Introduction
Introduction – encryption
CHAP - Challenge Handshake Authentication Protocol
CHAP is a part usualy of PPP (Point-to-Point Protocol) software, implemented in the authentication subsystem. CHAP avoid's sending plaintext passwords over an insecure link. The traditional CHAP-MD5 needs the plaintext password stored on the server. MS-CHAP doesen't need this, but also needs the password either as NT-Hash and/or as LAN-Manager-Hash. LAN-Manager-Hashes are weak and shouldn't be used anymore.
This package provides 3 classes:
- Crypt_CHAP::Crypt_CHAP_MD5() - for generating CHAP-MD5 (RFC 1994) compliant pakets
- Crypt_CHAP::Crypt_CHAP_MSv1() - for generating MS-CHAPv1 (RFC 2433) compliant pakets
- Crypt_CHAP::Crypt_CHAP_MSv2() - for generating MS-CHAPv2 (RFC 2759) compliant pakets
Crypt_CHAP::Crypt_CHAP is an abstract base class.
In order to get the MS-CHAP* to work you need the mhash extension.