Secure Remote Password Protocol


Secure Remote Password Protocol (SRP) performs secure remote authentication of short human-memorizable passwords and resists both passive and active network attacks.

Secure Remote Password Protocol is described in several RFCs:

Secure Remote Password Protocol is an augmented Password-authenticated Key Agreement (PAKE) protocol, specifically designed to work around existing patents.

Secure Remote Password Protocol is a password-based is an Authentication Method that offers a Zero-knowledge proof from the protocol Client to the protocol Server.

Like all PAKE protocols, an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each guess. This means that strong security can be obtained using weak passwords. Furthermore, being an augmented PAKE protocol, the server does not store password-equivalent data. This means that an attacker who steals the server data cannot masquerade as the client unless they first perform a brute force search for the password.

More Information#

There might be more information for this subject on one of the following: