Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is this implementation outdated? #39

Closed
afshawnlotfi opened this issue Jul 29, 2018 · 1 comment
Closed

Is this implementation outdated? #39

afshawnlotfi opened this issue Jul 29, 2018 · 1 comment

Comments

@afshawnlotfi
Copy link

afshawnlotfi commented Jul 29, 2018
edited
Loading

I understand this repo may not be maintained as it has not been updated since 2015, however was wondering security-wise if the SRP standard implementation has changed since then. I see that this is version SRP-6a which appears to be the latest on http://srp.stanford.edu/design.html, just wondering though.
@warner
Copy link
Contributor

warner commented Jul 30, 2018

SRP-6a is the latest that I was aware of, but I stopped really paying attention to SRP several years ago, in favor of SPAKE2, which is a lot cleaner and has a solid security proof.

I've got implementations in Python and Rust, and I know of an implementation in Go. For Javascript, there's a PR to SJCL that would add SPAKE2 support, but SJCL hasn't seen a lot of activity in the last few years so I'm not sure it will ever get landed (however SJCL is definitely worth a look, as crypto tools on JS go).

hope that helps!
-Brian

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@warner @afshawnlotfi