!!! Overview
[{$pagename}] ([CHAP]) is defined in [RFC 1994] authenticates a user or network host to an authenticating entity. 

That [entity] may be, for example, an [Internet] [Service Provider]. CHAP is specified in RFC 1994.

[{$pagename}] provides protection against [replay attacks] by the peer through the use of an incrementally changing identifier and of a variable challenge-value. 

[{$pagename}] requires that both the [client] and [server] know the [plaintext] of the [credential], although it is never sent over the network. Thus, [{$pagename}] provides better security as compared to [Password Authentication Protocol] ([PAP]) which is vulnerable for both these reasons. 

The [MS-CHAP] variant does not require either peer to know the [plaintext] [credential] and does not transmit [MS-CHAP], but has [vulnerability].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]