Is RAS Safe?

Public-key algorithms are painfully slow. Thus, vendors usually use them only to encrypt session keys or digitally sign messages. Pretty good privacy (PGP) is a popular encryption program that lets people exchange files and messages in a private and convenient way. PGP offers a highly secure implementation of public-key technology to the masses. It uses RSA public-key cryptosystem and is faster than most other implementations of public-key cryptography.

Shared-key algorithms use the same key for encryption and decryption, which is why people often refer to them as symmetric algorithms. Vendors use shared-key algorithms more often than public-key algorithms in their encryption software because shared-key algorithms work much faster, especially when you're encrypting a large amount of data. The shared key (also called the shared secret) is usually the user's password, as is the case with NT 4.0. Two commonly used shared-key encryption standards are MD5-CHAP and Data Encryption Standard (DES).

MD5-CHAP
MD5-CHAP is an encryption scheme from RSA Data Security. It produces a 128-bit hash code of an input file. On a 32-bit architecture, MD5-CHAP provides a fast and simple algorithm that can process input in 512-bit blocks.

Various PPP vendors use MD5-CHAP. Microsoft RAS clients can use MD5-CHAP when connecting to third-party remote access servers. Although MD5-CHAP is available on the client side, it is not available on NT RAS servers because it requires servers to use a clear-text password.

DES
NT and Win95 clients automatically use DES when they communicate with an NT server over RAS. DES is a 64-bit symmetric block cipher that has a fixed key length of 56-bits. DES, a standard developed by the National Institute of Standards and Technology (NIST), uses an encryption key that is a binary number with 72 quadrillion possible combinations. Because each session uses a randomly selected encryption key, DES is a very secure encryption standard. DES is also fast. The encryption speed for DES on a Pentium 120MHz system is more than 1MBps.

Because DES is a US government standard, most people consider it a strong encryption scheme. But in June 1997, in response to RSA Data Security's $10,000 challenge, cryptography ex-perts decoded a message protected by 56-bit DES encryption. They checked 18 quadrillion keys until they found the correct key that revealed the encrypted message: "The unknown message is: Strong cryptography makes the world a safer place." Thus, cryptography experts believe that the 56-bit DES is not strong enough and recommend using 128-bit encryption instead. The 128-bit encryption requires 4.7 trillion billion times as much work as breaking 56-bit encryption.

NT 4.0 Options for Data Encryption
Microsoft recently released Routing and Remote Access Service (RRAS--formerly code-named Steelhead), which adds new capabilities to NT 4.0's RAS. (For more information about the differences between RAS and RRAS, see Mark Minasi, "Steelhead Swims into the Mainstream," August 1997, and Douglas Toombs, "Create a Virtual Private Network with RRAS," November 1997.) RRAS supports 256 simultaneous remote access connections, 48 demand-dial interfaces, and 16 LAN interfaces. Table 1 describes the authentication and encryption settings in NT 4.0 under RRAS.

One new capability that RRAS brings to NT 4.0 is the Require strong data encryption option. As Screen 1 shows, when you select the Require Microsoft encrypted authentication box, you can choose from two levels of encryption: Require data encryption or Require strong data encryption.

Require data encryption ensures that only encrypted data travels between the client and the server. RSA Data Security's RC4 algorithm provides this encryption. The clients must support MS-CHAP to take advantage of data encryption feature.

Require strong data encryption lets you use the strongest possible encryption scheme on your system. Thus, if you have 128-bit encryption on your system, this option forces you and those to whom you are connecting to use it. Therefore, you must make sure that the PC on the other end of your connection can negotiate a 128-bit encryption; otherwise, you will not be able to connect to the PC. Similarly, RAS clients and other routers must use the Require strong data encryption option if they want to connect with your system. RRAS does not support third parties' strong encryption options.

Another new capability is support for Remote Authentication Dial-In User Service. RADIUS is a protocol that provides remote authentication and accounting of dial-in users. A RADIUS database stores a profile of each user in the network. The profile contains permission, routing, packet-filtering, billing, and other data.