adam's notes

Challenge Handshake Authentication Protocol (CHAP)
Microsoft CHAP

❯

❯

Challenge Handshake Authentication Protocol (CHAP)

Challenge Handshake Authentication Protocol (CHAP)

Challenge Handshake Authentication Protocol (CHAP) is a secure protocol used to secure remote authentication protocols.

how it works
- client and server have prior knowledge of a shared secret
  - neither wants to transmit the secret over the network
- first establish a link
- server sends a random value to the client
  - called the challenge value
- client combines the challenge with the secret and computes a cryptographic hash
  - is irreversible
- client transmits the value to the server
  - known as the response
- server receives the response and stores it in memory
- server computes its own hash of the shared secret and challenge value and compares the output to the response
- if the two values match, then server authenticates the client
much more secure than PAP
Acceptable to use in modern applications

Microsoft CHAP

Microsoft created its own versions of CHAP
- called MS-CHAP and MS-CHAPv2
both have been cracked and are considered not secure

Graph View

Backlinks

Domain 2 - Access Controls

Created with Quartz v4.5.2 © 2026

CC BY-NC-SA
adamfurman.me