Revision as of 20:32, 15 November 2017 edit 183.171.85.231 (talk) No edit summary Tags: Mobile edit Mobile app edit ← Previous edit		Revision as of 20:33, 15 November 2017 edit undo Payang wolf (talk \| contribs) 5 edits No edit summary Tags: Mobile edit Mobile app edit Next edit →
Line 1: In [[computing]], the '''Challenge-Handshake Authentication Protocol''' ('''CHAP''')) [[authentication\|authenticates]] a user or network host to an authenticating entity. That entity may be, for example, an [[Internet service provider]]. CHAP is specified in {{IETF RFC\|1994}}. CHAP provides protection against [[replay attack]]s by the peer through the use of an incrementally changing identifier and of a variable challenge-value. CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network. Thus, CHAP provides better security as compared to [[Password Authentication Protocol]] (PAP) which is vulnerable for both these reasons. The [[MS-CHAP]] variant does not require either peer to know the plaintext and does not transmit it, but has been broken.<ref>{{dead link\|date=April 2017}}{{cite web

Challenge-Handshake Authentication Protocol: Difference between revisions