Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Will CHAP perfrom re-challenge after a period of time

Hi,

I would like to know will CHAP perform a re-challenge of the hash value after a peroid of time?

For example, initially the link up after the first authentication...Will it perform a periodic challenge? If yes, how long is it?

Thanks..

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Will CHAP perfrom re-challenge after a period of time

Hi,

RFC 1994 states as below :

Challenge-Handshake Authentication Protocol

   The Challenge-Handshake Authentication Protocol (CHAP) is used to
   periodically verify the identity of the peer using a 3-way handshake.
   This is done upon initial link establishment, and MAY be repeated
   anytime after the link has been established.

   1.    After the Link Establishment phase is complete, the
         authenticator sends a "challenge" message to the peer.

   2.    The peer responds with a value calculated using a "one-way
         hash" function.

   3.    The authenticator checks the response against its own
         calculation of the expected hash value.  If the values match,
         the authentication is acknowledged; otherwise the connection
         SHOULD be terminated.

  4.    At random intervals, the authenticator sends a new challenge to
         the peer, and repeats steps 1 to 3

But it doesnt specifies the time interval it says random intervals...

HTH

Hitesh Vinzoda

Pls rate useful posts

1 REPLY

Re: Will CHAP perfrom re-challenge after a period of time

Hi,

RFC 1994 states as below :

Challenge-Handshake Authentication Protocol

   The Challenge-Handshake Authentication Protocol (CHAP) is used to
   periodically verify the identity of the peer using a 3-way handshake.
   This is done upon initial link establishment, and MAY be repeated
   anytime after the link has been established.

   1.    After the Link Establishment phase is complete, the
         authenticator sends a "challenge" message to the peer.

   2.    The peer responds with a value calculated using a "one-way
         hash" function.

   3.    The authenticator checks the response against its own
         calculation of the expected hash value.  If the values match,
         the authentication is acknowledged; otherwise the connection
         SHOULD be terminated.

  4.    At random intervals, the authenticator sends a new challenge to
         the peer, and repeats steps 1 to 3

But it doesnt specifies the time interval it says random intervals...

HTH

Hitesh Vinzoda

Pls rate useful posts

170
Views
0
Helpful
1
Replies
CreatePlease login to create content