Which authentication protocol is known for its three-way handshake process?

The Challenge Handshake Authentication Protocol (CHAP) is known for its three-way handshake process, making it an effective method for authenticating users and devices. The three-way handshake begins when the server sends a challenge to the client. The client then responds with a hashed value derived from the challenge and its password. Finally, the server verifies this response by creating its own hashed value from the challenge and the stored password, and it checks if this matches the client’s response.

This process enhances security by not transmitting passwords over the network, as the actual passwords are never sent; only hashed values are exchanged. The use of a challenge also helps protect against replay attacks, making it a robust choice for secure authentication.

In contrast, Extensible Authentication Protocol (EAP) is more of a framework for various authentication methods, lacking a distinct handshake process like CHAP's. Lightweight Directory Access Protocol (LDAP) is primarily used for accessing and managing directory information rather than authentication. Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) is a Microsoft-specific implementation of CHAP that also employs a variant of the handshake process, but it is CHAP that is fundamentally recognized for the standard three-way handshake.