Hai bản sao của mỗi chỉ số là cần thiết bởi vì lĩnh vực FCS không bảo vệ lĩnh vực Frame Status. Địa chỉ công nhận và các chỉ số Khung hình Sao chép không được sử dụng như lời cảm ơn cho phân phối dữ liệu đáng tin cậy. Mã thông báo gửi vành đai mạng bộ chuyển đổi sử dụng các chỉ số này để truyền lại các khung hình | 70 Part I The Network Interface Layer Capture 04-02 in the Captures folder on the companion CD-ROM contains an example of a PAP authentication. CHAP CHAP is a more secure authentication protocol described in RFC 1994 which uses a challenge-response exchange of messages to validate that the calling peer has knowledge of the user s password. The password itself is never sent. Although more secure than PAP CHAP does not provide mutual authentication. The calling peer authenticates to the answering peer but the answering peer does not authenticate to the calling peer. Without mutual authentication a calling peer is unable to determine whether it is calling a valid answering peer. When the use of CHAP is negotiated during phase 1 an algorithm that is used to provide proof of knowledge of the user password is also specified. For the Message Digest-5 MD5 algorithm the LCP option data for the authentication protocol contains the CHAP authentication protocol 0xC2-23 and the MD-5 algorithm 0x05 . CHAP messages use the PPP Protocol ID 0xC2-23. CHAP authentication using MD5 consists of the following three messages 1. The answering peer sends a CHAP Challenge message that contains a CHAP session ID the value of the Identifier field a challenge string and the name of the answering peer. 2. The calling peer sends a CHAP Response message that contains the user name of the calling peer and an MD5 hash of the CHAP session ID the challenge string and the user s password. 3. The answering peer calculates its own MD5 hash of the CHAP session ID the challenge string and user password and compares the result with the MD5 hash in the CHAP Response message. If the two hashes are identical the answering peer sends a CHAP Success message. If not the answering peer sends a CHAP Failure message and the connection is terminated. Figure 4-5 shows the CHAP Challenge and CHAP Response messages. Protocol lllllll lllllll 0XC2-23 Code lllllll Identifier lllllll Length lllllll lllllll Value Size .