what are PAP and CHAP?
what are PAP and CHAP?
"PAP stands for Password Authentication Protocol, whereas CHAP stands for Challenge Handshake Authentication Protocol. Both are Protocol suits used to authenticate a person over an Internet channel or network."
PAP
PAP stands for Password Authentication Protocol, a protocol used in authentication of username and password over a network. It is a networking protocol that authenticates a user’s credentials and maintains a table where all credentials stored in an encrypted format, this table is used to match credentials entered by the user. The main disadvantage of this protocol is, it doesn’t transmit data in an encrypted format over the Internet. Therefore, it can be breached by hackers or intruders. Credentials are transmitted in plain text because it uses HTTP protocol to transmit data. The solution is CHAP.
CHAP
CHAP stands for Challenge Handshake Authentication Protocol, a successor or an alternate of PAP, it also does the same authentication check thing, but in an appropriate or in a secure manner. In CHAP a predefined key, an ID, and value is sent by authentication agent to the client. Then the client concatenates all of the values together and produces a hash. Produced hash is sent by the client to the authentication agent (a network server used to authenticate data or credentials). The authentication server or agent generates the same hash via MD5 encryption to match the received hash, sent by the client machine to check that the client is genuine or not. When the client hash matches with the authentication agent, only then the client got authenticate by the server.
This method ensures user security and agent security because the hash would not help to find credentials. So CHAP is used over PAP many times to provide security.
Please keep learning from computerflicks, because it is beyond computing.
Comments
Post a Comment