Secure remote password protocol

Secure remote password protocol

The Secure Remote Password Protocol (SRP) is a password-authenticated key agreement protocol.

Overview

The SRP protocol has a number of desirable properties: it allows a user to authenticate himself to a server, it is resistant to dictionary attacks mounted by an eavesdropper, and it does not require a trusted third party. It effectively conveys a zero-knowledge password proof from the user to the server. Only one password can be guessed at per attempt in revision 6 of the protocol. One of the interesting properties of the protocol is that even if one or two of the cryptographic primitives it uses are attacked, it is still secure. The SRP protocol has been revised several times, and is currently at revision six.

The SRP protocol creates a large private key shared between the two parties in a manner similar to Diffie-Hellman, then verifies to both parties that the two keys are identical and that both sides have the user's password. In cases where encrypted communications as well as authentication are required, the SRP protocol is more secure than the alternative SSH protocol and faster than using Diffie-Hellman with signed messages. It is also independent of third parties, unlike Kerberos. The SRP protocol, version 3 is described in RFC 2945. SRP version 6 is also used for strong password authentication in SSL/TLS [
*

Real world implementations

* The [http://sourceforge.net/projects/clipperz Javascript Crypto Library] includes a Javascript implementation of the SRP protocol, open source, AGPL licensed. Used in [http://www.clipperz.com Clipperz online password manager] .

Other Links

* [http://srp.stanford.edu Official Site]
* [http://grouper.ieee.org/groups/1363/ IEEE 1363]

* [http://www.pdl.cmu.edu/mailinglists/ips/mail/msg08027.html SRP Intellectual Property Slides]


Wikimedia Foundation. 2010.

Игры ⚽ Нужно сделать НИР?

Look at other dictionaries:

  • Password-authenticated key agreement — In cryptography, a password authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party s knowledge of a password. Contents 1 Types 2 Brief history 3 See also …   Wikipedia

  • Kerberos (protocol) — Kerberos is a computer network authentication protocol, which allows individuals communicating over a non secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts… …   Wikipedia

  • Remote Desktop Services — Developer(s) Microsoft Stable release 7.0 (6.1.7600) / October 27, 2009 …   Wikipedia

  • Secure copy — or SCP is a means of securely transferring computer files between a local and a remote host or between two remote hosts, using the Secure Shell (SSH) protocol. The term SCP can refer to one of two related things, the SCP protocol or the SCP… …   Wikipedia

  • Remote administration — refers to any method of controlling a computer from a remote location.Software that allows remote administration is becoming increasingly common and is often used when it is difficult or impractical to be physically near a system in order to use… …   Wikipedia

  • Secure Shell — or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. RFC 4252] Used primarily on Linux and Unix based systems to access shell accounts, SSH was designed as a replacement for TELNET… …   Wikipedia

  • Password — For other uses, see Password (disambiguation). A password is a secret word or string of characters that is used for authentication, to prove identity or gain access to a resource (example: an access code is a type of password). The password… …   Wikipedia

  • Remote Shell — rsh ( remote shell ) is a command line computer program which can execute shell commands as another user, and on another computer across a computer network. The remote system on which the rsh executes the command needs to be running the rshd… …   Wikipedia

  • Secure Computing — Infobox Company company name = Secure Computing Corporation company company type = Public (NASDAQ: [http://quotes.nasdaq.com/asp/SummaryQuote.asp?symbol=SCUR selected=SCUR SCUR] ) company slogan = Securing connections between people, applications …   Wikipedia

  • Layer 2 Tunneling Protocol — In computer networking, the Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). History and future Published in 1999 as proposed standard RFC 2661, L2TP has its origins primarily in two older …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”