Andrew Cooke | Contents | Latest | Previous | Next

Secure Remote Password Protocol (+ Python TLS)

This is my blog. It used to be a mailing list called C[omp]ute. It is still generated by email. You can reply to comments via the appropriate link. Edit the mail address to remove the anti-spam measure. © 2006-2008 Andrew Cooke (site) / post authors (content).

From: "andrew cooke" <andrew@...>

Date: Fri, 5 Sep 2008 07:33:12 -0400 (CLT) 

SRP is a protocol for securely verifying passwords without needing
encryption (it uses hashes and temporary secrets).

There's an implementation at http://srp.stanford.edu/
Documentation - http://srp.stanford.edu/doc.html
White paper - http://srp.stanford.edu/ndss.html
Download - http://srp.stanford.edu/download.html

It doesn't seem to say anywhere, but the download appears to be a C
library.  It also contains some Java code that appears to implement a
Telnet client with SRP support.


Related, there's a pure Python library for TLS available here -
http://trevp.net/ http://trevp.net/tlslite/ - along with extensions to use
SRP within TLS - http://trevp.net/tls_srp/

Andrew

Comment on this post


Bookmarkz

 

Andrew Cooke | Contents | Latest | Previous | Next