Principle of CHAP Encryption Communication Protocol for Industrial 4G Routers

- Jan 15, 2019-

The industrial 4G LTE router's PPP protocol supports CHAP and PAP (Password Authentication Protocol). The CHAP protocol is more secure than PAP due to encrypted communication and timing verification. CHAP is commonly known as the Challenge Handshake Protocol. The receiver encrypts it into a value by encrypting its own database ID and password, and then verifies whether the value is consistent with the value calculated by the sender. This is the so-called CHAP "challenge handshake protocol."


CHAP authentication and its characteristics. After the CHAP authentication protocol is configured, the initiating connection industrial 4G LTE router 1 sends a link establishment request to the opposite end industrial 4G LTE router 2, and negotiates to use CHAP authentication. The process of certification is as follows:


1). Industrial 4G LTE router 2 sends an inquiry message (content including ID, random number, router name industrial router 2) to the industrial 4G wireless router 1;


2). Industrial 4G wireless router 1 queries its own database according to the name in the inquiry message, finds its own database, finds the shared password with the user industrial 4G wireless router 2, and then generates a unique one using the ID, random number, name industrial router 2 and shared password in the inquiry message. MD5 (abstract 5) hash number;


3). industrial 4G router 1 sends the ID, random number, hash number and name industrial 4G router 1 in the inquiry message to the industrial 4G router 2;


4). Industrial router 2 uses its ID, random number, name industrial router 2, which is originally sent to the industrial router 1, plus the shared password to generate its own hash number;


5). Industrial router 2 compares its own hash number with the hash number sent by industrial router 1. If these two values are the same, industrial router 2 sends a link response to industrial router 1 (if different, the system will generate one CHAP failure datagram);


6). link establishment, connection;


7) After a period of time, repeat steps 1~6. If the R2 comparison finds that the two hashes are different, the connection is terminated.

For more info about the Industrial 4G LTE router, please refer to: 

industrial 4g wireless router