Implementation of the SRP Authentication and Key Exchange System and protocols in Secure Remote Password (SRP) Protocol for TLS Authentication
SRP is an interactive protocol which allows a server to confirm that some client knows a password, and to derive a strong shared session key, without revealing what the password is to an eavesdropper. In addition, the server does not hold the actual password: instead it stores a "verifier" created by the client. If the server's private data is revealed (by a server compromise), the verifier cannot be used directly to impersonate the client.
This module provides both client and server implementations of SRP-6a for node.js. They are interoperable with Mozilla Identity-Attached Services
30 Day SummaryOct 4 2024 — Nov 3 2024
|
12 Month SummaryNov 3 2023 — Nov 3 2024
|