• Home
• org.gnu
• gnu-crypto
• 2.0.1
• source code
• package.html

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

gnu.crypto.sasl.srp.package.html Maven / Gradle / Ivy

Provides the implementations of the SASL SRP mechanism, as specified in

draft-burdis-cat-srp-sasl.


Package overview

The Secure Remote Password (
SRP) is a password-based, zero-knowledge, authentication and key-exchange
protocol developed by Thomas Wu. It has good performance, is not
plaintext-equivalent and maintains perfect forward secrecy. It provides
authentication (optionally mutual authentication) and the negotiation of a
session key.

The mechanism described in the IETF Draft, and implemented in this library,
is based on the SRP-6 protocol, described in 
"SRP Protocol Design" and "SRP:
The Open Source Password Authentication Standard". SRP-6 is an improved
version of the original SRP protocol (also called SRP-3) described in
RFC-2945.



Protocol description overview

In this mechanism, the following exchange occurs when a new session is
negotiated between the client and the server. It will also occur when the
client requests re-use of the parameters of a previous session and either
the server does not support such re-use or no longer considers the previous
session to be valid:



Where:

	
U: is the authentication identity (username),
	
I: is the authorisation identity (userid),
	
sid: is the identifier of a previous session whose
	parameters the client wishes to re-use,
	
cn: is the client's nonce used in deriving a new shared
	context key from the shared context key of the previous session,
	
0x00: is an octet indicating that the previous session
	parameters will NOT be re-used,
	
N: is the safe prime modulus,
	
g: is the generator,
	
s: is the user's password salt,
	
B: is the server's ephemeral public key,
	
L: is the options list indicating available security
	services,
	
A: is the client's ephemeral public key,
	
M1: is the client's evidence that the shared key K is known,
	
o: is the options list indicating chosen security services,
	
cIV: is the client's initial vector for the chosen encryption
	algorithm,
	
M2: is the server's evidence that the shared key K is known,
	
sIV: is the server's initial vector for the chosen encryption
	algorithm,
	
sid: is the identifier the server gives to this session for
	possible later re-use of the negotiated parameters,
	
ttl: is the time period for which this session's parameters
	may be re-usable.



On the other hand, the following exchange occurs when the client requests
that the parameters negotiated in a previous session be re-used in this
session, but with a newly derived shared context key, and the server agrees:



Where:

	
0xFF: is an octet indicating that the previous session
	parameters will be re-used,
	
sn: is the server's nonce used in deriving a new shared context
	key from the shared context key of the previous session.