Point-to-Point Protocol (PPP)

This section discusses the Point-to-Point Protocol (PPP) and its derivatives, including PPTP and PPPoE. It also covers authentication methods such as PAP, CHAP, and MS-CHAP.

PPP and Its Derivatives

• PPP is used for authentication on analog dial-up, ISDN, and other types of Point-to-Point Networks.

• PPTP is a derivative of PPP commonly used in Windows operating systems.

• PPPoE is another derivative of PPP commonly used to authenticate over a DSL network.

Authentication Methods

Password Authentication Protocol (PAP)

• PAP is one of the most basic authentication methods.

• It communicates in clear text without encryption or additional security measures.

• It was commonly used on old or legacy systems but is now rarely used by itself.

Challenge Handshake Authentication Protocol (CHAP)

• CHAP was created to provide additional security to the authentication process.

• It uses an encrypted challenge to send credentials across the network.

• It uses a three-way handshake to authenticate users.

Microsoft CHAP (MS-CHAP)

• MS-CHAP is a customized version of CHAP developed by Microsoft.

• The most recent version is referred to as MS_CHAP v2.

• Unfortunately, both versions suffer from vulnerabilities due to the use of DES protocol.

Alternatives

Many people have migrated from using MS_CHAP due to its vulnerabilities. Instead, they use L2TP, IPsec or some other type of secure VPN communication.