📜  PAP和CHAP之间的区别

📅  最后修改于: 2021-08-27 04:39:13             🧑  作者: Mango

点对点协议(PPP)基本上使用身份验证方法来简单地标识和确定远程设备。还需要身份验证以确保两个端点之间的通信安全。身份验证基本上是一个检查和验证用户详细信息的过程,仅用于识别用户并允许访问系统和所有资源。

PPP通常需要两种方法进行身份验证。这些方法如下:

1.密码验证协议(PAP):
它为远程节点提供了一种简单而又最简单的方法,只需建立和发展其身份以及双向链接即可。这些通常用于公共FTP站点以及其他公共区域。

2.质询握手身份验证协议(CHAP):
CHAP基本上是一种加密的身份验证方法,是验证对等方身份所必需的。它还使用加密算法仅传递身份验证数据,以保护其免受黑客攻击。它在Internet上被广泛使用。

PAP和CHAP之间的区别:

Password Authentication Protocol Challenge Handshake Authentication Protocol
It is a two-step process to verify the identity of the client. It is a three-step process of exchange of a shared secret.
Authentication is only requested at the initial time of establishment of link or connection. Authentication is requested at the initial time of establishment of link or connection and can also be requested after the establishment of link or connection.
This protocol is less secured implementation as actual passwords are transmitted without any encryption code or pattern through the link. This protocol is highly secure in implementation as the actual password is never transmitted through the link.
In this, both the user name and passwords are transmitted through the link.   In this, only the username is transmitted through the link.
Unencrypted usernames and Passwords are usually transmitted in plain text. Encrypted username and password are usually transmitted in this type of authentication.
It also allows point to point protocol to validate users i.e. to check and verify the users. It is a communication protocol that simply authenticates a user or a network host to an authentication entity.
It does not provide protection and prevention from trial and error attacks. It effectively provides protection and prevention from trial and error attacks.
It cannot do repeated midsession authentications. It can also do repeated midsession authentications.
Its usage has been decreased due to security issues. It is used by remote users, routers, and NASs simply to provide authentication before connectivity.
In PAP, Authentication is done only at the caller side or client side. In CHAP, Authentication is done at both of the sides.