Skip to content

Add support for the SRP-6/6a PAKE protocol #179

New issue
New issue
Open
Open
Add support for the SRP-6/6a PAKE protocol#179
Labels
Crypto APIIssue or PR related to the Cryptography APIenhancementNew feature or request
Milestone
Crypto API 1.x
@athoelke

Description

@athoelke
athoelke
opened on Mar 5, 2024

SRP-6 is the currently most widely deployed augmented PAKE algorithm, based on a key exchange based on finite-field Diffie-Hellmann arithmetic.

An early version is defined in RFC 2945, the SRP-6 definition adds protection against additional attacks, and RFC 5054 defines how SRP-6 can be used with TLS.

However, there is no single definitive reference for SRP-6, and differences exist in both the construction of the key confirmation messages, and the processing of the raw DH output value into a shared secret. For inclusion into the Crypto API, a precise definition of the algorithm (or algorithms) will need to be provided.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Crypto APIIssue or PR related to the Cryptography APIenhancementNew feature or request

    Type

    No type

    Projects

    PSA Certified API development

    Status

    No status

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions