1. Manuals
  2. Brands
  3. Intel Manuals
  4. Network Router
  5. ER8100STUS - Express 8100 Router
  6. Reference manual

Peer Authentication Using The Challenge Handshake Authentication Protocol (Chap) - Intel ER8100STUS - Express 8100 Router Reference Manual

Reference manual
Hide thumbs
Table of Contents

Advertisement

Reference for the
encryption algorithm
Requirements for use
Link speeds
Encryption and
compression
Peer Authentication using the Challenge Handshake Authentication
Protocol (CHAP)
Introduction to CHAP
Passwords
12
which means that the algorithm is used across the entire data stream including the
packet header containing the address and protocol identification, and not only on
a fixed block (packet) size.
The Blowfish encryption algorithm is described in:
Bruce Schneier
Applied Cryptography (John Wiley & Sons)
The devices at both end of the PPP link must implement the Encryption Control
Protocol (ECP) and use the same encryption algorithm.
Data encryption is negotiated by the ECP whenever the link is established. If the
device over the PPP link does not support the ECP or the same encryption algo-
rithm, the link is disconnected and a message is entered in the System Log for the
router—data communications are not allowed on a PPP link intended for secure
communications.
Encryption can be used on all link speeds and can also be used in conjunction
with compression. The algorithm can encrypt at around 1.3 Mbps, which may
cause delays on combined link speeds above this (for example on a 2.0 Mbps
links).
Data encryption can be used together with data compression (see
pression", p.
11) over a PPP link. Data is first compressed then encrypted. When
encryption is used in connection with data compression over a PPP link, the re-
strictions on link speeds for data compression apply.
The Challenge Handshake Authentication Protocol (CHAP) can be used to pro-
vide link security against unauthorized access. CHAP uses password encryption
where passwords can be global (used for all PPP links) or selected from a pass-
word pool. Separate passwords can be used for incoming and outgoing calls on a
link.
CHAP uses password encryption to authenticate peers; separate passwords can
be used for incoming and outgoing calls. The passwords are used to encrypt ran-
dom text files which are transmitted over the PPP link (see 'Challenge handshake
authentication procedure' following); passwords are therefore never transmitted
directly over a PPP link, and cannot be intercepted and used by unauthorized
sources.
Leased Lines Links
Point-to-Point Protocol (PPP)
"Data Com-

Advertisement

Table of Contents
loading

Related Manuals for Intel ER8100STUS - Express 8100 Router

Related Content for Intel ER8100STUS - Express 8100 Router

This manual is also suitable for:

Express 8100

Table of Contents