Deriving MPPE Keys From MS-CHAP V2 Credentials
draft-ietf-pppext-mschapv2-keys-02
Document | Type |
Expired Internet-Draft
(pppext WG)
Expired & archived
|
|
---|---|---|---|
Author | Glen Zorn | ||
Last updated | 1998-11-16 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The Point-to-Point Protocol (PPP) [1] provides a standard method for transporting multi-protocol datagrams over point-to-point links. The PPP Compression Control Protocol [2] provides a method to negotiate and utilize compression protocols over PPP encapsulated links. Version 2 of the Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP-2) [3] is a Microsoft-proprietary PPP authentication protocol, providing the functionality to which LAN-based users are accustomed while integrating the encryption and hashing algorithms used on Windows networks. Microsoft Point to Point Encryption (MPPE) [4] is a means of representing PPP packets in an encrypted form. MPPE uses the RSA RC4 [5] algorithm to provide data confidentiality. The length of the ses- sion key to be used for initializing encryption tables can be negoti- ated. MPPE currently supports 40-bit and 128-bit session keys. MPPE session keys are changed frequently; the exact frequency depends upon the options negotiated, but may be every packet. MPPE is negotiated within option 18 [6] in the Compression Control Protocol. This document describes the method used to derive the initial MPPE ses- sion keys from MS-CHAP-2 credentials. The algorithm used to change ses- sion keys during a session is described in [4].
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)