[cryptography] SRP 6a + storage of password's related material strength?

Fabio Pietrosanti (naif) - lists lists at infosecurity.ch
Fri Mar 13 17:06:33 EDT 2015

On 3/13/15 3:11 PM, Solar Designer wrote:
>> Because SRP protocol is cool, but i'm really wondering if the default
>> methods are "strong enough" against bruteforcing.
> They are not.
That was my concern.

Does anyone ever tried to make SRP  authentication protocol
extensions/specs to work with server-side storage of hashes based on scrypt?

>From my umble understanding of crypto, it would be like "leveraging the
best properties" of SRP authentication protocol and scrypt password hashing.

But yet, my poor-math brain have difficulties understanding if that's
feasible or it's just a stupid consideration.


More information about the cryptography mailing list