EAP-MD5 provides one-way client authentication. The server sends the client a random
challenge. The client proves its identity by hashing the challenge and its password with
MD5. What is the problem with EAP-MD5?

A.
EAP-MD5 is vulnerable to dictionary attack over an open medium and to spoofing
because there is no server authentication.

B.
EAP-MD5 communication must happen over an encrypted medium, which makes it
operationally expensive.

C.
EAP-MD5 is CPU-intensive on the devices.

D.
EAP-MD5 not used by RADIUS protocol.