Challenge Handshake Certification Protocol (CHAP) The identity of the three handshake periodic authentication is completed during the initial link, which can be repeated at any time after the link is established.
After the link establishment phase, the authenticator sends a "challenge" message to the peer. The opposite is used to respond to the value calculated by the one-way hash function. The certification checks the response based on its own expected hash value, if the value matches, the authentication is recognized; otherwise, the connection should be terminated. After a certain random interval, the certification sends a new challenge to the peer, repeating 1 to 3.
By incrementing the identifier and variable challenge value, CHAP prevents playback attacks, and repeated challenge limits the frequency of exposure time and certification control challenges for a single attack.
The authentication method relies on the authenticator and the peer-shared key, and the key is not transmitted through the link.
For more information, please visit the following page: 中文 版: http://www.networkDictionary.com/chinese/protocols/chap.php English version: http://www.networkDictionary.com/protocols/chap.php
