Configuring ppp and mp, Introduction to ppp and mp, Pap authentication – H3C Technologies H3C SR8800 User Manual
Page 26: Chap authentication
18
Configuring PPP and MP
Introduction to PPP and MP
PPP
Point-to-Point Protocol (PPP) is a link layer protocol that carries network layer packets over point-to-point
links. It gains popularity because it provides user authentication, supports synchronous/asynchronous
communication, and allows for easy extension.
PPP contains a set of protocols, including a link control protocol (LCP), a network control protocol (NCP),
and authentication protocols such as Password Authentication Protocol (PAP), Challenge Handshake
Authentication Protocol (CHAP), MS-CHAP, and MS-CHAP-V2. Among these protocols,
•
The LCP is responsible for establishing, tearing down, and monitoring data links.
•
The NCP is used for negotiating the packet format and type of data links.
•
PAP, CHAP, MS-CHAP, and MS-CHAP-V2 are for network security.
PAP authentication
PAP is a two-way handshake authentication protocol using plain text passwords. It operates as follows.
1.
The requester sends its username and password to the authenticator.
2.
The authenticator then checks the local user list to see if the username and password are correct
and returns an acknowledgement or negative acknowledge.
Figure 7 PAP Authentication
During PAP authentication, the password is transmitted on the link in plain text. In addition, the supplicant
sends the username and the password repeatedly through the established PPP link until the authentication
is over. Therefore, PAP is not a secure authentication protocol. It cannot prevent attacks.
CHAP authentication
CHAP is a three-way handshake authentication protocol using cipher text password.