Which of the following protects a password from eavesdroppers and supports the encryption of communication?
Click on the arrows to vote for the correct answer
A. B. C. D.Explanation.
CHAP: A protocol that uses a three way hanbdshake The server sends the client a challenge which includes a random value(a nonce) to thwart replay attacks.
The client responds with the MD5 hash of the nonce and the password.
The authentication is successful if the client's response is the one that the server expected.
CHAP protects the password from eavesdroppers and supports the encryption of communication.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 44.
The correct answer is A. Challenge Handshake Authentication Protocol (CHAP).
Challenge Handshake Authentication Protocol (CHAP) is a protocol used to authenticate a user or a device to a network. It is often used in remote access scenarios, such as dial-up or virtual private network ( VPN) connections.
The CHAP protocol operates by having the authenticating entity (typically a network access server or a router) send a challenge message to the client. The client responds to the challenge with a calculated response based on the challenge and the client's password. The authenticator then compares the calculated response with its own calculation. If they match, the client is authenticated.
One of the key benefits of CHAP is that it uses a one-way hash function to protect the password from eavesdroppers. When the client sends its response to the challenge, it does not send the actual password, but rather a hash of the password. This means that even if an attacker intercepts the communication between the client and the authenticator, they will not be able to obtain the password.
In addition to protecting the password, CHAP also supports encryption of communication. However, it is important to note that the encryption is not provided by CHAP itself, but rather by the underlying protocol used for communication (such as Point-to-Point Protocol or PPP).
Option B, Challenge Handshake Identification Protocol (CHIP), is not a real protocol and does not exist. Option C, Challenge Handshake Encryption Protocol (CHEP), is also not a real protocol. Option D, Challenge Handshake Substitution Protocol (CHSP), is also not a real protocol.