| Challenge-handshake Authentication Protocol |
Shopping Protocol |
Website Links For Authentication |
Information AboutChallenge-handshake Authentication Protocol |
| CATEGORIES ABOUT CHALLENGE-HANDSHAKE AUTHENTICATION PROTOCOL | |
| cryptographic protocols | |
| authentication methods | |
| internet protocols | |
|
. CHAP is an authentication scheme used by Point To Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the Client by using a Three-way Handshake . This happens at the time of establishing the initial Link , and may happen again at any time afterwards. The verification is based on a Shared Secret (such as the client user's password). # After the completion of the link establishment phase, the authenticator sends a "challenge" message to the peer. # The peer responds with a value calculated using a One-way Hash Function , such as an MD5 Checksum Hash . # The authenticator checks the response against its own calculation of the expected hash value. If the values match, the authenticator acknowledges the authentication; otherwise it should terminate the connection. # At random intervals the authenticator sends a new challenge to the peer and repeats steps 1 through 3. CHAP provides protection against Playback Attack by the peer through the use of an incrementally changing identifier and of a variable challenge-value. CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network. Microsoft has implemented a variant of the Challenge-handshake authentication protocol, called MS-CHAP , which does not require either peer to know the plaintext. WORKING CYCLE
CHAP PACKETS CHAP packet embedded in a PPP frame. The protocol field has a value of C223(hex) SEE ALSO REFERENCES
|
|
|