gnu.crypto.key.srp6

Class SRP6KeyAgreement

Implemented Interfaces:
IKeyAgreementParty
Known Direct Subclasses:
SRP6Host, SRP6TLSClient, SRP6TLSServer, SRP6User

public abstract class SRP6KeyAgreement
extends BaseKeyAgreementParty

The Secure Remote Password (SRP) key agreement protocol, also known as SRP-6, is designed by Thomas J. Wu (see references). The protocol, and its elements are described as follows:
 N    A large safe prime (N = 2q+1, where q is prime)
      All arithmetic is done modulo N.
 g    A generator modulo N
 s    User's salt
 I    Username
 p    Cleartext Password
 H()  One-way hash function
 ^    (Modular) Exponentiation
 u    Random scrambling parameter
 a,b  Secret ephemeral values
 A,B  Public ephemeral values
 x    Private key (derived from p and s)
 v    Password verifier

 The host stores passwords using the following formula:
 x = H(s | H(I ":" p))           (s is chosen randomly)
 v = g^x                   (computes password verifier)

 The host then keeps {I, s, v} in its password database.

 The authentication protocol itself goes as follows:
 User -> Host:  I, A = g^a         (identifies self, a = random number)
 Host -> User:  s, B = 3v + g^b    (sends salt, b = random number)

 Both:  u = H(A, B)

 User:  x = H(s, p)                (user enters password)
 User:  S = (B - 3g^x) ^ (a + ux)  (computes session key)
 User:  K = H(S)

 Host:  S = (Av^u) ^ b             (computes session key)
 Host:  K = H(S)
 

Reference:

  1. SRP Protocol Design
    Thomas J. Wu.
Version:
$Revision: 1.3 $

Field Summary

static String
GENERATOR
static String
HASH_FUNCTION
static String
HOST_PASSWORD_DB
protected BigInteger
K
The shared secret key.
protected BigInteger
N
static String
SHARED_MODULUS
static String
SOURCE_OF_RANDOMNESS
protected static BigInteger
THREE
static String
USER_IDENTITY
static String
USER_PASSWORD
protected BigInteger
g
protected SRP
srp

Fields inherited from class gnu.crypto.key.BaseKeyAgreementParty

TWO, complete, initialised, irnd, name, rnd, step

Constructor Summary

SRP6KeyAgreement()

Method Summary

protected void
engineReset()
protected byte[]
engineSharedSecret()
protected BigInteger
uValue(BigInteger A, BigInteger B)

Methods inherited from class gnu.crypto.key.BaseKeyAgreementParty

engineInit, engineProcessMessage, engineReset, engineSharedSecret, getSharedSecret, init, isComplete, name, nextRandomBytes, processMessage, reset

Field Details

GENERATOR

public static final String GENERATOR

HASH_FUNCTION

public static final String HASH_FUNCTION

HOST_PASSWORD_DB

public static final String HOST_PASSWORD_DB

K

protected BigInteger K
The shared secret key.

N

protected BigInteger N

SHARED_MODULUS

public static final String SHARED_MODULUS

SOURCE_OF_RANDOMNESS

public static final String SOURCE_OF_RANDOMNESS

THREE

protected static final BigInteger THREE

USER_IDENTITY

public static final String USER_IDENTITY

USER_PASSWORD

public static final String USER_PASSWORD

g

protected BigInteger g

srp

protected SRP srp

Constructor Details

SRP6KeyAgreement

protected SRP6KeyAgreement()

Method Details

engineReset

protected void engineReset()
Overrides:
engineReset in interface BaseKeyAgreementParty

engineSharedSecret

protected byte[] engineSharedSecret()
            throws KeyAgreementException
Overrides:
engineSharedSecret in interface BaseKeyAgreementParty

uValue

protected BigInteger uValue(BigInteger A,
                            BigInteger B)

Copyright © 2001, 2002, 2003 Free Software Foundation, Inc. All Rights Reserved.