RFC 2433 (rfc2433) - Page 1 of 20


Microsoft PPP CHAP Extensions



Alternative Format: Original Text Document



Network Working Group                                            G. Zorn
Request for Comments: 2433                                       S. Cobb
Category: Informational                            Microsoft Corporation
                                                            October 1998


                     Microsoft PPP CHAP Extensions

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

IESG Note

   The protocol described here has significant vulnerabilities.  People
   planning on implementing or using this protocol should read section
   12, "Security Considerations".

1.  Abstract

   The Point-to-Point Protocol (PPP) [1] provides a standard method for
   transporting multi-protocol datagrams over point-to-point links.  PPP
   defines an extensible Link Control Protocol and a family of Network
   Control Protocols (NCPs) for establishing and configuring different
   network-layer protocols.

   This document describes Microsoft's PPP CHAP dialect (MS-CHAP), which
   extends the user authentication functionality provided on Windows
   networks to remote workstations.  MS-CHAP is closely derived from the
   PPP Challenge Handshake Authentication Protocol described in RFC 1994
   [2], which the reader should have at hand.

   The algorithms used in the generation of various MS-CHAP protocol
   fields are described in an appendix.

2.  Introduction

   Microsoft created MS-CHAP to authenticate remote Windows
   workstations, providing the functionality to which LAN-based users
   are accustomed while integrating the encryption and hashing
   algorithms used on Windows networks.




Zorn & Cobb                  Informational