The Challenge Handshake Authentication Protocol (CHAP) is a challenge-response authentication protocol documented in RFC 1994 that uses the industry-standard Message Digest 5 (MD5) one-way encryption scheme to hash the response to a challenge issued by the remote access server.

CHAP is used by various vendors of dial-in servers and clients. CHAP is supported by both the Windows 2000 remote access server and remote access client.

CHAP is an improvement over PAP and SPAP in that the password is never sent over the link. Instead, the password is used to create a one-way hash from a challenge string. The server, knowing the client's password, can duplicate the operation and compare the result with that sent in the client's response.

The use of CHAP is negotiated during Phase 1 by specifying the authentication protocol LCP option (type 3), the authentication protocol 0xC2-23, and the algorithm 0x05. Once LCP negotiation is complete, CHAP messages use the PPP Protocol ID of 0xC2-23.

CHAP authentication is an exchange of three messages:

  1. The remote access server sends a CHAP Challenge message containing a session ID and an arbitrary challenge string.

  2. The remote access client returns a CHAP Response message containing the user name in cleartext and a hash of the challenge string, session ID, and the client's password using the MD5 one-way hashing algorithm.

  3. The remote access server duplicates the hash and compares it to the hash in the CHAP Response. If the hashes are the same, the remote access server sends back a CHAP Success message. If the hashes are different, a CHAP Failure message is sent.

CHAP protects against replay attacks by using an arbitrary challenge string per authentication attempt. However, CHAP does not protect against remote server impersonation.

CHAP requires that local or domain passwords be stored in a reversibly encrypted form. For more information, see Windows 2000 Server Help.