On Fri, Aug 22, 2008 at 1:35 PM, Dirk Meyer <[EMAIL PROTECTED]> wrote: > Jonathan Schleifer wrote: >> Am 22.08.2008 um 22:00 schrieb Pedro Melo: >> >>> SAS, I meant SAS. >> >> Just to be sure: What's the exact difference between SRP and SAS? I >> only had a short look at SRP and it seemed pretty similar. > > I only had a short look at SAS but if I understand it correctly is SAS > a key that is generated during the procedure by the system while SRP > uses a password that is chosen by the users before the communication. > > Advantages SAS: > prevents users from using stupid simple passwords > allows it to verify a connection after the session setup > > Advantages SRP: > users can select a password they can remember > users could use the same link to exchange the password if they talk > in a riddle an attacker may not know (name of the person I talked > to you about yesterday that wants to buy a new TV) > > Correct me if I'm wrong :)
This is mostly right. The one thing I would say is that SRP (and other PAKE systems) are designed to protect you even if the users use fairly stupid passwords. In short, they need to connect to you and try to establish a connection for each password guess. So, this makes password guessing expensive, though not impossible. -Ekr
