Challenge-handshake authentication protocol

related topics
{system, computer, user}
{math, number, function}
{law, state, case}
{style, bgcolor, rowspan}

In computing, the Challenge-Handshake Authentication Protocol (CHAP) authenticates a user or network host to an authenticating entity. That entity may be, for example, an Internet service provider.

CHAP provides protection against playback attack by the peer through the use of an incrementally changing identifier and of a variable challenge-value. CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network.

Microsoft has implemented a variant of the Challenge-handshake authentication protocol, called MS-CHAP, which does not require either peer to know the plaintext.


Working Cycle

CHAP is an authentication scheme used by Point to Point Protocol (PPP) servers to validate the identity of remote clients. CHAP periodically verifies the identity of the client by using a three-way handshake. This happens at the time of establishing the initial link, and may happen again at any time afterwards. The verification is based on a shared secret (such as the client user's password).

CHAP Packets

See also


Full article ▸

related documents
Application programming interface
Pseudorandom noise
Nano (text editor)
Distributed database
Truncated binary exponential backoff
Alternating bit protocol
Type code
Layout engine
Java remote method invocation
Binary image
Scanline rendering
Cacti (software)
Wavelet compression
Sinclair Scientific
End-to-end connectivity
Acme (text editor)
Netwide Assembler
Mail transfer agent
Wikipedia:Federal Standard 1037C terms/telecommunications encryption terms
Badtrans (computer worm)
Pico (text editor)
8-bit clean
Common management information service
Private line
COM (hardware interface)