Motorola VC5090 Product Reference Manual page 104

4 - 10 VC5090 Vehicle Computer Product Reference Guide
Table 4-8 lists the PEAP tunneled authentication options.
Table 4-8 PEAP Tunneled Authentication Options
PEAP Tunneled
Authentication
MS CHAP v2
TLS
Table 4-9 lists the TTLS tunneled authentication options.
Table 4-9 TTLS Tunneled Authentication Options
TTLS Tunneled
Authentication
CHAP
MS CHAP
MS CHAP v2
PAP
MD5
Microsoft Challenge Handshake Authentication Protocol version 2 (MS CHAP v2) is a
password-based, challenge-response, mutual authentication protocol that uses the
industry-standard Message Digest 4 (MD4) and Data Encryption Standard (DES) algorithms
to encrypt responses. The authenticating server challenges the access client and the access
client challenges the authenticating server. If either challenge is not correctly answered, the
connection is rejected. MS CHAP v2 was originally designed by Microsoft as a PPP
authentication protocol to provide better protection for dial-up and virtual private network
(VPN) connections. With Windows XP SP1, Windows XP SP2, Windows Server 2003, and
Windows 2000 SP4, MS CHAP v2 is also an EAP type.
EAP TLS is used during phase 2 of the authentication process. This method uses a user
certificate to authenticate.
Challenge Handshake Authentication Protocol (CHAP) is one of the two main
authentication protocols used to verify the user name and password for PPP Internet
connections. CHAP is more secure than PAP because it performs a three way handshake
during the initial link establishment between the home and remote machines. It can also
repeat the authentication anytime after the link is established.
Microsoft Challenge Handshake Authentication Protocol (MS CHAP) is an
implementation of the CHAP protocol that Microsoft created to authenticate remote
Windows workstations. MS CHAP is identical to CHAP, except that MS CHAP is based
on the encryption and hashing algorithms used by Windows networks, and the MS CHAP
response to a challenge is in a format optimized for compatibility with Windows operating
systems.
MS CHAP v2 is a password based, challenge response, mutual authentication protocol
that uses the industry standard Message Digest 4 (MD4) and Data Encryption Standard
(DES) algorithms to encrypt responses. The authenticating server challenges the access
client and the access client challenges the authenticating server. If either challenge is not
correctly answered, the connection is rejected. MS CHAP v2 was originally designed by
Microsoft as a PPP authentication protocol to provide better protection for dial-up and
virtual private network (VPN) connections. With Windows XP SP1, Windows XP SP2,
Windows Server 2003, and Windows 2000 SP4, MS CHAP v2 is also an EAP type.
Password Authentication Protocol (PAP) has two variations: PAP and CHAP PAP. It
verifies a user name and password for PPP Internet connections, but it is not as secure
as CHAP, since it works only to establish the initial link. PAP is also more vulnerable to
attack because it sends authentication packets throughout the network. Nevertheless,
PAP is more commonly used than CHAP to log in to a remote host like an Internet service
provider.
Message Digest-5 (MD5) is an authentication algorithm developed by RSA. MD5
generates a 128-bit message digest using a 128-bit key, IPSec truncates the message
digest to 96 bits.
Description
Description