• Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar
  • Skip to footer

Computer Notes

Library
    • Computer Fundamental
    • Computer Memory
    • DBMS Tutorial
    • Operating System
    • Computer Networking
    • C Programming
    • C++ Programming
    • Java Programming
    • C# Programming
    • SQL Tutorial
    • Management Tutorial
    • Computer Graphics
    • Compiler Design
    • Style Sheet
    • JavaScript Tutorial
    • Html Tutorial
    • Wordpress Tutorial
    • Python Tutorial
    • PHP Tutorial
    • JSP Tutorial
    • AngularJS Tutorial
    • Data Structures
    • E Commerce Tutorial
    • Visual Basic
    • Structs2 Tutorial
    • Digital Electronics
    • Internet Terms
    • Servlet Tutorial
    • Software Engineering
    • Interviews Questions
    • Basic Terms
    • Troubleshooting
Menu

Header Right

Home » Networking » Switching » What are the Point-to-Point Protocol (PPP) four distinct phases?
Next →
← Prev

What are the Point-to-Point Protocol (PPP) four distinct phases?

By Dinesh Thakur

Because the Layer 2 protocols depend heavily on the features originally specified for PPP, it is worth examining this protocol more closely. PPP was designed to send data across dial-up or dedicated point to- point connections. PPP encapsulates IP, IPX, and NetBEUI packets within PPP frames, and then transmits the PPP-encapsulated packets across a point-to-point link. PPP is used between a dial-up client and an NAS.

There are four distinct phases of negotiation in a PPP dial-up session. Each of these four phases must complete successfully before the PPP connection is ready to transfer user data.

We’ll be covering the following topics in this tutorial:

  • Phase 1: PPP link Establishment
  • Phase 2: User Authentication
  • Phase 3: PPP Callback Control
  • Phase 4: Invoking Network Layer Protocol(s)
  • Data-Transfer Phase

Phase 1: PPP link Establishment

PPP uses Link Control Protocol (LCP) to establish, maintain, and end the physical connection. During the initial LCP phase, basic communication options are selected. During the link establishment phase (Phase 1), authentication protocols are selected, but they are not actually implemented until the connection authentication phase (Phase 2). Similarly, during LCP a decision is made as to whether the two peers will negotiate the use of compression and/or encryption. The actual choice of compression and encryption algorithms and other details occurs during Phase 4.

Phase 2: User Authentication

In the second phase, the client PC presents the user’s credentials to the remote access server. A secure authentication scheme provides protection against replay attacks and remote client impersonation. A replay attack occurs when a third party monitors a successful connection and uses captured packets to play back the remote client’s response so that it can gain an authenticated connection. Remote client impersonation occurs when a third party takes over an authenticated connection. The intruder waits until the connection has been authenticated, and then traps the conversation parameters, disconnects the authenticated user, and takes control of the authenticated connection.

Most implementations of PPP provide limited authentication methods, typically Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Microsoft Challenge Handshake Authentication Protocol (MSCHAP).

 1.Password Authentication Protocol (PAP): PAP is a simple, clear-text authentication scheme. The NAS requests the user name and password, and PAP returns them in clear text (unencrypted). Obviously, this authentication scheme is not secure because a third party could capture the User s name and password and use it to get subsequent access to the NAS and all of the resources provided by the NAS. PAP provides no protection against replay attacks or remote client impersonation once the user’s password is compromised.

 2.Challenge-Handshake Authentication Protocol (CHAP): CHAP is an encrypted authentication mechanism that avoids transmission of the actual password on the connection. The NAS sends a challenge, which consists of a session ID and an arbitrary challenge string, to the remote client. The remote client must use the MD5 one-way hashing algorithm to return the user name and an encryption of the challenge, session ID, and the client’s password. The user name is sent without hash.

The CHAP Process

CHAP is an improvement over PAP because the clear-text password is not sent over the link. Instead, the password is used to create an encrypted hash from the original challenge. The server knows the client’s clear-text password and can, therefore, replicate the operation and compare the result to the password sent in the client’s response. CHAP protects against replay attacks by using an arbitrary challenge string for each authentication attempt. CHAP protects against remote client impersonation by unpredictably sending repeated challenges to the remote client throughout the duration of the connection.

Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP).

MS-CHAP is an encrypted authentication mechanism very similar to CHAP. As in CHAP, the NAS sends a challenge, which consists of a session ID and an arbitrary challenge string, to the remote client. The remote client must return the user name and an MD4 hash of the challenge string, the session ID, and the MD4-hashed password. This design, which manipulates a hash of the MD4 hash of the password, provides an additional level of security because it allows the server to store hashed passwords instead of clear-text passwords. MS-CHAP also provides additional error codes, including a password expired code, and additional encrypted client-server messages that permit users to change their passwords. In MS-CHAP, both the Client and the NAS independently generate an initial key for subsequent data encryption by MPPE. Therefore, MS-CHAP authentication is required to enable MPPE-based data encryption.

During phase 2 of PPP link configuration, the NAS collects the authentication data, and then validates the data against its own user database or against a central authentication database server, such as one maintained by a Microsoft® Windows NT® Primary Domain Controller (PDC) or a Remote Authentication Dial-in User Service (RADIUS) server.

Phase 3: PPP Callback Control

The Microsoft implementation of PPP includes an optional callback control phase. This phase uses the Callback Control Protocol (CBCP) immediately after the authentication phase. If configured for callback, both the remote client and NAS disconnect after authentication. The NAS then calls the remote client back at a specified phone number. This provides. an additional level of security to dial-up networking. The NAS allows connections from remote clients physically residing at specific phone numbers only.

Phase 4: Invoking Network Layer Protocol(s)

Once the previous phases have been completed, PPP invokes the various Network Control Protocols (NCPs) that were selected during the link establishment phase (Phase I) to configure protocols used by the remote client. For example, during this phase the IP Cont’ 01 Protocol (IPCP) can assign a dynamic address to the dial-in user. In the Microsoft implementation of PPP, the compression control protocol is used to negotiate both data compression (using MPPC) and data encryption (using MPPE) because both are implemented in the same routine.

Data-Transfer Phase

Once the four phases of negotiation have been completed, PPP begins to forward data to and from the two peers. Each transmitted data packet is wrapped in a PPP header which is removed by the receiving system. If data compression was selected in phase 1 and negotiated in phase 4, data is compressed before transmission. If data encryption is selected and negotiated, data is encrypted before transmission.

You’ll also like:

  1. PPP Protocol
  2. Point-to-Point Protocol (PPP)
  3. SQL SELECT DISTINCT Statement
  4. What is Transmission Control Protocol/Internet Protocol (TCP/IP)?
  5. Software Engineering Phases
Next →
← Prev
Like/Subscribe us for latest updates     

About Dinesh Thakur
Dinesh ThakurDinesh Thakur holds an B.C.A, MCDBA, MCSD certifications. Dinesh authors the hugely popular Computer Notes blog. Where he writes how-to guides around Computer fundamental , computer software, Computer programming, and web apps.

Dinesh Thakur is a Freelance Writer who helps different clients from all over the globe. Dinesh has written over 500+ blogs, 30+ eBooks, and 10000+ Posts for all types of clients.


For any type of query or something that you think is missing, please feel free to Contact us.


Primary Sidebar

Networking

Networking Tutorials

  • Network - Home
  • Network - Uses
  • Network - Advantages
  • Network - Classification
  • Network - Architecture Type
  • Nework - Networks Vs Comms

Networking Devices

  • Network - Modem
  • Network - Routers Types
  • Network - Bluetooth
  • Network - RS-232C
  • Network - Hub
  • Network - Devices
  • Network - Bridges
  • Network - Repeaters
  • Network - Routers
  • Network - Switching Hubs
  • Network - Transceiver
  • Network - Multiplexer
  • Network - Gateway
  • Network - BNC Connector
  • Network - Optical Connectors
  • Network - NICs
  • Networking Protocol

  • Protocol - Definition
  • Protocol - IP
  • Protocol - Aloha
  • Protocol - MAC Layer
  • Protocol - Sliding Window
  • Protocol - Stop & Wait
  • Protocol - Network Protocols
  • Protocol - Token Passing
  • Protocol - SIP
  • Protocol - Ad-Hoc Networks Routing
  • Protocol - Lap-f
  • Protocol - Point-to-Point
  • Protocol - PPP
  • Protocol - PPP Phases
  • Protocol - LDP
  • Protocol - MPLS
  • Protocol - MPOA
  • Protocol - HDLC
  • Protocol - Distance Vector routing
  • Protocol - IGMP
  • Protocol - ICMP
  • Protocol - SLIP
  • Protocol - DVMRP
  • Protocol - SDLC
  • Protocol - Routing
  • Protocol - UDP
  • Protocol - ARP and RARP
  • Protocol - Link-State
  • Protocol - ARP Table
  • Protocol - RTP
  • Protocol - NHRP
  • Network Addressing

  • Addressing - Home
  • Addressing - SubNetting
  • Addressing - Classless
  • Addressing - Classes or Classful
  • Addressing - IPV4 vs IPV6
  • Addressing - IPv6
  • Addressing - Subnet Mask
  • Addressing - MAC Address
  • Addressing - Supernetting
  • Addressing - Private IP
  • Addressing - IPv4
  • Addressing - Public IP
  • Addressing - Multihomed
  • Addressing - Indirect Addressing
  • Addressing - ASP
  • Addressing - VLSM
  • Addressing - Routing Algorithms
  • Addressing - Hierarchical Routing
  • Addressing - Routing
  • Addressing - Distributed Routing
  • Addressing - Data Routing
  • Addressing - Services
  • Addressing - IP forwarding
  • Addressing - Aging
  • Addressing - Algorithm CR
  • Networking Media

  • Transmission - Home
  • Transmission - Modes
  • Transmission - Media
  • Transmission - System
  • Transmission - Bound
  • Transmission - Unbound
  • Transmission - Baseband
  • Transmission - Wired
  • Transmission - Fiber Benfits
  • Transmission - Infrared
  • Transmission - UnGuided
  • Transmission - Microwave
  • Transmission - Infrared
  • Transmission - Radio Wave
  • Transmission - Network
  • Transmission - Digital Signal
  • Transmission - Data
  • Transmission - Asynchronous
  • Transmission - Sync Vs Async
  • Cable - Twisted-Pair
  • Cable - Coaxial
  • Cable - UTP and STP
  • Cable - Fiber Optics
  • Cable - Gigabit Ethernet
  • Cable - Fast Ethernet
  • Cable - Ethernet Cable
  • Cable - Fiber-Optic Using
  • Cable - CATV
  • Cable - 100Base T
  • Cable - 10BASE T
  • Cable - 10 Base 2
  • Cable - 10 Base 5
  • Networking Types

  • IEEE - 802.11
  • IEEE - 802.5
  • IEEE - 802.15
  • IEEE - 802.11e
  • IEEE - 802.11n
  • Network - Ethernet
  • Network - Arpanet
  • Network - Frame Relay
  • Network - X.25
  • Network - Telephone
  • Network - WSN
  • Network - Metro Ethernet
  • Network - WAN Ethernet
  • Network - Wireless Mesh
  • Network - SAN
  • Network - SNA
  • Network - Cisco Architecture
  • Network - Vlan
  • Network - FDDI
  • Network - 100VG-Any
  • Network - EPON
  • Network - ISDN
  • Network - ARCNet
  • Network - Passive Optical
  • Networking Reference Models

  • Models - TCP/IP
  • Models - OSI
  • Models - MAC Layer
  • Models - Network Layer
  • Models - MAC Layer Functions
  • Models - TCP/IP Vs OSI
  • Models - CSMA
  • Models - CSMA/CD
  • Models - CSMA/CA
  • Models - CDMA
  • Models - STDM
  • Models - FDMA
  • Models - TDMA
  • Models - SDH
  • Models - CDM
  • Models - Multiplexing
  • Models - Reference
  • Models - Random Access Methods
  • Models - TCP/IP Architecture
  • Models - FDM
  • Models - IP Header
  • Models - OTN
  • Models - Amplitude Levels
  • Models - MIMO
  • Models - Plesiochronous Media
  • Models - Half Duplex
  • Models - ISO Architecture
  • Models - Data-Link Layer
  • Models - WDM
  • Models - Duplex
  • Models - Ethernet FDSE
  • Networking Switching Techniques

  • Switching - Home
  • Switching - Techniques
  • Switching - Packet
  • Switching - Circuit
  • Switching - Message
  • Switching - Packet Vs virtual Circuit
  • Switching - Cell
  • Switching - ATM Cell Structure
  • Switching - Virtual Circuit Vs Datagram
  • Switching - Time Space
  • Switching - Modulation
  • Switching - Cell Relay
  • Switching - ATM Structure
  • Switching - VC Vs PVC
  • Switching - Packet and Circuit
  • Switching - VPC
  • Switching - IP
  • Switching - Logical Channels
  • Switching - TDM
  • Switching - FDM
  • Network Codes

  • Codes - CRC
  • Codes - Error Correction and Detection
  • Codes - Hamming
  • Codes - Piggybacking
  • Codes - Encoding Techniques
  • Codes - Error Control
  • Codes - Parity Check
  • Codes - Parity bit
  • Codes - Bit Error
  • Codes - CRC
  • Codes - Transmission Errors
  • Codes - Error Detection and Correction
  • Network Communication

  • Communication - Home
  • Communication - Satellite
  • Communication - Wireless
  • Communication - Data Type
  • Communication - Congestion Control
  • Communication - Network
  • Communication - Data
  • Communication - Software
  • Communication - Layering Process
  • Networking Signaling

  • Signal - Analog
  • Signal - Digital
  • Signal - Analog Vs Digital
  • Signal - Digitization
  • Network Security

  • Security - Home
  • Security - Requirements
  • Security - Threats
  • Security - Services

Other Links

  • Networking - PDF Version

Footer

Basic Course

  • Computer Fundamental
  • Computer Networking
  • Operating System
  • Database System
  • Computer Graphics
  • Management System
  • Software Engineering
  • Digital Electronics
  • Electronic Commerce
  • Compiler Design
  • Troubleshooting

Programming

  • Java Programming
  • Structured Query (SQL)
  • C Programming
  • C++ Programming
  • Visual Basic
  • Data Structures
  • Struts 2
  • Java Servlet
  • C# Programming
  • Basic Terms
  • Interviews

World Wide Web

  • Internet
  • Java Script
  • HTML Language
  • Cascading Style Sheet
  • Java Server Pages
  • Wordpress
  • PHP
  • Python Tutorial
  • AngularJS
  • Troubleshooting

 About Us |  Contact Us |  FAQ

Dinesh Thakur is a Technology Columinist and founder of Computer Notes.

Copyright © 2025. All Rights Reserved.

APPLY FOR ONLINE JOB IN BIGGEST CRYPTO COMPANIES
APPLY NOW