Introduction

Introduction -- encryption

CHAP - Challenge Handshake Authentication Protocol

CHAP is a part usualy of PPP (Point-to-Point Protocol) software, implemented in the authentication subsystem. CHAP avoid's sending plaintext passwords over an insecure link. The traditional CHAP-MD5 needs the plaintext password stored on the server. MS-CHAP doesen't need this, but also needs the password either as NT-Hash and/or as LAN-Manager-Hash. LAN-Manager-Hashes are weak and shouldn't be used anymore.

This package provides 3 classes:

Crypt_CHAP::Crypt_CHAP_MD5() - for generating CHAP-MD5 (RFC 1994) compliant pakets
Crypt_CHAP::Crypt_MSCHAPv1() - for generating MS-CHAPv1 (RFC 2433) compliant pakets
Crypt_CHAP::Crypt_MSCHAPv2() - for generating MS-CHAPv2 (RFC 2759) compliant pakets

Crypt_CHAP::Crypt_CHAP is an abstract base class.

In order to get the MS-CHAP* to work you need the mhash extension.