| Secure Remote Password Protocol |
Article Index for Secure |
Shopping Protocol |
Website Links For Secure |
Information AboutSecure Remote Password Protocol |
| CATEGORIES ABOUT SECURE REMOTE PASSWORD PROTOCOL | |
| cryptographic protocols | |
| asymmetric-key cryptosystems | |
| authentication methods | |
|
The SRP protocol creates a large private key shared between the two parties in a manner similar to Diffie-Hellman , then verifies to both parties that the two keys are identical and that both sides have the user's password. In cases where encrypted communications as well as authentication are required, the SRP protocol is more secure than the alternate SSH protocol and faster than using Diffie-Hellman with signed messages. It is also independent of third parties, unlike Kerberos . The SRP protocol, version 3 is described in RFC 2945. SRP version 6 is also used for strong password authentication in SSL /TLS and other standards such as EAP and SAML , and is being standardized in IEEE P1363 and ISO/IEC 11770-4. In this description of the protocol, version 6,
|
Carol -> Steve: ''I'' ''A'' ,with ''A'' |
''g''<sup>a</sup> |
|
Steve -> Carol: ''s'' ''B'', With ''B'' |
''kv'' + ''g''<sup>b</sup> |
|
Carol -> Steve: ''M''<sub>1</sub> |
''H''(''H''(''N'') XOR ''H''(''g'') ''H''(''I'') ''s'' ''A'' ''B'' ''K''<sub>Carol</sub>) Steve verifies ''M''<sub>1</sub> |
|
Steve -> Carol: ''M''<sub>2</sub> |
''H''(''A'' ''M'' ''K''<sub>Steve</sub>) Carol verifies ''M''<sub>2</sub> |
|
|
|