Browse Prior Art Database

Microsoft PPP CHAP Extensions, Version 2 (RFC2759)

IP.com Disclosure Number: IPCOM000003356D
Original Publication Date: 2000-Jan-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 16 page(s) / 31K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

G. Zorn: AUTHOR

Abstract

The Point-to-Point Protocol (PPP) [1] provides a standard method for transporting multi-protocol datagrams over point-to-point links. PPP defines an extensible Link Control Protocol and a family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 10% of the total text.

Network Working Group G. Zorn

Request for Comments: 2759 Microsoft Corporation

Category: Informational January 2000

Microsoft PPP CHAP Extensions, Version 2

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

The Point-to-Point Protocol (PPP) [1] provides a standard method for

transporting multi-protocol datagrams over point-to-point links. PPP

defines an extensible Link Control Protocol and a family of Network

Control Protocols (NCPs) for establishing and configuring different

network-layer protocols.

This document describes version two of Microsoft's PPP CHAP dialect

(MS-CHAP-V2). MS-CHAP-V2 is similar to, but incompatible with, MS-

CHAP version one (MS-CHAP-V1, described in [9]). In particular,

certain protocol fields have been deleted or reused but with

different semantics. In addition, MS-CHAP-V2 features mutual

authentication.

The algorithms used in the generation of various MS-CHAP-V2 protocol

fields are described in section 8. Negotiation and hash generation

examples are provided in section 9.

Specification of Requirements

In this document, the key words "MAY", "MUST, "MUST NOT", "optional",

"recommended", "SHOULD", and "SHOULD NOT" are to be interpreted as

described in [3].

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3

2. LCP Configuration . . . . . . . . . . . . . . . . . . . . . . . 3

3. Challenge Packet . . . . . . . . . . . . . . . . . . . . . . . 3

4. Response Packet . . . . . . . . . . . . . . . . . . . . . . . . 4

5. Success Packet . . . . . . . . . . . . . . . . . . . . . . . . 4

6. Failure Packet . . . . . . . . . . . . . . . . . . . . . . . . 5

7. Change-Password Packet . . . . . . . . . . . . . . . . . . . . 6

8. Pseudocode . . . . . . . . . . . . . . . . . . . . . . . . . . 7

8.1. GenerateNTResponse() . . . . . . . . . . . . . . . . . . . . 7

8.2. ChallengeHash() . . . . . . . . . . . . . . . . . . . . . . . 8

8.3. NtPasswordHash() . . . . . . . . . . . . . . . . . . . . . . 9

8.4. HashNtPasswordHash() . . . . . . . . . . . . . . . . . . . . 9

8.5. ChallengeResponse() . . . . . . . . . . . . . . . . . . . . . 9

8.6. DesEncrypt() . . . . . . . . . . . . . . . . . . . . . . . . 10

8.7. GenerateAuthenticatorResponse() . . . . . . . . . . . . . . . 10

8.8. CheckAuthenticatorResponse() . . . . . . . . . . . . . . . . 12

8.9. NewPasswordEncryptedWithOldNtPasswordHash() . . . . . . . . . 12

8.10. EncryptPwBlockWithPasswordHash() . . . . . . . . . . . . . . 13

8.11. Rc4Encrypt() . . . . . . . . . . . . . . . . . . . . . . . . 13

8.12. OldNtPasswordHashEncryptedWithNe...