Tag[srp-protocol] Recent Newest Questions

Couldn't generate correct PASSWORD_CLAIM_SIGNATURE in PHP for Cognito

I am trying to use AuthFlow USER_SRP_AUTH for user login. I am getting the "PASSWORD_VERIFIER" challenge in the response of initiateAuth request. Whil ...

DEVICE_PASSWORD_VERIFIER challenge response in Amazon Cognito using boto3 and warrant

I'm using both the boto3 and warrant libraries to try to get a device authenticated to skip multi-factor authentication after it's been recognized. I' ...

Cognito SRP Authentication JAVA SDK

Iam trying to authenticate a Java app with Cognito. I have used for python the warrant library that worked very good. But i want to do the same in jav ...

Cognito UnknownError after turn on device registration

As per requirement, I need to turn on device registration to Always. However, our SRP flow starts failing with the below issue. After doing some re ...

implementing USER_SRP_AUTH with python boto3 for AWS Cognito

Amazon provides iOS, Android, and Javascript Cognito SDKs that offer a high-level authenticate-user operation. For example, see Use Case 4 here: htt ...

AWS Cognito user authentication Missing required parameter SRP_A

I am trying to use AWS Cognito services for user authentication through ruby SDK. I could able to sign_up, confirm sign_up process using the methods ...

Questions about SRP algorithm

I trying to use SRP algorithm but I have some questions: Is that a good choice to use for registration and authorization SRP algorithm with SSL/TL ...

Why dropping leading all zeros byte in a java byte array before hashing

This question is about operations that are being done to the byte arrays before they are being hashed in java. I am trying understand why in multipl ...

Example usage of SRP session keys

I'm writing my first login system for a game. Decided on SRP and have successfully implemented that interaction. The client and server have the same s ...

Spring Security - Secure Remote Password protocol - SRP - Authentication Provider

When asking this question I am looking for guidance with implementation of my own AuthenticationProvider. By that i mean the following: Till now i h ...

Different Session Keys in SRP6

I am trying to implement SRP6 in Erlang using the crypto module but I cannot get the session keys to match. I am using a 256 bit prime number. When I ...

Browser-Based SRP without Java

I am considering implementing the Secure Remote Password protocol to conduct a zero-knowledge password proof between the browser and my web applicatio ...

C# BigIntegers get the positive modPow

I'm trying to implement the SRP Protocol for secure authentication. My problem is that when I have to calculate a ModPow of a negative number, it also ...

Is it possible to modify server reply on transit

I am building a javascript library that will allow authentication to server using SRP-6 protocol. I know using javascript as an authentication method ...

Secure Remote Password protocol on application level

I'm writing a Java EE application, which allows new users to register themselves and then log in over the Internet. I'm storing the credentials an a d ...

Why SRP is not plaintext-equivalent?

About the SRP Protocol: http://en.wikipedia.org/wiki/Secure_remote_password_protocol I can see that the generation of the session key (K) is perfectl ...

TLS/SRP in browsers?

Is there a plan or existing implementation of RFC 5054 in any of the major browsers yet? If nobody has an implementation yet, then which major brows ...