The Study Of Security For MS-PPTP Protocol

The Point-to-Point Tunneling Protocol (PPTP) was designed to solve this problem of creating and maintaining a VPN over a public TCP/IP network using the common Point-to-Point Protocol (PPP). Although the protocol leaves room for every type of encryption and authentication imaginable, most commercial products use the Microsoft Windows NT version of the protocol. This is the implementation that we analyze in this paper.After studying MS-PPTP protocol, we think that the security of a VPN is based on the security of its authentication and encryption protocols. If a VPN's cryptography is weak, then its security is no better than a non-private virtual network routed over the Internet. Since companies are relying upon VPNs to extend trusted internal permiters to remote offices, breaking the security around such a tunnel is tantamount to defeating all of the security around the internal permiter. Breaking into a VPN is often the same as penetrating the firewall.We have found Microsoft's authentication protocol to be weak and easily susceptible to a dictionary attack; most passwords can be recovered within hours. We have found the encryption (both 40-bit and 128-bit) to be equally weak, and have discovered a series of bad design decisions that make other attacks against this encryption possible. We can open connections through a firewall by abusing the PPTP negotiations, and can mount several serious denial-of-service attacks on anyone who uses Microsoft PPTP. We study deeply the aspects and make some measures to enhance the security of Microsoft PPTP.