Which of the following is a Point-to-Point Protocol (PP…

Which of the following is a Point-to-Point Protocol (PPP) authentication protocol that supports sending of hashed values instead of sending passwords in clear text?

Which of the following is a Point-to-Point Protocol (PPP) authentication protocol that supports sending of hashed values instead of sending passwords in clear text?

A.
LCP

B.
NCP

C.
PAP

D.
CHAP

Explanation:
There are two authentication methods available when implementing a PPP connection: Password Authentication Protocol (PAP) and Challenge Handshake
Authentication Protocol (CHAP).
Challenge Handshake Authentication Protocol (CHAP) uses a one-way hash function based on the Message Digest 5 (MD5) hashing algorithm to hash the
password. This hashed value is then sent across the wire. In this situation, the actual password is never sent. No one tapping the wire will be able to reverse the
hash to come up with the original password. This is why MD5 is referred to as a one-way function. It cannot be reverse engineered. CHAP uses a three-way
handshake process to perform the authentication. Moreover, CHAP periodically repeats the authentication process after link establishment.
When configuring PPP with CHAP authentication, both routers must be configured with a username that will be presented by the other router with a password.
Therefore, the username to configure on Router A will be the username of Router B. The password should be the same on both machines. If these settings are not
correct, then authentication will fail. The authentication process can be displayed as it happens with the debug PPP authentication command.
Link Control protocol (LCP) is defined in Request for Comments (RFCs) 1548 and 1570 and has primary responsibility to establish, configure, authenticate, and test
a PPP connection. LCP negotiates the following when setting up a PPP connection:
Authentication method used (PAP or CHAP), if any
Compression algorithm used (Stacker or Predictor), if any
Callback phone number to use, if defined
Multilink; other physical connections to use, if configured
Network Control Protocol (NCP) defines the process for how the two PPP peers negotiate which network layer protocols, such as IP and IPX, will be used across
the PPP connection. LCP is responsible for negotiating and maintaining a PPP connection whereas NCP is responsible for negotiating upper-layer protocols that will
be carried across the PPP connection.
Password authentication Protocol (PAP) is simpler than CHAP, but less secure. During the authentication phase, PAP goes through a two-way handshake process.
In this process, the source sends its user name (or hostname) and password in clear text, to the destination. The destination compares this information with a list of
locally stored user names and passwords. If it finds a match, the destination returns an accept message. If it does not find a match, it returns a reject message.

Objective:
WAN Technologies
Sub-Objective:
Configure, verify, and troubleshoot PPPoE client-side interfaces using local authentication

Cisco > Internetworking Technology Handbook > Point-to-Point Protocol
Cisco > Support > Technology Support > WAN > Point-to-Point Protocol (PPP) > Design > Design TechNotes > Understanding and Configuring PPP CHAP
Authentication > Document ID: 25647



Leave a Reply 0

Your email address will not be published. Required fields are marked *