Answer the question
In order to leave comments, you need to log in
Z
Z
zergon3212018-08-01 21:50:58
zergon321, 2018-08-01 21:50:58
SRP: why does the server know those parameters that are not passed to it?
This is the scheme of the SRP protocol. At the very beginning, g and N are chosen. How does the server know these numbers if the client does not pass them on to it? Or should they be pre-wired into the client and server? If this is the case, then they can be recognized by disassembling one of the applications. How to safely transfer them from one node to another?
2 answer(s)
@Rsa97
@ivan19631224
R
Rsa97, 2018-08-01 @Rsa97
These values can be either hardwired into the client and server, or generated by one of them and transmitted to the second. Diffie-Hellman protocol .
I
ivan19631224, 2018-08-02 @ivan19631224
g and N can be public, this does not affect the security of the protocol. The session key K (capital k) must be secret. This key is generated by each of the parties through the described interaction and is never transmitted over communication channels. Not to be confused with the k = hash(N, g) mentioned at the beginning (here it is k lowercase, the fonts in this scheme are very poorly chosen ...)
Similar questions
N
E
V
M
A
Alexander Lalikin2015-05-29 08:35:38
What method to encrypt passwords for storage in the database?
4Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question