On 30/09/13 22:11, Jeffrey Goldberg wrote:
i don't think that's true. https://en.wikipedia.org/wiki/Secure_Remote_Password_protocolWith SRP requires a shared secret key, so the attacker doesn’t even need to “crack a hash” after getting hold of a server’s password database
The host pwd is of the form g^x where x=H(p,s) same goes for JPAKE.
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
