Secure Remote Password 6a (SRP6a)

The storing of passwords is an obvious attack point on any system. The method to store these, such as with a hash of the password, is often open to dictionary attacks and brute force.

At the root of the problem is that they normally have a username and a password and want to prove that we have knowledge of these but do not reveal them. For this, we can use a Password-based Authenticated Key-Exchange (PAKE) protocol, and where a client knows a secret, and the server stores a verifier of the secret. This could be done over a Diffie-Hellman method, but this does not mutually authenticate each of the sides and is thus open to Eve-in-the-Middle attacks. An improved method of mutual authentication is SRP6a (Secure Remote Password 6a), and where Bob authenticates himself to Trent, and without revealing his password. Also, Trent authenticates himself back to Bob, too — all based on some initial random salt values.

Overall, SRP6a is standardized in RFC 5054 [here]:

SRP6a method

First the client and server agree on a large prime number of N. Bob then has a clear password of P, and a username of u. He then generates a salt value (s) and takes a…