First page Back Continue Last page Overview Graphics
Why CHAP is Reasonably Secure
The password never appears in plaintext on the wire
With a random challenge for each session, replay attacks are prevented
- A timestamp would also work
MD5 fits the criteria of a strong hash function
- It has been used extensively for years
- Some cryptographers have found some esoteric issues with it and have suggested the SHA-1 hash function as a replacement