Point-to-Point Protocol (PPP) Security
Connecting to remote access servers (RASs)
PPP authentication
PPP confidentiality
Point-to-Point Tunneling Protocol (PPTP)
PPP
• Point-to-Point Protocol (PPP)– Data link layer protocol– Created for dialing into a network’s remote
access server (RAS)• Then get access to internal resources
– Also used for dialing into an ISP
PPP Connection
RAS
PPP
• Authentication– Optional in PPP– If done, done during authentication phase of
PPP’s initial negotiation process
PPP Connection
RASI amX
PPP
• PPP offers several authentication options– Password Authentication Protocol (PAP)– Challenge-Response Handshake Protocol
(CHAP)– MS-CHAP—Microsoft version of CHAP– Extensible Authentication Protocol (EAP)
• Not equally strong
PPP• Password Authentication Protocol
(PAP)– Applicant sends verifier one or more PAP
authentication request messages giving applicant’s user name and password
– Stops sending when verifier sends an authentication-ACK message or sends a termination message
RASPAPAuth RQ
PAPAuth RQ
PAPAuth ACK
PPP
• Password Authentication Protocol (PAP)– Password is sent in the clear (without
confidentiality), so PAP is dangerous
RASPAPAuth RQ
Contains User’s Unencrypted Password
PPP
• Password Authentication Protocol (PAP)
– Authentication is done only once, at the beginning of the session
– If session is taken over by an impostor, no check of authentication
PPP• (CHAP) Challenge-Response Handshake
Protocol– Verifier (RAS) sends CHAP request-
authentication message– Applicant must respond with a response
messageRAS
CHAP ARQ message
CHAP Resp message
PPP
• CHAP– This may be done several times per session for
ongoing authentication to ensure that the session has not been hijacked (taken over by an imposter)
PPP
• CHAP– The applicant and verifier have a shared secret– Applicant adds shared secret to the request
message, then hashes the combination to produce the response message
CHAPAuthentication
Request Message
CHAPAuthentication
Response Message
SharedSecret
Hash
PPP
• CHAP– Verifier adds the shared secret to its request
message, then hashes the combination– If this matches the transmitted response
message, applicant knows the shared secret and so is authenticatedOriginal
AuthenticationRequest Message
ComputedAuthentication
Response Message
SharedSecret
Hash
TransmittedAuthentication
Response Message
PPP
• MS-CHAP– Microsoft version of CHAP– The shared secret is the user’s password for the
remote access server (RAS)
MS-CHAPAuthentication
Request Message
MS-CHAPAuthentication
Response Message
RASPassword
Hash
RAS
PPP
• MS-CHAP– Realistic in terms of how RASs usually work– Only as strong as the password, which often is
very weak– Must enforce strong passwords
MS-CHAPAuthentication
Request Message
MS-CHAPAuthentication
Response Message
RASPassword
Hash
PPP• Extensible Authentication Protocol (EAP)
– During authentication phase of initial PPP negotiations, merely assert that EAP will be used
– After the negotiation phase, which is very limited, EAP does further negotiation on how authentication will be done
RAS
Agree to Use EAPNegotiate more later
PPP
• PPP Confidentiality– Optional (not mandatory)– Negotiated using the PPP encryption control
protocol during the initial negotiation phase
RASConfidential
Message
PPP
• PPP Confidentiality– Current options are DES-CBC and 3DES-CBC
• Cipher block chaining (CBC) is discussed under IPsec in this chapter
RASConfidential
Message
PPP
• PPP Confidentiality Encapsulation– Encrypt the PPP frame with DES-CBC or
3DES-CBC– Put encrypted frame in the data field of a new
PPP frame– Send frame to RAS
NewPPP Header
NewPPP Trailer
Encrypted PPP FrameIn Data Field