5.1.1 Authentication using SRP

GnuTLS supports authentication via the Secure Remote Password or SRP protocol (see [RFC2945,TOMSRP] for a description). The SRP key exchange is an extension to the TLS protocol, and it provides an authenticated with a password key exchange. The peers can be identified using a single password, or there can be combinations where the client is authenticated using SRP and the server using a certificate.

The advantage of SRP authentication, over other proposed secure password authentication schemes, is that SRP is not susceptible to off-line dictionary attacks. Moreover, SRP does not require the server to hold the user’s password. This kind of protection is similar to the one used traditionally in the UNIX ‘/etc/passwd’ file, where the contents of this file did not cause harm to the system security if they were revealed. The SRP needs instead of the plain password something called a verifier, which is calculated using the user’s password, and if stolen cannot be used to impersonate the user. The Stanford SRP libraries, include a PAM module that synchronizes the system’s users passwords with the SRP password files. That way SRP authentication could be used for all users of a system.

The implementation in GnuTLS is based on [TLSSRP]. The supported key exchange methods are shown below.

SRP:

Authentication using the SRP protocol.

SRP_DSS:

Client authentication using the SRP protocol. Server is authenticated using a certificate with DSA parameters.

SRP_RSA:

Client authentication using the SRP protocol. Server is authenticated using a certificate with RSA parameters.

Helper functions are included in GnuTLS, used to generate and maintain SRP verifiers and password files. A program to manipulate the required parameters for SRP authentication is also included. See srptool, for more information.

• gnutls_srp_verifier

• gnutls_srp_base64_encode
• gnutls_srp_base64_decode

This document was generated on January 4, 2012 using texi2html 5.0.