Revision as of 20:35, 23 October 2014 edit Cellarroot (talk \| contribs) 9 edits No edit summary ← Previous edit		Revision as of 20:37, 23 October 2014 edit undo Cellarroot (talk \| contribs) 9 edits No edit summary Next edit →
Line 1: In [[computing]], the '''Challenge-Handshake Authentication Protocol''' ('''CHAP''') [[authentication\|authenticates]] a user or network host to an authenticating entity. That entity may be, for example, an [[Internet service provider]]. CHAP is specified in RFC 1994. CHAP provides protection against [[replay attack]]s by the peer through the use of an incrementally changing identifier and of a variable challenge-value. CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network. Thus, CHAP provides better security as compared to [[Password Authentication Protocol]] (PAP) which ~~does~~is ~~send~~vulnerable ~~plaintext~~for ~~over~~both ~~the~~these ~~network link~~reasons. The [[MS-CHAP]] variant does not require either peer to know the plaintext and does not transmit it, but has been broken.<ref>{{cite web \|url=https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ \|title=Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate

Challenge-Handshake Authentication Protocol: Difference between revisions