Dec 09

Importance of The CHAP Protocol

CHAP Protocol

CHAP (Challenge Handshake Authentication Protocol) is an authentication method used by PPP servers to validate the identity of the peers using a 3-way handshake. It is used to establish the link and it also performs routine check-ups to check if the router is still communicating with the same device.

The verification is based on a shared secret but to authenticate, the identity verifying party (authenticator) sends a “challenge” message to the access requesting party (requestor). The requestor then responds with a value that is calculated using a one-way hash function which takes the challenge and the shared secret as the input data. The authenticator verifies the response against its own calculation of the expected hash value. The connection is successful if the values match or else it fails to establish the connection. Following the establishment of the authenticated link, the authenticator may send challenges at random intervals to the access requesting party to which they have to produce the correct response. As, a result the, CHAP provides better security than PAP.

Features of the CHAP protocol:

  1. It uses a three-way handshaking protocol.
  2. It uses a one-way cryptographic hash function called MD5.
  3. It authenticates periodically to check if the communication is taking place with the same host or not.
  4. It provides more security than Password Authentication Procedure (PAP) as the hash value calculated by the MD5 hash function changes variably.
  5. It requires to know the plaintext of the shared secret as it is never sent through the internet for protecting against eavesdropping.

Advantages of the CHAP protocol:

  1. It provides protection against the playback attack by the access requesting party through the use of an incrementally changing identifier and a variable challenge value.
  2. The authenticator is in the control of the timing and frequency of the challenges.
  3. It limits the time exposure to any single attack by the use of repeated challenges offered by the authenticator.
  4. CHAP can be negotiated from both directions using the same shared secret to authenticate mutually.
  5. It can be used to authenticate different systems where the name field can be used as an index to locate the secret value in a large table of secrets. So, it is possible for CHAP to support more than one name or secret pair per system, and it can also change the secret value in use at any time during the session.

Call Logitrain on 1800 159 151 today.

Looking for an IT Job?

Please call us on 1800 159 151, or complete the form below.

  • This field is for validation purposes and should be left unchanged.

Recent Posts

The supply of this course/package/program is governed by our terms and conditions. Please read them carefully before enrolling, as enrolment is conditional on acceptance of these terms and conditions. The sale price is valid for registrations between 01 Dec and 10 Jan.


Find out why we are the leading choice to help boost your career in Australia

Prepare to get IT job ready in 8 weeks

Trained 10,000+ professionals and counting

Experienced Provider: Operating Since 2004

Trained staff from 1000+ Australian Businesses

We Have Placed Candidates In

Over 1000 organisations have relied on Logitrain to be their trusted training partner.

High-quality, cost-effective training in Australia
Learn More
  • This field is for validation purposes and should be left unchanged.

Dont’ Wait. Fill the form for a free no-obligation information session with our course specialists.

About The Author

Train with Confidence with our Price Beat Guarantee

Hurry, Covid discounts on Job Programs end soon

Open chat