TLS-SRP

Transport layer security Secure Remote Password (TLS-SRP) ciphersuites are a set of cryptographic protocols that provide secure communication based on passwords, using an SRP password-authenticated key exchange.

There are two classes of TLS-SRP ciphersuites: The first class of cipher suites uses only SRP authentication. The second class uses SRP authentication and public key certificates together for added security.

Usually, TLS uses only public key certificates for authentication. TLS-SRP uses a value derived from a password (the SRP verifier) and a salt, shared in advance among the communicating parties, to establish a TLS connection. There are several possible reasons one may choose to use TLS-SRP:

Implementations

TLS-SRP is implemented in GnuTLS,[1] OpenSSL as of release 1.0.1,[2] Apache mod_gnutls[3] and mod_ssl, cURL, TLS Lite[4] and SecureBlackbox.[5]

Standards

See also

References

  1. "Authentication using SRP". GnuTLS Manual. 2016-11-13. Retrieved 2016-12-02.
  2. OpenSSL Project Team (2012-03-14). "OpenSSL 1.0.1 released". Retrieved 2016-12-02.
  3. "mod_gnutls". 2015-11-22. Retrieved 2016-12-02.
  4. "TLS Lite". 2013-03-20. Retrieved 2016-12-02.
  5. "SecureBlackbox: TElSRPCredential class". 2016-10-20. Retrieved 2016-12-03.
This article is issued from Wikipedia - version of the 12/4/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.