PPTP has become obsolete.

PPTP has become obsolete

What is PPTP?

PPTP stands for Point-to-Point Tunneling Protocol and was created with the help of Microsoft in the 1990s. It is a continuation of PPP and comes preinstalled on all versions of Windows since Windows 95. It was officially added into the Linux kernel on the 28th of October 2005.

Why is PPTP not secure?

The history of PPTP is filled with flaws that have been detected by security experts. The first incident happened back in 1998, when Bruce Schneier & Mudge published^[1] their findings regarding the authentication protocol MS-CHAPv1. The flaws that were found included:

• Hashing of passwords
• Vulnerability in the case of man-in-the-middle (MITM) attacks.
• Encryption – the possibility to decrypt data being sent through the protocol

Following the report made by Bruce Schneier, Microsoft released an update of the authentication protocol, named MS-CHAPv2. However, it didn’t take long before Bruce Schneier & Mudge published^[2] an essay detailing the security flaws in the new protocol.

In conclusion, MS-CHAPv2 will only be as secure as the password is in itself. This is problematic since it means that MS-CHAPv2 is vulnerable to, for example, dictionary attacks.

In 2012, it was revealed^[3] that a brute-force attack on MS-CHAPv2 has the complexity of just 2⁵⁶, meaning only one single DES key.

How do you intercept PPTP?

Since the complexity is just 2⁵⁶, it is very simple to brute-force the password and gain access to intercept all network traffic in plain text. Using the chapcrack application^[4], you can intercept a network for every MS-CHAPv2 ’handshakes’.

When the application finds a ‘handshake’, it can show all kinds of interesting information, such as user name, known plain text, and two known cipher texts, and it can also crack the third DES key.

The traffic that is passing through PPTP can in other words be seen as plain text. This means that VPN providers offering PPTP is offering a service that anyone can decrypt.

So why is PPTP still being used?

There are mainly two reasons why PPTP is still being used.

1. PPTP has come preinstalled on most operating systems for a long time.
2. It’s easy to get started. Nothing needs to be installed.

What can you do to increase the security?

The first thing you should do is to avoid PPTP altogether. Even Microsoft^[6] has gone as far as to say that you shouldn’t use PPTP. IKEv2 and Wireguard are the most secure alternative as far as VPN tunnels go.

Unfortunately, there is not a whole lot you can do if you’ve already purchased a PPTP subscription by another VPN provider that doesn’t want to change to OpenVPN.

What you can do is ask your provider what kind of authentication protocol they are using for PPTP. EAP-TLS^[8] is regarded as the most secure authentication protocol for PPTP to date. If your VPN provider is using EAP-TLS, you can sleep a little bit better at night, but the best alternative remains to be switching to IKEv2 or Wireguard. 

• WireGuard is much newer, released in 2015. It’s comparable to OpenVPN in terms of security and encryption, but many consider it faster and more reliable. VPN providers that build their own proprietary protocols tend to use WireGuard as the basis.
• IKEv2 is often paired with IPSec (Internet Protocol Security) to create a secure VPN tunnel. IKEv2/IPSec is lightweight and adequately secure. It’s also agile, since it’s one of the few protocols that can re-establish a VPN connection when you switch networks (e.g. from mobile data to Wi-Fi).