[131639] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: SRP implementation - choices for N and g

daemon@ATHENA.MIT.EDU (Paul Crowley)
Tue Aug 26 10:22:31 2008

Date: Tue, 26 Aug 2008 15:03:05 +0100
From: Paul Crowley <paul@ciphergoth.org>
To: Michael Tschannen <michael.tschannen@zhaw.ch>
CC: cryptography@metzdowd.com
In-Reply-To: <48B3C7A9.9080909@zhaw.ch>

Michael Tschannen wrote:
> Has anybody already gained experience concerning the technical
> implementation of SRP (http://srp.stanford.edu)? There is one point I
> couldn't find in any documentation: Should the modulus and the generator
> (N and g) be unique for each client or can they be chosen
> application-wide? What are the (security-related) implications in each
> case?

They can safely be chosen application-wide, so long as they are secure 
choices as per the "Group parameter agreement" section of the SRP spec. 
    --
   __
\/ o\ Paul Crowley, paul@ciphergoth.org
/\__/ http://www.ciphergoth.org/

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[131639] in cryptography@c2.net mail archive

Re: SRP implementation - choices for N and g

daemon@ATHENA.MIT.EDU (Paul Crowley)Tue Aug 26 10:22:31 2008

daemon@ATHENA.MIT.EDU (Paul Crowley)
Tue Aug 26 10:22:31 2008