Docjar: A Java Source and Docuemnt Enginecom.*    java.*    javax.*    org.*    all    new    plug-in

Quick Search    Search Deep

Class SRP6KeyAgreement  view SRP6KeyAgreement download

  extended bygnu.javax.crypto.key.BaseKeyAgreementParty
      extended bygnu.javax.crypto.key.srp6.SRP6KeyAgreement
All Implemented Interfaces:
Direct Known Subclasses:
SRP6Host, SRP6TLSClient, SRP6TLSServer, SRP6User

public abstract class SRP6KeyAgreement
extends gnu.javax.crypto.key.BaseKeyAgreementParty

The Secure Remote Password (SRP) key agreement protocol, also known as SRP-6, is designed by Thomas J. Wu (see references). The protocol, and its elements are described as follows:

 N    A large safe prime (N = 2q+1, where q is prime)
      All arithmetic is done modulo N.
 g    A generator modulo N
 s    User's salt
 I    Username
 p    Cleartext Password
 H()  One-way hash function
 ^    (Modular) Exponentiation
 u    Random scrambling parameter
 a,b  Secret ephemeral values
 A,B  Public ephemeral values
 x    Private key (derived from p and s)
 v    Password verifier

 The host stores passwords using the following formula:
 x = H(s | H(I ":" p))           (s is chosen randomly)
 v = g^x                   (computes password verifier)

 The host then keeps {I, s, v} in its password database.

 The authentication protocol itself goes as follows:
 User -> Host:  I, A = g^a         (identifies self, a = random number)
 Host -> User:  s, B = 3v + g^b    (sends salt, b = random number)

 Both:  u = H(A, B)

 User:  x = H(s, p)                (user enters password)
 User:  S = (B - 3g^x) ^ (a + ux)  (computes session key)
 User:  K = H(S)

 Host:  S = (Av^u) ^ b             (computes session key)
 Host:  K = H(S)


  1. SRP Protocol Design
    Thomas J. Wu.

Field Summary
protected  java.math.BigInteger g
static java.lang.String GENERATOR
static java.lang.String HASH_FUNCTION
static java.lang.String HOST_PASSWORD_DB
protected  java.math.BigInteger K
          The shared secret key.
protected  java.math.BigInteger N
static java.lang.String SHARED_MODULUS
static java.lang.String SOURCE_OF_RANDOMNESS
protected  gnu.javax.crypto.sasl.srp.SRP srp
protected static java.math.BigInteger THREE
static java.lang.String USER_IDENTITY
static java.lang.String USER_PASSWORD
Fields inherited from class gnu.javax.crypto.key.BaseKeyAgreementParty
complete, initialised, irnd, name, rnd, step, TWO
Constructor Summary
protected SRP6KeyAgreement()
Method Summary
protected  void engineReset()
protected  byte[] engineSharedSecret()
protected  java.math.BigInteger uValue(java.math.BigInteger A, java.math.BigInteger B)
Methods inherited from class gnu.javax.crypto.key.BaseKeyAgreementParty
engineInit, engineProcessMessage, getSharedSecret, init, isComplete, name, nextRandomBytes, processMessage, reset
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail


public static final java.lang.String SOURCE_OF_RANDOMNESS
See Also:
Constant Field Values


public static final java.lang.String SHARED_MODULUS
See Also:
Constant Field Values


public static final java.lang.String GENERATOR
See Also:
Constant Field Values


public static final java.lang.String HASH_FUNCTION
See Also:
Constant Field Values


public static final java.lang.String USER_IDENTITY
See Also:
Constant Field Values


public static final java.lang.String USER_PASSWORD
See Also:
Constant Field Values


public static final java.lang.String HOST_PASSWORD_DB
See Also:
Constant Field Values


protected static final java.math.BigInteger THREE


protected gnu.javax.crypto.sasl.srp.SRP srp


protected java.math.BigInteger N


protected java.math.BigInteger g


protected java.math.BigInteger K
The shared secret key.

Constructor Detail


protected SRP6KeyAgreement()
Method Detail


protected byte[] engineSharedSecret()
                             throws gnu.javax.crypto.key.KeyAgreementException


protected void engineReset()


protected java.math.BigInteger uValue(java.math.BigInteger A,
                                      java.math.BigInteger B)