This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Secure Remote Password Protocol
Secure Remote Password Protocol

Version management

Difference between version and

At line 1 added 20 lines
!!! Overview[1]
[{$pagename}] ([SRP]) performs secure remote authentication of short human-memorizable passwords and resists both passive and active network attacks.[{$pagename}] is a three-rond [Password-authenticated Key Agreement] ([PAKE]) [protocol][{$pagename}] is described in several RFCs:
* [RFC 2944] - [Telnet Authentication; SRP]
* [RFC 2945] - [The SRP Authentication and Key Exchange System]
* [RFC 5054] - [Using the Secure Remote Password (SRP) Protocol for TLS Authentication]
[{$pagename}] is an augmented [Password-authenticated Key Agreement] ([PAKE]) protocol, specifically designed to work around existing patents.
[{$pagename}] is a [password-based] is an [Authentication Method] that offers a [Zero-knowledge proof] from the [protocol Client] to the [protocol Server].
Like all PAKE protocols, an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each guess. This means that strong security can be obtained using weak passwords. Furthermore, being an augmented PAKE protocol, the server does not store password-equivalent data. This means that an attacker who steals the server data cannot masquerade as the client unless they first perform a brute force search for the password.
[{$pagename}] has some at last perceived issues with [Patents].[2]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [The Stanford SRP Homepage|http://srp.stanford.edu//|target='_blank'] - based on information obtained 2016-06-05
* [#2] - [Why is SRP not widely used?|https://crypto.stackexchange.com/questions/8245/why-is-srp-not-widely-used|target='_blank'] - based on information obtained 2018-10-21-
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop