What KDF and SRP group is used?

midonet / tssrp6a

This library is a dependency free TypeScript implementation of Secure Remote Password SRP6a.

MIT License

36 stars 8 forks source link

Closed jbis9051 closed 3 years ago

jbis9051 commented 3 years ago

According to the 1Password's description of SRP a KDF and SRP group needs to be chosen.

Which is used in this implementation?

bufistov commented 3 years ago

Hi Josh,

This implementation works with several hashes. Feel free to contribute with more!

Any generator can be used but we never tried anything except "2"

There are several big prime numbers to perform "mod" operations. You can trade-off performance/security varying this value.

The default configuration uses:

I think we tested all combinations of 'hash' and 'N' parameters.

jbis9051 commented 3 years ago

Thanks!

jbis9051 commented 3 years ago

Feel free to contribute with more!

Is it possible to use a hash function not included in CryptoJS? I think this line would prevent it.

jbis9051 commented 3 years ago

There are several big prime numbers to perform "mod" operations. You can trade-off performance/security varying this value.

256, 512, and 768 don't seem to be listed in the spec. Where are these primes from?