一种PPPoE的安全认证方式设计

Design of Security Authentication for PPPoE

PPPoE协议目前在宽带接入中广泛被使用,但其本身存在着一定的安全性问题。本文对PPPoE的工作原理及数据包格式进行了分析,指出其潜在的几种不安全漏洞,提出了一种改进的双向认证方案。该方法通过采用类MS-CHAPv2的认证方式,并且对PPP进行了加密设置配置,提高了PPPoE的身份认证安全性。部分方法已在2台计算机上初步实现。

PPPoE is widely used in broadband access, but there are some problems in its own safety. This paper analyzes the working principle of PPPoE, researches the data packets and points out several potential safety problems. Then an improved PPPoE two-way authentication scheme is proposed, which is similar to MS-CHAPv2 authentication, and configures the System of PPP with encryption .The method can enhance the safety of PPPoE’s identity authentication. Several parts of the approach are realized in two computers.