ISP Glossary Find an ISP Term

Search ISP Sites

Search: Search internet.com

ISP Resources ISP-Lists ISP Glossary ISP News CLEC-Planet The List ISPCON Free Newsletter IT Developer Internet News Small Business Personal Technology Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers internet.commerce Be a Commerce Partner

Search for an ISP term
by a keyword...	...or by category. choose one... Communications Computer Industry Companies Computer Science Data Graphics Hardware Internet and Online Services Mobile Computing Multimedia Networks Operating Systems Programming Software Standards Types of Computers World Wide Web

CHAP Last modified: Friday, June 21, 2002
Short for Challenge Handshake Authentication Protocol, a type of authentication in which the authentication agent (typically a network server) sends the client program a random value that is used only once and an ID value. Both the sender and peer share a predefined secret. The peer concatenates the random value (or nonce), the ID and the secret and calculates a one-way hash using MD5. The hash value is sent to the authenticator, which in turn builds that same string on its side, calculates the MD5 sum itself and compares the result with the value received from the peer. If the values match, the peer is authenticated. By transmitting only the hash, the secret can't be reverse-engineered. The ID value is increased with each CHAP dialogue to protect against replay attacks. Contrast with PAP.
PPP Challenge Handshake Authentication Protocol (CHAP) RFC This document defines a method for Authentication using PPP, which uses a random Challenge, with a cryptographically hashed Response which depends upon the Challenge and a secret key.	Related Categories Security Related Terms authentication challenge-response MD5 PAP