what are PAP and CHAP?

-

what are PAP and CHAP?


"PAP stands for Password Authentication Protocol, whereas CHAP stands for Challenge Handshake Authentication Protocol. Both are Protocol suits used to authenticate a person over an Internet channel or network."

PAP


PAP stands for Password Authentication Protocol, a protocol used in authentication of username and password over a network. It is a networking protocol that authenticates a user’s credentials and maintains a table where all credentials stored in an encrypted format, this table is used to match credentials entered by the user. The main disadvantage of this protocol is, it doesn’t transmit data in an encrypted format over the Internet. Therefore, it can be breached by hackers or intruders. Credentials are transmitted in plain text because it uses HTTP protocol to transmit data. The solution is CHAP.

CHAP

CHAP stands for Challenge Handshake Authentication Protocol, a successor or an alternate of PAP, it also does the same authentication check thing, but in an appropriate or in a secure manner. In CHAP a predefined key, an ID, and value is sent by authentication agent to the client. Then the client concatenates all of the values together and produces a hash. Produced hash is sent by the client to the authentication agent (a network server used to authenticate data or credentials). The authentication server or agent generates the same hash via MD5 encryption to match the received hash, sent by the client machine to check that the client is genuine or not. When the client hash matches with the authentication agent, only then the client got authenticate by the server.
This method ensures user security and agent security because the hash would not help to find credentials. So CHAP is used over PAP many times to provide security.


Please keep learning from computerflicks, because it is beyond computing.

Comments

Post a Comment

Popular posts from this blog

How do you host your website on free web hosting services or free web hosting sites?

-
What is web hosting? If you have a website, which is basically a collection of static or dynamic web pages and you want to make your site data public then you need a server which can store your pages in it, so that these pages can be invoked by users. You can also use your system as a server to host your site on your own computer. But you have some limitations when you host your site on your own computer as follow: 1. You need high speed internet to make your site available on the internet every time or 24x7. 2. If your site is dynamic and store some sort of user information then you need a proper backup for your site, which is costly. The alternate of the above process is to host your site on the paid or free web hosting companies . There is a list of paid and free hosting companies. Paid Service Web Hosting Companies 1. Hostgator.com 2. Bigrocks.com 3. Godaddy.com 4. Bluehost.com Free Service
Read more

What is BSQL or Blind SQL Injection?

-
"BSQL is an acronym of Blind SQL Injection , a sort of SQL Injection, used when a customized error page is sets as a substitute of database error message in order to increase database complexity for intruders." Blind SQL Injection or BSQL is a kind of SQL Injection , which is used to find out vulnerabilities in a database system to exploit. Blind SQL is similar to SQL Injection because in both ways an intruder try to steal digital identities or data from a database system in order to exploitation. To Increase the SQL Injection complexity a developer or application programmer sets an error page as a substitute of database error message. So when a hacker apply SQL Injection attack on a database system a customized error page is returned except database error message, which makes that intruder or hacker blind to exploit with database. Eventually, this problem for hackers raise to create a new kind of SQL Injection to attack blindly on the
Read more

Meaning of ping, Ip config, Trace-rt and netstat commands in Networking.

-
In the field of networking, sometimes some basic commands are very necessary to keep in mind because they help us to Know a lot of things like how to get the Ip address of a URL?, How to check that there is a connection established between client and server ?, How to trace the route of packets or get the IP address of the routers through your packet is coming ?, How to know your IP and MAC address ? and How to get the IP address of any system connected in a LAN (Local Area Network) ? So let me explain each of them one by one in this post. PING PING stands for Packet Internet Gopher and it is a utility software of windows operating system and often used to check the connection establishment between your PC and server e.g, it may your ISP's (Internet Service Provider) Server, if you are unable to use Internet while using broadband service you can ping your ISP server to get the connection. Basically it is used to estab
Read more