PAP and CHAP – SY0-601 CompTIA Security+ : 3.8

Authentication protocols have been used for many years in IT security. In this video, you’ll learn about the authentication process and the differences between PAP and CHAP authentication.


There are many different ways to provide authentication to a network. And in this video, we’ll look at two very common methods. One is called PAP and the other is CHAP. This is a common problem that needs to be solved. You have a client who’s outside of the building they are accessing a VPN concentrator that is part of your organization. So that they can then gain access to an internal file server.

But before they’re allowed access to that internal file server, they first need to authenticate. They’re going to send a request through the internet to the VPN concentrator to login.

The VPN concentrator doesn’t have any information about usernames and passwords. So it passes that request down to AAA server. This is a server designed to provide authentication, authorization and accounting. And it’s going to provide a way to check a username and password to see if it’s valid.

Once it performs that check it’ll send a message back saying those credentials have been approved or disapproved. In this case, the correct username and password was provided and the users request is then sent on to the internal file server.

One way to provide that authentication between the VPN concentrator and the server is a very common protocol known as PAP. This is the password authentication protocol. It’s an extremely basic method to provide this authentication process. And if you’re using some relatively old operating systems or systems that were designed for some very simple authentication they’re probably using PAP.

One problem with the password authentication protocol is that it sends all of this information through the network in the clear. There’s no encryption built into PAP that provides a way to protect the username or the password. To say that this is a weak authentication scheme may be a little bit of an understatement because there is no encryption being used for that password exchange process.

This is because PAP is originally designed before we had these internet connected networks. Instead we were using dial up analog lines where there was only two devices on that connection. The client and the server.

What you commonly see with implementations of PAP today is that the application performing the authentication based in the username in the clear. But the application will provide the encryption of the password and be able to send that through a PAP connection without too much worry about that password being seen by others.

Here’s how this very simple password authentication protocol works. We have a username and password. Our username is james, our password is password111. And we’ve got a client and a server. The request will be made from the client to the server saying the user name is james and the password is password111 sent in the clear using PAP. The PAP server will authenticate the username and password and send a message back to the client saying, the username and password checks out you are now allowed access to the network.

Somewhat of a next step up from PAP is the Challenge Handshake Authentication Protocol or CHAP. This is going to provide an encrypted challenge sent across the network. So this does add additional security over what you might find with PAP.

CHAP has a three-way handshake that occurs. Once there is a link the server is going to send the client a challenge message. That challenge message is going to be combined with a password hash and sent back to the server where it will evaluate the password and the challenge to be able to see if that matches what’s expected.

This challenge response process is not only something that is at the beginning of the authentication process. But it may occur multiple times while that session is active. The end user never sees that this additional handshake is occurring but this is something that can occur periodically while the session is active.

Let’s take the same scenario with the Challenge Handshake Authentication Protocol with the same username of james and the same password a password111. And we have the same scenario where we have a client and a server. The client is going to send the request saying that they would like to login with the username james. Of course, this server already knows that there is a user named james and it knows the password for that particular user.

The server is going to take that password and combine it with a challenge. And it will send that challenge across the network back to the client. The client will then perform exactly the same combination of the password and the challenge that the CHAP server has already calculated. It’s then going to send back a response to that particular password and challenge. And the challenge response hash is set over the network to the CHAP server.

The CHAP server then does its own calculation of the password and the challenge to see if the exact same response was to occur. Notice with CHAP we’re not sending the password in the clear across the network we’re sending either a challenge or a response to that challenge. And neither of those contain the actual password.

There’s a version of CHAP called MS-CHAP. The stands for Microsoft CHAP and it’s used commonly with Microsoft’s point to point tunneling protocol or PPTP. The most recent version of MS-CHAP is referred to as MS-CHAP V2.

Unfortunately MS-CHAP is a very old implementation of security. It uses the data encryption standard for encryption. And that is a very weak type of encryption. Makes it very easy to brute force the relatively small number of possible keys that could be used during this connection. For that reason, we commonly do not use MS-CHAP or MS-CHAP V2 any longer. Instead, we prefer to use L2TP, IPsec, 802.1X or some other method of secure authentication.