Open In App

Difference between PAP and CHAP

Improve
Improve
Like Article
Like
Save
Share
Report

Point-to-Point Protocol (PPP) basically uses Authentication method to simply identify and determine the remote device. Authentication is also required to secure communication among two endpoints. Authentication is basically a process of checking and verifying user’s detail simply to identify the user and allow access to the system and all of the resources. There are generally two methods that are required by PPP for Authentication. These methods are given below : 1. Password Authentication Protocol (PAP) : It provides a simple and easiest method for a remote node simply to establish and develop its identity along with a bidirectional link. These are generally used in public FTP sites and also in other public areas. 2. Challenge Handshake Authentication Protocol (CHAP) : CHAP is basically an encrypted authentication method that is required to verify the identity of the peer. It also uses an encryption algorithm to just pass the authentication data to protect it from hackers. It is widely used on the Internet. 
Difference between PAP and CHAP :

Password Authentication Protocol Challenge Handshake Authentication Protocol
It is a two-step process to verify the identity of the client. It is a three-step process of exchange of a shared secret.
Authentication is only requested at the initial time of establishment of link or connection. Authentication is requested at the initial time of establishment of link or connection and can also be requested after the establishment of link or connection.
This protocol is less secured implementation as actual passwords are transmitted without any encryption code or pattern through the link. This protocol is highly secure in implementation as the actual password is never transmitted through the link.
In this, both the user name and passwords are transmitted through the link.   In this, only the username is transmitted through the link.
Unencrypted usernames and Passwords are usually transmitted in plain text. Encrypted username and password are usually transmitted in this type of authentication.
It also allows point to point protocol to validate users i.e. to check and verify the users. It is a communication protocol that simply authenticates a user or a network host to an authentication entity.
It does not provide protection and prevention from trial and error attacks. It effectively provides protection and prevention from trial and error attacks.
It cannot do repeated midsession authentications. It can also do repeated midsession authentications.
Its usage has been decreased due to security issues. It is used by remote users, routers, and NASs simply to provide authentication before connectivity.
In PAP, Authentication is done only at the caller side or client side. In CHAP, Authentication is done at both of the sides.

Last Updated : 14 Mar, 2023
Like Article
Save Article
Previous
Next
Share your thoughts in the comments
Similar Reads