RFC 2433 (rfc2433) - Page 1 of 20
Microsoft PPP CHAP Extensions
Alternative Format: Original Text Document
Network Working Group G. Zorn
Request for Comments: 2433 S. Cobb
Category: Informational Microsoft Corporation
October 1998
Microsoft PPP CHAP Extensions
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
IESG Note
The protocol described here has significant vulnerabilities. People
planning on implementing or using this protocol should read section
12, "Security Considerations".
1. Abstract
The Point-to-Point Protocol (PPP) [1] provides a standard method for
transporting multi-protocol datagrams over point-to-point links. PPP
defines an extensible Link Control Protocol and a family of Network
Control Protocols (NCPs) for establishing and configuring different
network-layer protocols.
This document describes Microsoft's PPP CHAP dialect (MS-CHAP), which
extends the user authentication functionality provided on Windows
networks to remote workstations. MS-CHAP is closely derived from the
PPP Challenge Handshake Authentication Protocol described in RFC 1994
[2], which the reader should have at hand.
The algorithms used in the generation of various MS-CHAP protocol
fields are described in an appendix.
2. Introduction
Microsoft created MS-CHAP to authenticate remote Windows
workstations, providing the functionality to which LAN-based users
are accustomed while integrating the encryption and hashing
algorithms used on Windows networks.
Zorn & Cobb Informational