Authentication Protocol

Begin Learning Cyber Security for FREE Now!

Already a Member Login Here

Authentication Protocol: 

Password Authentication Protocol (PAP): a clear text exchange of username and password data. After a user dials in, a username request is sent. After a username is entered, a password request is sent out. All communications are transmitted in clear text with no encryption. PAP is a one-way authentication between the router and the host.

Shiva Password Authentication Protocol (SPAP): a reversible encryption mechanism. A client uses SPAP when connecting to a Shiva LAN Rover. This authentication method is more secure than PAP but less secure than CHAP.

Challenge Handshake Authentication Protocol (CHAP): enhanced security compared with PAP. It uses a two-way encrypted authentication method. The remote router holds the usernames and passwords but they’re not transmitted as they were with PAP. With CHAP, when a user dials in, the access server issues a challenge message to the remote user after the PPP link is established. The remote end responds with a one-way hash function. This hash is generally an MD5 entity. If the value of the hash accurately matches authentication is granted. If it doesn’t match, the connection is ended. CHAP sends out a challenge every two minutes for the duration of the connection. If the authentication fails at any time, the connection is ended. Frequency of challenges is administered by the access server.

Extensible Authentication Protocol (EAP): an authentication protocol that can be expanded with increased authentication methods that can be installed separately. It activates a fluid authentication mechanism to approve a remote access connection.

Types of EAP: 

View Topics

Our Revolution

We believe Cyber Security training should accessible for everyone, everywhere. Everyone deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is the world's largest community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

We recommend always using caution when following any link

Are you sure you want to continue?