
The Challenge Handshake Authentication Protocol (CHAP) is an identity authentication protocol that uses challenge-response.Point-to-Point Protocol (PPP) servers use the challenge and response authentication method known as CHAP to confirm a remote user’s identity.According to experts, the client responds with a value that is obtained by hashing the challenge with its password after the server sends a distinct challenge string. The authentication is successful if the values match. Because the password is not sent over the network, CHAP provides more security than password-based authentication. It also re-authenticates on a regular basis to protect against replay or session hijacking attacks.In order to authenticate a user, CHAP uses a three-step method in which the user’s device uses a hashing algorithm to combine a shared secret, like a password, with a unique challenge string sent by the server. This generates a hashed value that is sent back to the server, which uses the challenge text and the shared secret to carry out the same hashing operation. The user is verified if the hashed value and the response match.



