Content deleted Content added
Added reference to broken MS-CHAP |
m WP:CHECKWIKI error fix for #61. Punctuation goes before References. Do general fixes if a problem exists. - using AWB (9075) |
||
Line 1:
In [[computing]], the '''Challenge-Handshake Authentication Protocol (CHAP)''' [[authentication
CHAP provides protection against [[replay attack]]s by the peer through the use of an incrementally changing identifier and of a variable challenge-value. CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network. The [[MS-CHAP]] variant does not require either peer to know the plaintext, but has been broken
|url=https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/
|title=Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate
|publisher=[[Defcon|David Hulton]]
|year=2012
|accessdate=2013-03-10}}</ref>
==Working cycle==
CHAP is an authentication scheme used by [[Point to Point Protocol|Point to Point Protocol (PPP)]] servers to validate the identity of remote clients. CHAP periodically verifies the identity of the [[client (computing)|client]] by using a [[Handshaking|three-way handshake]]. This happens at the time of establishing the initial [[Link Control Protocol|link (LCP)]], and may happen again at any time afterwards. The verification is based on a [[shared secret]] (such as the client user's password).<ref name="Forouzan2007">{{cite book|author=Forouzan|title=Data Commn & Networking 4E Sie|url=http://books.google.com/books?id=6HaNKmfBK1oC&pg=PA352|accessdate=24 November 2012|year=2007|publisher=McGraw-Hill Education (India) Pvt Limited|isbn=978-0-07-063414-5|pages=352–}}</ref>
Line 75 ⟶ 76:
<references />
* RFC 1994 PPP Challenge Handshake Authentication Protocol (CHAP)
* RFC 2865 Remote Authentication Dial In User Service ([[RADIUS]]): ''uses [[
* RFC 3748 Extensible Authentication Protocol ([[Extensible Authentication Protocol|EAP]]): ''discusses CHAP''
| |||