Next: , Up: SRP authentication   [Contents][Index] Authentication using SRP

GnuTLS supports authentication via the Secure Remote Password or SRP protocol (see [RFC2945,TOMSRP] for a description). The SRP key exchange is an extension to the TLS protocol, and it provides an authenticated with a password key exchange. The peers can be identified using a single password, or there can be combinations where the client is authenticated using SRP and the server using a certificate.

The advantage of SRP authentication, over other proposed secure password authentication schemes, is that SRP is not susceptible to off-line dictionary attacks. Moreover, SRP does not require the server to hold the user’s password. This kind of protection is similar to the one used traditionally in the UNIX /etc/passwd file, where the contents of this file did not cause harm to the system security if they were revealed. The SRP needs instead of the plain password something called a verifier, which is calculated using the user’s password, and if stolen cannot be used to impersonate the user.

Typical conventions in SRP are a password file, called tpasswd that holds the SRP verifiers (encoded passwords) and another file, tpasswd.conf, which holds the allowed SRP parameters. The included in GnuTLS helper follow those conventions. The srptool program, discussed in the next section is a tool to manipulate the SRP parameters.

The implementation in GnuTLS is based on [TLSSRP]. The supported key exchange methods are shown below.


Authentication using the SRP protocol.


Client authentication using the SRP protocol. Server is authenticated using a certificate with DSA parameters.


Client authentication using the SRP protocol. Server is authenticated using a certificate with RSA parameters.

Function: int gnutls_srp_verifier (const char * username, const char * password, const gnutls_datum_t * salt, const gnutls_datum_t * generator, const gnutls_datum_t * prime, gnutls_datum_t * res)

username: is the user’s name

password: is the user’s password

salt: should be some randomly generated bytes

generator: is the generator of the group

prime: is the group’s prime

res: where the verifier will be stored.

This function will create an SRP verifier, as specified in RFC2945. The prime and generator should be one of the static parameters defined in gnutls/gnutls.h or may be generated.

The verifier will be allocated with gnutls_malloc () and will be stored in res using binary format.

Returns: On success, GNUTLS_E_SUCCESS (0) is returned, or an error code.

int gnutls_srp_base64_encode2 (const gnutls_datum_t * data, gnutls_datum_t * result)
int gnutls_srp_base64_decode2 (const gnutls_datum_t * b64_data, gnutls_datum_t * result)

Next: , Up: SRP authentication   [Contents][Index]