Implementation of the SRP Authentication and Key Exchange System and protocols in Secure Remote Password (SRP) Protocol for TLS Authentication
SRP is an interactive protocol which allows a server to confirm that some client knows a password, and to derive a strong shared session key, without revealing what the password is to an eavesdropper. In addition, the server does not hold the actual password: instead it stores a "verifier" created by the client. If the server's private data is revealed (by a server compromise), the verifier cannot be used directly to impersonate the client.
This module provides both client and server implementations of SRP-6a for node.js. They are interoperable with Mozilla Identity-Attached Services
30 Day SummaryFeb 27 2024 — Mar 28 2024
|
12 Month SummaryMar 28 2023 — Mar 28 2024
|