#password #key-exchange #protocol #remote #srp

srp6

A safe implementation of the secure remote password authentication and key-exchange protocol (SRP version 6 and 6a)

6 releases

1.0.0-alpha.6 May 27, 2022
1.0.0-alpha.5 Oct 5, 2021
1.0.0-alpha.4 Sep 28, 2021
1.0.0-alpha.2 Jul 13, 2021
1.0.0-alpha.1 Jul 1, 2021

#503 in Cryptography

MIT license

69KB
1K SLoC

Secure Remote Password (SRP 6 / 6a)

crates.io License: MIT codecov

A safe implementation of the secure remote password authentication and key-exchange protocol (SRP version 6a). Version 6 (legacy) is as features available.

About SRP

The Secure Remote Password protocol performs secure remote authentication of short human-memorizable passwords and resists both passive and active network attacks. Because SRP offers this unique combination of password security, user convenience, and freedom from restrictive licenses, it is the most widely standardized protocol of its type, and as a result is being used by organizations both large and small, commercial and open-source, to secure nearly every type of human-authenticated network traffic on a variety of computing platforms.

read more at srp.stanford.edu and in RFC2945 that describes in detail the Secure remote password protocol.

Features

  • client and server implementation of SRP 6 / 6a as in RFC2945
  • key length of 256 to 4096 bit provided as in RFC5054
  • free of unsafe code
  • no openssl dependencies
  • rust native

Documentation

To avoid code duplications this README is kept lean, please find examples and code at:

License

Dependencies

~1.4–2.1MB
~47K SLoC