Translation
powered by 
Computing (FOLDOC) dictionary
Challenge-Handshake Authentication Protocol
networking, security, standard, protocol (CHAP) An
authentication scheme used by PPP servers to validate the
identity of the originator of the connection upon connection
or any time later.
CHAP applies a three-way handshaking procedure. After the
link is established, the server sends a "challenge" message to
the originator. The originator responds with a value
calculated using a one-way hash function. The server checks
the response against its own calculation of the expected hash
value. If the values match, the authentication is
acknowledged; otherwise the connection is usually terminated.
CHAP provides protection against playback attack through the
use of an incrementally changing identifier and a variable
challenge value. The authentication can be repeated any time
while the connection is open limiting the time of exposure to
any single attack, and the server is in control of the
frequency and timing of the challenges. As a result, CHAP
provides greater security then PAP.
CHAP is defined in RFC 1334.
(1996-03-05)