Topic
Secure Remote Password protocol
About: Secure Remote Password protocol is a research topic. Over the lifetime, 17 publications have been published within this topic receiving 1062 citations. The topic is also known as: SRP.
Papers
Patent•
18 Apr 2002
TL;DR: In this article, a method is provided to secure authenticate user credentials, which includes encrypting a user credential with a public key at an access device wherein the public key is part of a public/private key pair suitable for use with an encryption algorithm, and the decrypted user credential is then transmitted from the decryption server to an authentication server for verification.
Abstract: A methods is provided to secrurely authenticate user credentials. The method includes encrypting a user credential with a public key at an access device wherein the public key is part of a public/private key pair suitable for use with an encryption algorithm (405). The encrypted network user credential is transmitted from the access device to a decryption server where it is decrypted with a private key, the private key being part of the public/private key pair suitable for use with the encryption algorithm. The decrypted user credential is then transmitted from the decryption server to an authentication server for verification (420). The decryption server typically forms part of a multi-party service access environment including a plurality of access providers, the method including decrypting the user credential of a user proximate an access provider associated with the user credential. The method can be used in legacy protocols such as Point-to-point protocol (PPP), Password Authentication Protocol (PAP), Challenge-Handshake Authentication Protocol (CHAP), Remote Authentication Dial In User Service (RADIUS) protocol, Terminal Access Controller Access Control System (TACACS) protocol, Lightweight Directory Access Protocol (LDAP), NT Domain authentication protocol, Unix password authentication protocol, HyperText Transfer Protocol (HTTP), HyperText Transfer Protocol over Secure sockets layer (HTTPS), Extended Authentication Protocol (EAP), Transport Layer Security (TLS) protocol, Token Ring protocol and/or Secure Remote Password protocol (SRP).
211 citations
TL;DR: An efficient scheme that mutually authenticates a smart meter of a home area network and an authentication server in SG by utilizing an initial password is proposed and an efficient key management protocol based on the enhanced identity-based cryptography for secure SG communications using the public key infrastructure is proposed.
Abstract: A smart grid (SG) consists of many subsystems and networks, all working together as a system of systems, many of which are vulnerable and can be attacked remotely. Therefore, security has been identified as one of the most challenging topics in SG development, and designing a mutual authentication scheme and a key management protocol is the first important step. This paper proposes an efficient scheme that mutually authenticates a smart meter of a home area network and an authentication server in SG by utilizing an initial password, by decreasing the number of steps in the secure remote password protocol from five to three and the number of exchanged packets from four to three. Furthermore, we propose an efficient key management protocol based on our enhanced identity-based cryptography for secure SG communications using the public key infrastructure. Our proposed mechanisms are capable of preventing various attacks while reducing the management overhead. The improved efficiency for key management is realized by periodically refreshing all public/private key pairs as well as any multicast keys in all the nodes using only one newly generated function broadcasted by the key generator entity. Security and performance analyses are presented to demonstrate these desirable attributes.
205 citations
1 Nov 2007
TL;DR: This memo presents a technique for using the Secure Remote Password protocol as an authentication method for the Transport Layer Security protocol.
Abstract: This memo presents a technique for using the Secure Remote Password
protocol as an authentication method for the Transport Layer Security
protocol. This memo provides information for the Internet community.
115 citations
1 Jan 2002
37 citations
3 Nov 2017
TL;DR: A RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange is proposed which is more than 3x faster than 112-bit secure originalSRP protocol, 5.5X faster than 80-bitSecure J-PAKE and 14x faster Than two 184-bit Secure RLWE -based PAKE protocols with more desired properties.
Abstract: Secure Remote Password (SRP) protocol is an augmented Password-based Authenticated Key Exchange (PAKE) protocol based on discrete logarithm problem (DLP) with various attractive security features. Compared with basic PAKE protocols, SRP does not require server to store user’s password and user does not send password to server to authenticate. These features are desirable for secure client-server applications. SRP has gained extensive real-world deployment, including Apple iCloud, 1Password etc. However, with the advent of quantum computer and Shor’s algorithm, classic DLP-based public key cryptography algorithms are no longer secure, including SRP. Motivated by importance of SRP and threat from quantum attacks, we propose a RLWE-based SRP protocol (RLWE-SRP) which inherit advantages from SRP and elegant design from RLWE key exchange. We also present parameter choice and efficient portable C++ implementation of RLWE-SRP. Implementation of our 209-bit secure RLWE-SRP is more than 3x faster than 112-bit secure original SRP protocol, 5.5x faster than 80-bit secure J-PAKE and 14x faster than two 184-bit secure RLWE-based PAKE protocols with more desired properties.
19 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2021 | 1 |
| 2020 | 2 |
| 2017 | 2 |
| 2015 | 1 |
| 2014 | 1 |
| 2010 | 1 |