Authentication, Encryption and Tunneling Protocols

Authentication Protocols

Various authentication protocols are listed and described below.

• CHAP - Challenge Handshake Authentication Protocol is a three way handshake protocol which is considered more secure than PAP. Authentication Protocol.
• EAP - Extensible Authentication Protocol is used between a dial-in client and server to determine what authentication protocol will be used.
• PAP - Password Authentification Protocol is a two way handshake protocol designed for use with PPP. Authentication Protocol Password Authentication Protocol is a plain text password used on older SLIP systems. It is not secure.
• SPAP - Shiva PAP. Only NT RAS server supports this for clients dialing in.
• DES - Data Encryption Standard for older clients and servers.
• RADIUS - Remote Authentication Dial-In User Service used to authenticate users dialing in remotely to servers in a organization's network.
• S/Key - A one time password system, secure against replays. RFC 2289. Authentication Protocol.
• TACACS - Offers authentication, accounting, and authorization. Authentication Protocol.
• MS-CHAP (MD4) - Uses a Microsoft version of RSA message digest 4 challenge and reply protocol. It only works on Microsoft systems and enables data encryption. Selecting this authentification method causes all data to be encrypted.
• SKID - SKID2 and SKID3 are vulnerable to a man in the middle attack.

Encryption Protocols

Various encryption protocols are listed and described below.

• CIPE - Crypto IP Encapsulation. An encryption protocol.
• SSL - Secure sockets layer. An encryption protocol.

Tunneling Protocols

• IPIP tunneling - Tunneling IP packets in IP packets.
• IPSec - Internet protocol security, developed by IETF, implemented at layer 3. it is a collection of security measures that address data privacy, integrity, authentication, and key management, in addition to tunneling. Does not cover key management. A VPN tunneling Protocol.
• L2F - Layer2 Forwarding, works at the link layer of the OSI model. It has no encryption. It is being replaced by L2TP. A VPN tunneling Protocol.
• L2TP - Layer2 Tunneling Protocol. (RFC 2661) Combines features of L2F and PPTP and works at the link layer. No encryption or key management is included in specifications. A VPN tunneling Protocol. It uses IPSec for encryption.
• PPTP - Point-to-Point Tunneling Protocol (RFC 2637) works at the link layer. No encryption or key management included in specifications. A VPN tunneling Protocol used to send secure communications from point to point.
• Socks - handled at the application layer.