Challenge Handshake Authentication Protocol

The Challenge Handshake Authentication Protocol (CHAP) is an authentication protocol that is used in the context of point- to-point protocol (PPP). PPP is located on the data link layer in the Internet protocol suite.

In addition to the CHAP implementation described in RFC still exist the variants MS- CHAPv1 (RFC 2433 ) and MS- CHAPv2 (RFC 2759 ) from Microsoft.

CHAP is specified in RFC 1994. In contrast to the precursor Password Authentication Protocol (PAP ) more emphasis is placed on safety in the transmission of the passwords in the CHAP. Authentication is done in three steps:

A random distance of the dial-in server again sends a random value ( the challenge ) to the client, and the steps 1-3 are repeated.

Security

An attacker who overhears the communication, thus receives only the random value and the hash value. Normally he can not do anything, since the password is not transmitted. However, an attacker can launch a man -in-the -middle attack to perform when on the client side both CHAP and PAP are enabled. Server and client negotiate CHAPv2 for example, an attacker could break the connection and tell the client that the server expects PAP. The client then sends a PAP ACK to the attacker, and this one CHAPv2 - ACK to the server. Then a challenge- REQ is sent from the server and the client sends the attacker user ID and password, from which then the Challenge -RES comes. The server takes this to either or refuses (ACK, NACK).

In July 2012, the online service cloud Cracker announced, VPN and Wi-Fi connections that are based on MS- CHAPv2 to be able to crack within 24 hours. This service is offered to anyone for a fee. The brute -force attack succeeds here on parallelization and specially tuned hardware.

If the password is not stored in plain text on the server can also be hashed multiple times. For this purpose, the password hash from the hash another so obtained on the client first hashed and then creates the challenge. A hash of the password hash and the Challenge will also be created on the server, and these values ​​are then compared.

Point-to-Point Protocol Client (computing) Random number User identifier
175186
de