S 5.50 Authentication via PAP/CHAP

Initiation responsibility: Administrator, IT Security Officer

Implementation responsibility: Administrator

Many ISDN cards support communications via a Point-to-Point Protocol (RFC 1661) after an ISDN switched connection has been established. This Internet standard also offers authentication protocols such as the Password Authentication Protocol (PAP) and the Challenge Handshake Authentication Protocol (CHAP) (RFC 1994). If the ISDN card used provides these functions, authentication should be performed with the Challenge Handshake Authentication Protocol instead of the Password Authentication Protocol, because with PAP the password used for authentication is transmitted in unencrypted form.

As a rule, the passwords used with PAP and CHAP are stored on the IT systems, so that they do not have to be entered by the user each time authentication is required. To allow continued use of these processes following re-installation, the required passwords should be noted down and kept in a safe place (see S 2.22 Escrow of passwords).

Method of operation

CHAP always distinguishes between two types of communication partner: authenticator and peer. The authenticator is the communication partner requesting authentication, while the peer is the communication partner who should supply authentication. In general therefore, the authenticator is the server which users need to log into as peers from their respective IT systems.

CHAP checks for the recognition of a common secret (password) on both sides. This password is not transferred as plain text through the communications lines, and is protected against replay by integrating random numbers.

The Challenge-Response-Protocol is sequenced as follows:

First, the authenticator computes a random number. The hash value of the computed random number is then formed using a hash algorithm. A hash function is a computing instruction which converts inputs of any length into outputs of a fixed (usually shorter) length. A one-way hash function only works in one direction, i.e. it easily allows hash values to be calculated from inputs, but makes it very difficult, if not impossible, to calculate inputs corresponding to hash values.

In the next step, the authenticator transfers the challenge, i.e. the random number just calculated, to the peer. As the authenticator and peer both possess the same hash algorithm, the peer is able to form the hash value of the transferred random number in a fourth step. The peer calculates the hash value using three parameters: identifier (user ID), secret (password) and transferred random number. It then transmits the hash value as a response to the authenticator. The authenticator checks the correctness of the password by also calculating the corresponding hash value and comparing it with the received one. If the comparison is positive, the peer has been successfully authenticated by the authenticator, and the communications link can be established.

Authentication using this technique should also be repeated several times while a communications link is in use, in order to prevent intrusions into active links. This can be triggered by the authenticator at sporadic intervals without the need for user intervention.

Review questions:

• As far as the installed ISDN card supports PAP/CHAP: Is CHAP used for authentication, and is PAP not used?
• Are the passwords used for PAP and/or CHAP stored at a secure location?