SRP Documentation
Discussion
Publications
T. Wu,
The Secure Remote Password Protocol, in Proceedings of
the 1998 Internet Society Network and Distributed System Security
Symposium, San Diego, CA, Mar 1998, pp. 97-111.
Abstract:
This paper presents a new password authentication and key-exchange protocol
suitable for authenticating users and exchanging keys over an untrusted
network.
The new protocol resists dictionary attacks mounted by either passive or
active network intruders, allowing, in principle, even weak passphrases to be
used safely.
It also offers perfect forward secrecy, which protects past sessions and
passwords against future compromises.
Finally, user passwords are stored in a form that is not plaintext-equivalent
to the password itself, so an attacker who captures the password database
cannot use it directly to compromise security and gain immediate access to the
host.
This new protocol combines techniques of zero-knowledge proofs with asymmetric
key exchange protocols and offers significantly improved performance over
comparably strong extended methods that resist stolen-verifier attacks such as
Augmented EKE or B-SPEKE.
View the paper in HTML or
PostScript.
View the slides from the NDSS presentation.
IETF Documents
- RFC 2945
- The SRP RFC describes the SRP authentication mechanism in detail.
(local copy)
- RFC 2944
- A full description of the Telnet Authentication Option
for SRP, based on RFC 2941, Telnet Authentication.
(local copy)
- draft-burdis-cat-srp-sasl-03.txt
- A proposal for a secure password-based SASL
(Simple Authentication and Security Layer) mechanism
based on SRP.
A sample implementation is available from the
Cryptix project.
- draft-ietf-pppext-eap-srp-00.txt
- A proposal for SRP authentication in PPP that addresses
plaintext-equivalence and eavesdropping attacks.
- draft-ietf-cat-srpgm-02.txt
- A proposal to the CAT (Common Authentication Technologies) IETF
Working Group for SRP as a low-infrastructure GSS-API mechanism.
- draft-nisse-secsh-srp-00.txt
- A proposal for leveraging the security of SRP as a strong
user authentication mechanism in Secure Shell.
This has already been adopted by LSH as a user
authentication option.
IEEE P1363 WG
The IEEE P1363 Working Group
has started a
Study Group
entirely focused on strong password protocols.
SRP, SPEKE, SNAPI, AuthA, and AMP are among the submissions that this
group will evaluate for eventual standardization.
Back