Point-to-Point Protocol (PPP) Security

Connecting to remote access servers (RASs)

PPP authentication

PPP confidentiality

Point-to-Point Tunneling Protocol (PPTP)

PPP

• Point-to-Point Protocol (PPP)– Data link layer protocol– Created for dialing into a network’s remote

access server (RAS)• Then get access to internal resources

– Also used for dialing into an ISP

PPP Connection

RAS

PPP

• Authentication– Optional in PPP– If done, done during authentication phase of

PPP’s initial negotiation process

PPP Connection

RASI amX

PPP

• PPP offers several authentication options– Password Authentication Protocol (PAP)– Challenge-Response Handshake Protocol

(CHAP)– MS-CHAP—Microsoft version of CHAP– Extensible Authentication Protocol (EAP)

• Not equally strong

PPP• Password Authentication Protocol

(PAP)– Applicant sends verifier one or more PAP

authentication request messages giving applicant’s user name and password

– Stops sending when verifier sends an authentication-ACK message or sends a termination message

RASPAPAuth RQ

PAPAuth RQ

PAPAuth ACK

PPP

• Password Authentication Protocol (PAP)– Password is sent in the clear (without

confidentiality), so PAP is dangerous

RASPAPAuth RQ

Contains User’s Unencrypted Password

PPP

• Password Authentication Protocol (PAP)

– Authentication is done only once, at the beginning of the session

– If session is taken over by an impostor, no check of authentication

PPP• (CHAP) Challenge-Response Handshake

Protocol– Verifier (RAS) sends CHAP request-

authentication message– Applicant must respond with a response

messageRAS

CHAP ARQ message

CHAP Resp message

PPP

• CHAP– This may be done several times per session for

ongoing authentication to ensure that the session has not been hijacked (taken over by an imposter)

PPP

• CHAP– The applicant and verifier have a shared secret– Applicant adds shared secret to the request

message, then hashes the combination to produce the response message

CHAPAuthentication

Request Message

CHAPAuthentication

Response Message

SharedSecret

Hash

PPP

• CHAP– Verifier adds the shared secret to its request

message, then hashes the combination– If this matches the transmitted response

message, applicant knows the shared secret and so is authenticatedOriginal

AuthenticationRequest Message

ComputedAuthentication

Response Message

SharedSecret

Hash

TransmittedAuthentication

Response Message

PPP

• MS-CHAP– Microsoft version of CHAP– The shared secret is the user’s password for the

remote access server (RAS)

MS-CHAPAuthentication

Request Message

MS-CHAPAuthentication

Response Message

RASPassword

Hash

RAS

PPP

• MS-CHAP– Realistic in terms of how RASs usually work– Only as strong as the password, which often is

very weak– Must enforce strong passwords

MS-CHAPAuthentication

Request Message

MS-CHAPAuthentication

Response Message

RASPassword

Hash

PPP• Extensible Authentication Protocol (EAP)

– During authentication phase of initial PPP negotiations, merely assert that EAP will be used

– After the negotiation phase, which is very limited, EAP does further negotiation on how authentication will be done

RAS

Agree to Use EAPNegotiate more later

PPP

• PPP Confidentiality– Optional (not mandatory)– Negotiated using the PPP encryption control

protocol during the initial negotiation phase

RASConfidential

Message

PPP

• PPP Confidentiality– Current options are DES-CBC and 3DES-CBC

• Cipher block chaining (CBC) is discussed under IPsec in this chapter

RASConfidential

Message

PPP

• PPP Confidentiality Encapsulation– Encrypt the PPP frame with DES-CBC or

3DES-CBC– Put encrypted frame in the data field of a new

PPP frame– Send frame to RAS

NewPPP Header

NewPPP Trailer

Encrypted PPP FrameIn Data Field