Cryptanalysis of Microsoft's Point-to-Point Tunneling Protocol (PPTP)

B. Schneier and Mudge

Proceedings of the 5th ACM Conference on Communications and Computer Security, ACM Press, November 1998, pp. 132-141.

ABSTRACT: The point-to-point tunneling protocol is used to secure PPTP connections over TCP/IP links. In this paper we analyze Microsoft’s Windows NT implementation of PPTP. We show how to break both the challenge/response authentication protocol (Microsoft CHAP) and the RC4 encryption protocol (MPPE), as well as how to attack the control channel in Microsoft’s implementation. These attacks do not necessarily break PPTP, but only Microsoft’s implementation of the protocol.

[full text – PDF (Acrobat)] [full text – postscript)] [Russian translation – HTML]

Categories: Protocol Analyses

Sidebar photo of Bruce Schneier by Joe MacInnis.