📄 ms-chap.txt
字号:
Network Working Group S. Cobb
Informational Memo Microsoft
Revision 1.3 March 1997
Microsoft PPP CHAP Extensions
Status of this Memo
This document has no official Internet Engineering Task Force
status. It is submitted as an example of one vendor's working
solution to several authentication issues not yet standardized by
the Point-to-Point Working Group.
The protocol described is implemented in Microsoft Windows NT 3.5
and 3.51 and in Microsoft Windows95. Differences between the
platforms are noted in the text. This information, plus that in
the references, is believed sufficient to implement an
interoperating peer.
Distribution of this memo is unlimited.
Abstract
The Point-to-Point Protocol (PPP) [1] provides a standard method
for transporting multi-protocol datagrams over point-to-point
links. PPP defines an extensible Link Control Protocol and a
family of Network Control Protocols (NCPs) for establishing and
configuring different network-layer protocols.
This document describes Microsoft's PPP CHAP dialect (MS-CHAP),
which extends the user authentication functionality provided on
Windows networks to remote workstations. MS-CHAP is closely
derived from the PPP Challenge/Handshake Authentication Protocol
described in RFC 1334 [2], which the reader should have at hand.
History
Rev 1.21: (Sect 6) Fix error in implicit challenge description
Rev 1.22: (Sect 7) Fix error in sub-field table ordering
Rev 1.3: (Sect 10) Added hash example section
Cobb [Page 1]
Memo Microsoft PPP CHAP Extensions March 1997
Table Of Contents
1. Introduction................................................3
2. LCP Configuration...........................................4
3. Challenge Packet............................................4
4. Response Packet.............................................4
5. Success Packet..............................................8
6. Failure Packet..............................................8
7. Change Password Packet (version 1)..........................9
8. Change Password Packet (version 2).........................12
9. Negotiation Examples.......................................16
10. Hash Example...............................................16
REFERENCES.....................................................18
CHAIR'S ADDRESS................................................19
AUTHOR'S ADDRESS...............................................19
Cobb [Page 2]
Memo Microsoft PPP CHAP Extensions March 1997
1. Introduction
Microsoft created MS-CHAP to authenticate remote Windows
workstations, providing the functionality to which LAN-based users
are accustomed.
The closest fit available in standard PPP is CHAP which is
primarily used for mutual secure authentication between WAN-aware
routers. Unfortunately, CHAP is not widely used in support of
remote workstations where providers commonly require an insecure
text login session in place of PPP authentication protocols. To
date, several remote workstation issues have not been adequately
addressed in CHAP. MS-CHAP addresses these issues and also
integrates the encryption and hashing algorithms used on Windows
networks.
Where possible, MS-CHAP is consistent with standard CHAP, and the
differences are easily modularized. Microsoft implements MS-CHAP
as extensions to it's standard CHAP code base. Briefly,
differences between MS-CHAP and standard CHAP are:
* MS-CHAP is enabled by negotiating CHAP Algorithm 0x80 in LCP
option 3, Authentication Protocol.
* The MS-CHAP Response packet is in a format designed for
compatibility with Microsoft Windows NT 3.5 and 3.51,
Microsoft Windows95, and Microsoft LAN Manager 2.x networking
products. The MS-CHAP format does not require the
authenticator to store a clear or reversibly encrypted
password.
* MS-CHAP provides an authenticator controlled authentication
retry mechanism.
* MS-CHAP provides an authenticator controlled change password
mechanism.
* MS-CHAP defines a set of reason-for-failure codes returned in
the Failure packet Message field.
Cobb [Page 3]
Memo Microsoft PPP CHAP Extensions March 1997
2. LCP Configuration
The LCP configuration for MS-CHAP is identical to that for
standard CHAP, except that the Algorithm field has value 0x80,
rather than the MD5 value 0x05. Non-MS-CHAP-aware implementations
that correctly implement LCP Config-Rej have no problem dealing
with this non-standard option.
Microsoft currently negotiates authentication only on the
server->workstation configuration. Mutual authentication may be
supported in the future.
3. Challenge Packet
The MS-CHAP Challenge packet is identical in format to the
standard CHAP Challenge packet.
MS-CHAP authenticators send an 8-octet challenge Value field. It
is not necessary for peers to duplicate Microsoft's algorithm for
selecting the 8-octet value, but the CHAP guidelines on randomness
should be observed.
Microsoft authenticators do not currently provide information in
the Name field. This may change in the future.
4. Response Packet
The MS-CHAP Response packet is identical in format to the standard
CHAP Response packet. However, the Value field is sub-formatted
differently as follows:
24 octets: LAN Manager compatible challenge response
24 octets: Windows NT compatible challenge response
1 octet : "Use Windows NT compatible challenge response" flag
The LAN Manager compatible challenge response is an encoded
function of the password and the received challenge as output by
the pseudo-code routine LmChallengeResponse below. LAN Manager
passwords are limited to 14 case-insensitive OEM characters.
Cobb [Page 4]
Memo Microsoft PPP CHAP Extensions March 1997
LmChallengeResponse(
IN 8-octet Challenge,
IN 0-to-14-oem-char Password,
OUT 24-octet Response )
{
LmPasswordHash(
Password,
giving PasswordHash )
ChallengeResponse(
Challenge,
PasswordHash,
giving Response )
}
LmPasswordHash(
IN 0-to-14-oem-char Password,
OUT 16-octet PasswordHash )
{
Set UcasePassword to the uppercased Password
Zero pad UcasePassword to 14 characters
DesHash(
1st 7-octets of UcasePassword,
giving 1st 8-octets of PasswordHash )
DesHash(
2nd 7-octets of UcasePassword,
giving 2nd 8-octets of PasswordHash )
}
DesHash(
IN 7-octet Clear,
OUT 8-octet Cypher )
{
Make Cypher an irreversibly encrypted form of Clear by
encrypting known text [6] using Clear as the secret key,
that is...
DesEncrypt(
StdText,
Clear,
giving Cypher )
}
Cobb [Page 5]
Memo Microsoft PPP CHAP Extensions March 1997
DesEncrypt(
IN 8-octet Clear,
IN 7-octet Key,
OUT 8-octet Cypher )
{
Use the DES encryption algorithm [3] to encrypt Clear into
Cypher such that Cypher can only be decrypted back to
Clear by providing Key. Note that the DES algorithm takes
as input a 64-bit stream where the 8th, 16th, 24th, etc
bits are parity bits ignored by the encrypting algorithm.
Unless you write your own DES to accept 56-bit input
without parity, you will need to insert the parity bits
yourself.
}
ChallengeResponse(
IN 8-octet Challenge,
IN 16-octet PasswordHash,
OUT 24-octet Response )
{
Set ZPasswordHash to PasswordHash zero padded to 21 octets
DesEncrypt(
Challenge,
1st 7-octets of ZPasswordHash,
giving 1st 8-octets of Response )
DesEncrypt(
Challenge,
2nd 7-octets of ZPasswordHash,
giving 2nd 8-octets of Response )
DesEncrypt(
Challenge,
3rd 7-octets of ZPasswordHash,
giving 3rd 8-octets of Response )
}
The Windows NT compatible challenge response is an encoded
function of the password and the received challenge as output by
the NtChallengeResponse routine below. The Windows NT password is
a string of 0 to (theoretically) 256 case-sensitive Unicode
characters. Current versions of Windows NT limit passwords to 14
characters, mainly for compatibility reasons, though this may
change in the future.
Cobb [Page 6]
Memo Microsoft PPP CHAP Extensions March 1997
NtChallengeResponse(
IN 8-octet Challenge,
IN 0-to-256-unicode-char Password,
OUT 24-octet Response )
{
NtPasswordHash(
Password,
giving PasswordHash )
ChallengeResponse(
Challenge,
PasswordHash,
giving Response )
}
NtPasswordHash(
IN 0-to-256-unicode-char Password,
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -