Re: SRP unencumbered license statement

To: Tom Holroyd <tomh%po.crl.go.jp@localhost>
Subject: Re: SRP unencumbered license statement
From: Mika Kojo <mkojo%ssh.com@localhost>
Date: Tue, 1 May 2001 14:49:38 +0300

Tom Holroyd writes:
> Not to mention that it provides strong authentication of both client *and*
> server, even when the host key has changed or is unknown, and it doesn't
> leak any information to eavesdroppers or MITM.  :-)
> 
> So, SRP is ready to go.

The problem with SRP, when compared to some other password-AKE's, is
that it doesn't provide a security proof in the standard
models. Security proof would guarantee that negligible information
leakage occurs when adversary is not capable of solving the decisional
Diffie-Hellman problem or some such. If you have such a proof please
supply a reference.

Best regards,
Mika Kojo
SSH Communications Security Corp

Follow-Ups:
- Re: SRP unencumbered license statement
  - From: Tom Wu

References:
- Re: SRP unencumbered license statement available
  - From: RJ Atkinson
- Re: SRP unencumbered license statement
  - From: Tom Holroyd

Prev by Date: Re: SRP unencumbered license statement
Next by Date: Re: SRP unencumbered license statement
Previous by Thread: Re: SRP unencumbered license statement
Next by Thread: Re: SRP unencumbered license statement
Indexes:

Home | Main Index | Thread Index | Old Index