SRP implementation - choices for N and g

Paul Crowley paul at
Tue Aug 26 10:03:05 EDT 2008

Michael Tschannen wrote:
> Has anybody already gained experience concerning the technical
> implementation of SRP ( There is one point I
> couldn't find in any documentation: Should the modulus and the generator
> (N and g) be unique for each client or can they be chosen
> application-wide? What are the (security-related) implications in each
> case?

They can safely be chosen application-wide, so long as they are secure 
choices as per the "Group parameter agreement" section of the SRP spec. 
\/ o\ Paul Crowley, paul at

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list