background preloader

Secure Remote Password (SRP)

Facebook Twitter

Secure Remote Password protocol. The Secure Remote Password protocol (SRP) is an augmented password-authenticated key agreement (PAKE) protocol, specifically designed to work around expired[citation needed] patents.[1] Like all PAKE protocols, an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each guess.

Secure Remote Password protocol

This means that strong security can be obtained using weak passwords. Furthermore, being an augmented PAKE protocol, the server does not store password-equivalent data. This means that an attacker who steals the server data cannot masquerade as the client unless they first perform a brute force search for the password. Overview[edit] The SRP protocol has a number of desirable properties: it allows a user to authenticate themselves to a server, it is resistant to dictionary attacks mounted by an eavesdropper, and it does not require a trusted third party.

Protocol[edit] Carol → Steve: M1 = H(A | B | SCarol). SRP: About the Project. The SRP Project was started in 1997 at Stanford University as an authentication system for a Java-based webtop project.

SRP: About the Project

Since then, it has evolved into a full-fledged Internet-wide Open Source project, with developers from around the world contributing to the Project. In addition, SRP has been deployed as a secure, free password authentication solution in commercial, non-commercial, and standalone configurations in universities, companies, and organizations worldwide. The primary goal of the SRP Project is to provide standards, technologies, and implementations that improve password security of existing protocols and applications while preserving the ease-of-use associated with passwords and integrating cleanly with these systems.

SRP accomplishes these objectives because it was designed with a number of considerations in mind. Security - SRP was designed to protect passwords against both passive and active network attacks. SRP: What Is It? SRP is a secure password-based authentication and key-exchange protocol.

SRP: What Is It?

It solves the problem of authenticating clients to servers securely, in cases where the user of the client software must memorize a small secret (like a password) and carries no other secret information, and where the server carries a verifier for each user, which allows it to authenticate the client but which, if compromised, would not allow the attacker to impersonate the client. In addition, SRP exchanges a cryptographically-strong secret as a byproduct of successful authentication, which enables the two parties to communicate securely.

Many password authentication solutions claim to solve this exact problem, and new ones are constantly being proposed. Although one can claim security by devising a protocol that avoids sending the plaintext password unencrypted, it is much more difficult to devise a protocol that remains secure when: Attackers have complete knowledge of the protocol. Back. SRP: Design Specifications. SRP is the newest addition to a new class of strong authentication protocols that resist all the well-known passive and active attacks over the network.

SRP: Design Specifications

SRP borrows some elements from other key-exchange and identification protcols and adds some subtle modifications and refinements. The result is a protocol that preserves the strength and efficiency of the EKE family protocols while fixing some of their shortcomings. The following is a description of SRP-6 and 6a, the latest versions of SRP: N A large safe prime (N = 2q+1, where q is prime) All arithmetic is done modulo N. g A generator modulo N k Multiplier parameter (k = H(N, g) in SRP-6a, k = 3 for legacy SRP-6) s User's salt I Username p Cleartext Password H() One-way hash function ^ (Modular) Exponentiation u Random scrambling parameter a,b Secret ephemeral values A,B Public ephemeral values x Private key (derived from p and s) v Password verifier.

SRP: Download. This site continues to host the SRP Distribution, which has historically been a useful demontration of SRP authentication and continues to serve an educational purpose.

SRP: Download

In recent years, the rapid growth in third-party implementations of SRP has meant that the best building blocks for most developers to integrate SRP into their projects are now most likely to be found through external sites. With the advent of TLS-SRP, it is now possible to integrate SRP into most software projects by linking against one of the many third-party TLS-SRP implementations and calling the appropriate API.

The SRP/TLS download section on this site will host mostly patches and add-ons to third-party libraries or software to enable SRP-TLS functionality. It is a good idea to check the links page first before trying the patches on this site, since many TLS stacks already support SRP natively. SRP/TLS Downloads Patches to add SRP ciphersuite support to OpenSSL: OpenSSL 1.0.0 OpenSSL 0.9.8.