The Secure Remote Password protocol (SRP) is an augmented password-authenticated key agreement (PAKE) protocol, specifically designed to work around existing patents.
Like all augmented PAKE protocols, an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each guess. This means that strong security can be obtained using weak passwords. Furthermore the server does not store password-equivalent data. This means that an attacker who steals the server data cannot masquerade as the client unless they first perform a brute force search for the password.
Read more about Secure Remote Password Protocol: Overview, Protocol
Famous quotes containing the words secure and/or remote:
“We thought ourselves lucky to secure the services of this man, who was known to be particularly steady and trustworthy.”
—Henry David Thoreau (1817–1862)
“We are no longer Christians: we have outgrown Christianity not because we have been too remote from it but rather because we have been too close—it is precisely our more stringent and more fastidious piety that forbids us to remain Christians nowadays.”
—Friedrich Nietzsche (1844–1900)