Secure Remote Password Protocol (SRP)

Page Contents

Secure Remote Password Protocol (Srp)

Key exchange protocols are a way for users who are communicating over some public and unreliable
channel, like the internet, with a secure session key that they can use to encrypt their comms.
Password based key exchange takes into account that the secret keys are not random or
necessarily souced from a large dictionary.

They allow one user to proove to a server, for example, that they know the password, without
actually sending the password itself, or any clues about the password, to the server. Thus the
server never receives the password.

But, the server must know something about the password in order to be able to veryify the login,
just not the password itself. So, it prooves to the user that it is who it says it is at the
same time.

Thus, both sides mutually authenticate... happy days!