MS-CHAPv2 Cryptanalysis

This analysis has odd timing. In the past few days, as part of a "argument" for wireless L2 encryption, I viewed a demo of a MiTM attack on PPTP from a wireless client. Note to all: you need integrity checking at the L2 level. ARP-based attacks are still possible for wireless, IPSec/PPTP/other L3 tunnels absolutely suck for wireless! (via NetSec)