PAP (Password Authentication Protocol) is a protocol that allows you to verify the authenticity of a name and password for access to a specific server without encryption.
The principle of operation
PAP is mainly used to provide remote access on older servers running on UNIX. Firstly, such servers do not support other similar protocols. Secondly, PAP is considered an insecure protocol, since the login/password pair is transmitted in clear text and can be easily read.
Two systems are involved in the operation of the protocol. One is a remote computer, the other is a data verification system. Information is sent from a remote computer, and the second system authenticates this information with the access control database. As a result of successful verification, the user of the first system gets access to the network.
Data verification using the RAR is initiated by sending an LCP packet, which specifies the hexadecimal PAP number. Next, the packages are exchanged. There are 3 packages of RAR:
- Request – authentication request. Here, the data of the verified party is sent to the verifying party. The request can be repeated many times until it receives confirmation or the time of the set timer runs out.
- Ack confirmation.
- Nak – refusal.
The confirmation or rejection packets contain information about the result and the length of the message in bytes. Information about the results is not regulated and can have any form.