Source : Free On-Line Dictionary of Computing

Challenge-Handshake Authentication Protocol
     
         (CHAP) An
        {authentication} scheme used by {PPP} servers to validate the
        identity of the originator of the connection upon connection
        or any time later.
     
        CHAP applies a three-way {handshaking} procedure.  After the
        link is established, the server sends a "challenge" message to
        the originator.  The originator responds with a value
        calculated using a {one-way hash function}.  The server checks
        the response against its own calculation of the expected hash
        value.  If the values match, the authentication is
        acknowledged; otherwise the connection is usually terminated.
     
        CHAP provides protection against {playback} attack through the
        use of an incrementally changing identifier and a variable
        challenge value.  The authentication can be repeated any time
        while the connection is open limiting the time of exposure to
        any single attack, and the server is in control of the
        frequency and timing of the challenges.  As a result, CHAP
        provides greater security then {PAP}.
     
        CHAP is defined in {RFC} 1334.
     
        (1996-03-05)