP Compression Control Protocol (CCP)," Network Working Group, RFC 1962, Jun 1996. ftp:/}ftp.isi.edu/innotes/rfc1962.txt.
 
RP94
J. Reynolds and J. Postel, "Assigned Numbers," Networking Group, Std 2, RFC 1700, Oct 1994. ftp://ftp.isi.edu/in-notes/ rfc1700.txt.
 
Riv91
Ronald L. Rivest, The MD4 Message Digest Algorithm, Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology, p.303-311, August 11-15, 1990
 
Sch96
B. Schneier Applied Cryptography, 2nd Edition, John Wiley & Sons, 1996.
 
Sim94
W. Simpson, "The Point-to-Point Protocol (PPP)," Network Working Group, STD 51, RFC 1661,, Jul 1994. ftp://ftp.isi.edu/innotes/rfc1661.txt.
 
Sim96
W. Simpson, "PPP Challenge Handshake Authentication Protocol (CHAP)" Network Working Group, RFC 1334, Aug 1996. ftp://ftp.isi.edu/in-notes/rfc1994.txt.
 
ZC98
G. Zorn and S. Cobb, "Microsoft PPP CHAP Extensions," Network Working Group Intemet Draft, Mar 1998. http://www.ietf.org/internet-drafts/ draft-ietf-pppext-mschap-00.txt.

CITED BY  4
Nikita Borisov , Ian Goldberg , David Wagner, Intercepting mobile communications: the insecurity of 802.11, Proceedings of the 7th annual international conference on Mobile computing and networking, p.180-189, July 2001, Rome, Italy
 
F. Bergadano , B. Crispo , M. Eccettuato, Secure WWW transactions using standard HTTP and Java applets, Proceedings of the 3rd conference on USENIX Workshop on Electronic Commerce, p.10-10, August 31-September 03, 1998, Boston, Massachusetts
 
Rogério de Paula , Xianghua Ding , Paul Dourish , Kari Nies , Ben Pillet , David F. Redmiles , Jie Ren , Jennifer A. Rode , Roberto Silva Filho, In the eye of the beholder: a visualization-based approach to information system security, International Journal of Human-Computer Studies, v.63 n.1-2, p.5-24, July 2005
Paul Dourish , David Redmiles, An approach to usable security based on event monitoring and visualization, Proceedings of the 2002 workshop on New security paradigms, September 23-26, 2002, Virginia Beach, Virginia

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.0 General

          Nouns: Microsoft Windows NT

Additional Classification:
  C. Computer Systems Organization
  C.2 COMPUTER-COMMUNICATION NETWORKS

  E. Data


General Terms:
Design, Measurement, Performance, Security, Standardization, Theory

Collaborative Colleagues:
Bruce Schneier: colleagues
Mudge: colleagues

Peer to Peer - Readers of this Article have also read:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2008 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player