CHAP provides protection against replay attacks by the peer through the use of an incrementally changing identifier and of a variable challenge-value. CHAP requires that both the client and server know the plaintext of the secret, although it is never sent over the network. Thus, CHAP provides better security as compared to Password Authentication Protocol (PAP) which is vulnerable for both these reasons. The MS-CHAP variant does not require either peer to know the plaintext and does not transmit it, but has been broken.
-
Notifications
You must be signed in to change notification settings - Fork 0
The aim is to develop a POC like of CHAPv2 (Challenge-Handshake Authentication Protocol version 2)... Authenticating users without sharing the password over the network. This is one of the protocols that is recommended instead of PAP (Password Authentication Protocol) which sends passwords over the network in plain-text
Lithium876/CHAP-POC
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
The aim is to develop a POC like of CHAPv2 (Challenge-Handshake Authentication Protocol version 2)... Authenticating users without sharing the password over the network. This is one of the protocols that is recommended instead of PAP (Password Authentication Protocol) which sends passwords over the network in plain-text
Topics
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published