Could you be so kind as to explain how an attack on SRP could be
constructed? As each session is based on two large random numbers, one on
the client and one on the server, and that no information regarding the
password is ever exchanged, the protocol itself is robust and secure.
What your link d
At least we can change from sha1 to sha2 , in some casese it can help with
password guessing (dictionary atttacks)
http://opine.me/blizzards-battle-net-hack/
Also I would choose a better hash step
http://security.stackexchange.com/questions/211/how-to-securely-hash-passwords/31846#31846
The fu
On the list of vulnerabilities, this probably about 250. The probability
of a random collision is something like 2^79 instead of the design goal of
2^128, but the probabilty of a manufactured duplicate is still around 2^128.
SSL sucks right, left, and center by comparison -- it has zippo protecti
maybe is time to upgrade to sha-2
http://blog.chromium.org/2014/09/gradually-sunsetting-sha-1.html
--
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Repo
