EAP-MD5 provides one-way client authentication. The server sends the client a random challenge.
The client proves its identity by hashing the challenge and its password with MD5. What is the
problem with EAP-MD5?

A.
EAP-MD5 is vulnerable to dictionary attack over an open medium and to spoofing because
there is no server authentication.

B.
EAP-MD5 communication must happen over an encrypted medium, which makes it
operationally expensive.

C.
EAP-MD5 is CPU-intensive on the devices.

D.
EAP-MD5 not used by RADIUS protocol.

Explanation: