Talk:Challenge-Handshake Authentication Protocol

Computing: Security Stub‑class

This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing Stub This article has been rated as Stub-class on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the project's importance scale. This article is supported by WikiProject Computer security (assessed as Mid-importance). Things you can help WikiProject Computer security with: edit history watch purge Article alerts are available, updated by AAlertBot. More information... Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

Cryptography: Computer science Start‑class

This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography Start This article has been rated as Start-class on Wikipedia's content assessment scale. ??? This article has not yet received a rating on the importance scale. This article is supported by WikiProject Computer science.

Chap is also A man or boy; a fellow. (http://www.yourdictionary.com/ahd/c/c0243000.html) plus it has other meanings too hi — Preceding unsigned comment added by 86.21.100.3 (talk) 16:48, 27 May 2013 (UTC)[reply]

From the description of the protocol, it would appear that no secret information such as passwords are needed! I would guess that this line:

"2. The peer responds with a value calculated using a one-way hash function, such as MD5."

should mention that the message sent by the server and the password are both inputs to the hash function in some way? --Birkett 09:18, 30 June 2006 (UTC)[reply]

I agree with Birkett, you should rephrase the sentence as "The peer responds with a value calculated using a one-way hash function based on the shared secret. [Makan]

I agree too. It is not clear otherwise why anyone else cannot compute an MD5 hash, if no shared secret is required. [Siddharth]

Question : How is the shared secret shared in the first place ? ie how is CHAP installed on a new computer. At some stage the shared secret needs to pass through the public domain from server to client. Could how this happens be explained here ? MAR 2007 <MJ>

CHAP is used in PPP, main usage of PPP is DSL with PPPoE. The "secret" is (in this case) usally transfered with a classical written letter. The server should receive your identity with the next update (or should poll a db/ldap/...) —Preceding unsigned comment added by 131.159.4.197 (talk) 14:06, 13 May 2008 (UTC)[reply]

A shared secret key is often called a "Pre-Shared Key" (PSK), in terms that both parts previously agree on a common secret, and share it off-band.Zekkerj (talk) 05:14, 24 July 2009 (UTC)[reply]

Please move to Challenge-Handshake Authentication Protocol.

{{Requested move/dated|Challenge-Handshake Authentication Protocol}}

Challenge-handshake authentication protocol → Challenge-Handshake Authentication Protocol – I moved this page from CHAP, as it doesn't take much imagination to suppose that something else might have the same acronym. --KQ 23:41, 25 May 2011 (UTC)[reply]

Also, this page is linked to from Password Authentication Protocol and nowhere else. --KQ

The capitalization change seems uncontroversial. I've asked for the redirect to be deleted so that the move can be made.--Kotniski (talk) 11:36, 2 June 2011 (UTC)[reply]

Hello fellow Wikipedians,

I have just modified one external link on Challenge-Handshake Authentication Protocol. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20160316174007/https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/ to https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 5 June 2024).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 06:20, 27 July 2017 (UTC)[reply]