SRP Documentation

Discussion


Publications

T. Wu, The Secure Remote Password Protocol, in Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, San Diego, CA, Mar 1998, pp. 97-111.

Abstract: This paper presents a new password authentication and key-exchange protocol suitable for authenticating users and exchanging keys over an untrusted network. The new protocol resists dictionary attacks mounted by either passive or active network intruders, allowing, in principle, even weak passphrases to be used safely. It also offers perfect forward secrecy, which protects past sessions and passwords against future compromises. Finally, user passwords are stored in a form that is not plaintext-equivalent to the password itself, so an attacker who captures the password database cannot use it directly to compromise security and gain immediate access to the host. This new protocol combines techniques of zero-knowledge proofs with asymmetric key exchange protocols and offers significantly improved performance over comparably strong extended methods that resist stolen-verifier attacks such as Augmented EKE or B-SPEKE.

View the paper in HTML or PostScript.
View the slides from the NDSS presentation.


IETF Documents

RFC 2945
The SRP RFC describes the SRP authentication mechanism in detail. (local copy)

RFC 2944
A full description of the Telnet Authentication Option for SRP, based on RFC 2941, Telnet Authentication. (local copy)

draft-burdis-cat-srp-sasl-03.txt
A proposal for a secure password-based SASL (Simple Authentication and Security Layer) mechanism based on SRP. A sample implementation is available from the Cryptix project.

draft-ietf-pppext-eap-srp-00.txt
A proposal for SRP authentication in PPP that addresses plaintext-equivalence and eavesdropping attacks.

draft-ietf-cat-srpgm-02.txt
A proposal to the CAT (Common Authentication Technologies) IETF Working Group for SRP as a low-infrastructure GSS-API mechanism.

draft-nisse-secsh-srp-00.txt
A proposal for leveraging the security of SRP as a strong user authentication mechanism in Secure Shell. This has already been adopted by LSH as a user authentication option.

IEEE P1363 WG

The IEEE P1363 Working Group has started a Study Group entirely focused on strong password protocols. SRP, SPEKE, SNAPI, AuthA, and AMP are among the submissions that this group will evaluate for eventual standardization.


Back