An authentication method that periodically re-authenticates the client by establishing a hash is known as what?

The correct answer is CHAP, which stands for Challenge-Handshake Authentication Protocol. CHAP is specifically designed to provide a method for periodically re-authenticating a client, enhancing security by employing a challenge-response mechanism.

In this process, the server sends a challenge to the client, which must respond with a hash that combines the challenge and the client's password. This hash is not sent directly, which protects the password from being transmitted in clear text. Once the server receives the client's response, it calculates the expected hash using the same challenge and the stored password. If the computed hash matches the response received, the client is authenticated. This mechanism allows CHAP to perform re-authentication at intervals, which is beneficial in maintaining secure connections over time.

RADIUS, LDAP, and PAP are other authentication methods but do not incorporate the same periodic re-authentication process using established hashes as CHAP does. RADIUS is a centralized authentication protocol, LDAP is a directory service protocol used for accessing and maintaining distributed directory information services, and PAP is a simpler protocol that does not provide periodic authentication or use challenge-response mechanisms, making them less suitable for the scenario described in the question.