Secure Remote Password protocol: Difference between revisions
Watsonladd (talk | contribs) No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
The '''Secure Remote Password Protocol''' is an [[authentication]] protocol which allows a user to authenticate herself to a server which is invernurable against most attacks and does not require a trusted third party. Even if the server is succesfully attacked, an attacker would still have difficulty extracting a password. Only one password can be guessed at per attempt in the current revision of the protocol. One of the interesting properties of the protocol is that even if one or two of the cryptographic primatives it uses are attacked, it is still secure. The SPR protocol has been revised several times, and is currently at revision six. The basic ideas had been disscussed on [[Usenet]] for several years |
The '''Secure Remote Password Protocol''' is an [[authentication]] protocol which allows a user to authenticate herself to a server which is invernurable against most attacks and does not require a trusted third party. Even if the server is succesfully attacked, an attacker would still have difficulty extracting a password. Only one password can be guessed at per attempt in the current revision of the protocol. One of the interesting properties of the protocol is that even if one or two of the cryptographic primatives it uses are attacked, it is still secure. The SPR protocol has been revised several times, and is currently at revision six. The basic ideas had been disscussed on [[Usenet]] for several years before the protocol was created. |
||
It shares principles with [[Diffie-Hellman ]] public key encryption. |
|||
==External Links== |
==External Links== |
||
[http://srp.stanford.edu Offical Site] |
[http://srp.stanford.edu Offical Site] |
||
Revision as of 10:48, 27 December 2004
The Secure Remote Password Protocol is an authentication protocol which allows a user to authenticate herself to a server which is invernurable against most attacks and does not require a trusted third party. Even if the server is succesfully attacked, an attacker would still have difficulty extracting a password. Only one password can be guessed at per attempt in the current revision of the protocol. One of the interesting properties of the protocol is that even if one or two of the cryptographic primatives it uses are attacked, it is still secure. The SPR protocol has been revised several times, and is currently at revision six. The basic ideas had been disscussed on Usenet for several years before the protocol was created.
It shares principles with Diffie-Hellman public key encryption.