SRP implementation - choices for N and g
Paul Crowley
paul at ciphergoth.org
Tue Aug 26 10:03:05 EDT 2008
Michael Tschannen wrote:
> Has anybody already gained experience concerning the technical
> implementation of SRP (http://srp.stanford.edu)? There is one point I
> couldn't find in any documentation: Should the modulus and the generator
> (N and g) be unique for each client or can they be chosen
> application-wide? What are the (security-related) implications in each
> case?
They can safely be chosen application-wide, so long as they are secure
choices as per the "Group parameter agreement" section of the SRP spec.
--
__
\/ o\ Paul Crowley, paul at ciphergoth.org
/\__/ http://www.ciphergoth.org/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list