Is there any reasons to believe there are unsafe SRP primes?
The magnitude of the prime is a consideration when trying to break a
verifier, but the security of the handshake is more dependent on the
quality of the session specific random numbers generated in each side of a
connection.
In any case, the prime is not secret and must be known to both server and
client.
On Tuesday, January 26, 2016, Jiří Činčura <[email protected]> wrote:
> Hi *,
>
> looking at
>
> https://github.com/FirebirdSQL/core/blob/master/src/auth/SecureRemotePassword/srp.cpp#L14
> and wondering how was this number selected? Is it a safe prime number
> for SRP? Some might not be. Just wondering.
>
> --
> Mgr. Jiří Činčura
> Independent IT Specialist
>
>
> ------------------------------------------------------------------------------
> Site24x7 APM Insight: Get Deep Visibility into Application Performance
> APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
> Monitor end-to-end web transactions and take corrective actions now
> Troubleshoot faster and improve end-user experience. Signup Now!
> http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
> Firebird-Devel mailing list, web interface at
> https://lists.sourceforge.net/lists/listinfo/firebird-devel
>
--
Jim Starkey
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
