The Secure Remote Password protocol (SRP) is an augmented password-authenticated key agreement (PAKE) protocol, specifically designed to work around existing patents.
Like all augmented PAKE protocols, an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each guess. This means that strong security can be obtained using weak passwords. Furthermore the server does not store password-equivalent data. This means that an attacker who steals the server data cannot masquerade as the client unless they first perform a brute force search for the password.
Read more about Secure Remote Password Protocol: Overview, Protocol
Famous quotes containing the words secure and/or remote:
“The prosecution of [Warren] Hastings, though he should escape at last, must have good effect. It will alarm the servants of the Company in India, that they may not always plunder with impunity, but that there may be a retrospect; and it will show them that even bribes of diamonds to the Crown may not secure them from prosecution.”
—Horace Walpole (1717–1797)
“All our civilization had meant nothing. The same culture that had nurtured the kindly enlightened people among whom I had been brought up, carried around with it war. Why should I not have known this? I did know it, but I did not believe it. I believed it as we believe we are going to die. Something that is to happen in some remote time.”
—Mary Heaton Vorse (1874–1966)