James A. Donald
Wed, 27 Aug 2008 15:44:55 -0700
Michael Tschannen wrote:
Hi list Has anybody already gained experience concerning the technical implementation of SRP (http://srp.stanford.edu)? There is one point I couldn't find in any documentation: Should the modulus and the generator (N and g) be unique for each client or can they be chosen application-wide? What are the (security-related) implications in each case?
There is no readily apparent reason why N and g should not be application wide.
Of course, some clever persons might discover some unobvious flaw.Rather than using SRP, you might use J-PAKE. J-PAKE has a proof that there is nothing wrong with J-PAKE unless there is something wrong with all similar protocols, so you can go right ahead and do what all the other protocols do - which is one value of N and g for all.
Thanks, Michael --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]