Password Authentication Protocol (PAP)

Password Authentication Protocol (PAP), the PPP agreement.

Password authentication protocol (PAP), is a concentration of PPP agreement link control protocol, mainly through the use of 2 times to provide a peer-to-peer handshake authentication of the establishment of node simple method, which is based on the basis of initial link to determine.

Finish the link establishment phase, equivalence node after repeated send ID/password to verify the authentication get response or until the link expires.

PAP is not a strong authentication method, which effectively password to text format in circuit to send for eavesdropping, replay or repeat trial and error against no protection. Equivalence node tried time and frequency control. So even more efficient authentication methods (such as CHAP), its realization must be in before the PAP provide effective to negotiate a mechanism.

This certification method is applicable to can use expressly password imitate login remote host environment. In this case, this method provides with regular user login remote host similar safety.

Agreement structure

Password authentication protocol configuration options formats:

8 16 and 32 bit

Type Authentication Protocol Length. -

Type - 3

Length - 4

Authentication Protocol -- - C023 () :

PAP packet format

8 16 and 32 bit variable

Code Length Identifier Data

Code -- Code field for 8 bytes, used to identify the PAP packet types. PAP Code field distribution are as follows: 1, Authenticate - that, 2, Authenticate - Ack, 3, Authenticate - Nak.

Identifier Identifier fields -- for 8 bytes, to match that and Reply.

Length - Length field for 16 bytes, said PAP packets to long, including Code, Identifier, Length and Data fields. Length field outside the octet used as the data link layer clearance, and in the recipient ignored.

Data - Data fields to zero or more bytes. Data fields format depends on the Code field.