MSCHAPv2 Is Over Complicated & $#!T, So I Propose MSCHAPv3

Some “brilliant” “engineer” at Microsoft got paid way too much money to invent this non-sense protocol below:

[ Video: https://www.youtube.com/watch?v=sIidzPntdCM by Moxie Marlinspike]

So here, I’ll propose a simpler version, based on better algorithms, for free! Let’s call it, I don’t know… MSCHAPv3 and here’s it’s RFC:

Client [username & password stored in brain]
Server [username & password stored in file_hash = username:pre_salt;sha256(pre_salt + password + post_salt);post_salt]
       [pre_salt = random_char(16) & post_salt = random_char(16)]

Client [client_nonce = random_byte(32)]
Client ---> client_nonce                ---> Server
                                             Server [server_nonce = random_byte(32)]
Client <--- server_nonce                 user_hash                   ---> Server
Client <--- pre_salt + ";" + post_salt   chap_hash                   ---> Server
                                             Server [chap_hash = sha256(client_nonce + file_hash + server_nonce) & auth_stat = (OK or NO)]
Client <--- auth_stat                   <--- Server

And here’s the Python/Pseudo Code:

import hashlib
import random
file_hash = "jon:!@#$;086f15ae992ccf018f8b907681a855df80836448fd1240cad48f4fd4cd591c6a;%^&*"
client_nonce = str(random.getrandbits(32*8)) ; print("--->", client_nonce)
server_nonce = str(random.getrandbits(32*8)) ; print("", user_hash,"==",user_verify)
pre_salt = file_hash.split(":")[1].split(";")[0]
post_salt = file_hash.split(":")[1].split(";")[2] ; print("", chap_hash,"==",chap_verify)
auth_stat = ((user_hash == user_verify) and (chap_hash == chap_verify)) ; print("<---", auth_stat)

And here’s the public parts of the CHAP:

('--->', '56694872300446231399629229069920062364535355653875029722468457353192460920651')
('', 'e755ddaebc858e9cf681c07f875f10af57b2d824c3b3733d89811b7471997d22', '==', 'e755ddaebc858e9cf681c07f875f10af57b2d824c3b3733d89811b7471997d22')
('', '6d1f2bf581e65227f7d8ec88f7fe85090642e66a9bd754e3ee8bc4e7c185c431', '==', '6d1f2bf581e65227f7d8ec88f7fe85090642e66a9bd754e3ee8bc4e7c185c431')
('<---', True)

2 thoughts on “MSCHAPv2 Is Over Complicated & $#!T, So I Propose MSCHAPv3”

Adam Williamson says:

January 6, 2014 at 02:46

HAHAHA I AM TOTALLY SMART AND I REALLY UNDERSTAND YOUR CRYPTO ENGINEER JOKE REALLY I DO

*weeps*

Reply
Marco says:

January 17, 2025 at 07:47

This is horrible since use sha256.

You can implement bcrypt, scrypt or better argon2id as password hash system.

Reply

Leave a reply to Adam Williamson Cancel reply

Design a site like this with WordPress.com