RADIUS/UDP vulnerable to improved MD5 collision attack

The MD5 cryptographic hash function, first broken in 2004, continues to be used in network protocols despite advancements in cryptography. One such protocol is RADIUS (Remote Authentication Dial-In User Service), which remains critical for remote access authentication and has been found vulnerable to an improved attack exploiting MD5's weaknesses. This post discusses the attack, its implications, and potential mitigations, including transitioning to RADIUS over TLS or requiring the Message-Authenticator attribute in all modes of RADIUS/UDP.