Challenge-Handshake Authentication Protocol (CHAP) is defined in RFC 1994 authenticates a user or network host to an authenticating entity.

That entity may be, for example, an Internet Service Provider. CHAP is specified in RFC 1994.

Challenge-Handshake Authentication Protocol provides protection against replay attacks by the peer through the use of an incrementally changing identifier and of a variable challenge-value.

Challenge-Handshake Authentication Protocol requires that both the client and server know the plaintext of the credential, although it is never sent over the network. Thus, Challenge-Handshake Authentication Protocol provides better security as compared to Password Authentication Protocol (PAP) which is vulnerable for both these reasons.

The MS-CHAP variant does not require either peer to know the plaintext credential and does not transmit MS-CHAP, but has vulnerability.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-1) was last changed on 25-May-2017 16:04 by jim