The Secure Remote Password protocol (SRP) is an augmented password-authenticated key agreement (PAKE) protocol, specifically designed to work around existing patents.
Like all augmented PAKE protocols, an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each guess. This means that strong security can be obtained using weak passwords. Furthermore the server does not store password-equivalent data. This means that an attacker who steals the server data cannot masquerade as the client unless they first perform a brute force search for the password.
Read more about Secure Remote Password Protocol: Overview, Protocol
Famous quotes containing the words secure and/or remote:
“Though there are wreck-masters appointed to look after valuable property which must be advertised, yet undoubtedly a great deal of value is secretly carried off. But are we not all wreckers contriving that some treasure may be washed up on our beach, that we may secure it, and do we not infer the habits of these Nauset and Barnegat wreckers, from the common modes of getting a living?”
—Henry David Thoreau (1817–1862)
“But often the presence of mind and energy of a person remote from the spotlight decide the course of history for centuries to come.”
—Stefan Zweig (18811942)