Michael Tschannen wrote:
Hi list
Has anybody already gained experience concerning the technical
implementation of SRP (http://srp.stanford.edu)? There is one point I
couldn't find in any documentation: Should the modulus and the generator
(N and g) be unique for each client or can they be chosen
application-wide? What are the (security-related) implications in each
case?
There is no readily apparent reason why N and g should not be
application wide.
Of course, some clever persons might discover some unobvious flaw.
Rather than using SRP, you might use J-PAKE. J-PAKE has a proof that
there is nothing wrong with J-PAKE unless there is something wrong with
all similar protocols, so you can go right ahead and do what all the
other protocols do - which is one value of N and g for all.
Thanks,
Michael
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]