SJCL Small SRP

Small SRP is a password authentication mechanism for web applications that has the same password-related security properties as SRP but is significantly more efficient.

Write-up: http://bren2010.github.io/2014/11/29/small-srp.html
Demo: http://bren2010.github.io/sjcl-ssrp/

Documentation

makeVerifier(username, password, curve): (salt, verifier)
- Generates a salt and a verifier for a user. Run by the user. Both of the function's outputs should be sent to the server.
makeChallenge(curve): {pub: ..., sec: ...}
- Generates a challenge to authenticate the user. Run by the server. The pub section is a string and is sent to the user while the sec section is kept secret.
makeResponse(username, password, salt, chall, curve): response
- Calculates the user's response string to the server's challenge. Run by the user. The function's output is sent back to the server.
verify(sec, verifier, response, curve): Boolean
- Returns true if the user has successfully responded to the challenge and should be authenticated or false if the user should be rejected. Run by the server.

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README.md		README.md
ssrp.coffee		ssrp.coffee
ssrp.js		ssrp.js

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

ssrp.coffee

ssrp.coffee

ssrp.js

ssrp.js

Repository files navigation

SJCL Small SRP

Documentation

About

Releases

Packages

Languages

Bren2010/sjcl-ssrp

Folders and files

Latest commit

History

Repository files navigation

SJCL Small SRP

Documentation

About

Resources

Stars

Watchers

Forks

Languages