CryptKit 0.9: cryptsock
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Dec 5 08:42:09 EST 2001
dpj at world.std.com (David P Jablon) writes:
>References and links for many of the papers in the field of
>password-based public key cryptography can be found at:
>http://www.integritysciences.com/links.html
>And several relevant submissions to IEEE P1363.2 can be found at:
>http://grouper.ieee.org/groups/1363/StudyGroup/submissions.html
>In article <7x667pw8ap.fsf at ruckus.brouhaha.com>,
>Paul Rubin <phr-n2001d at nightsong.com> wrote:
>>Bryan <bryan at eevolved.com> writes:
>>> Thanks for the link, it lead me to research other password-based
>>> key-agreement schemes. I found Authentication and Key Agreement via
>>> Memorable Password (
>>> http://citeseer.nj.nec.com/kwon00authentication.html ) which claims
>>> to be the most efficient of all of them ( EKE, PAK, SRP, GXY, AuthA
>>> ). I believe I will implement AMP. Your input would be
>>> appreciated.
>>
>>I'm not familiar with AMP. The SRP paper has references to some other
>>protocols of this type though. Main problem I see is patent issues
>>around many of them. I believe SRP was developed in order to avoid
>>the EKE patent.
>I can confirm that SPEKE was designed to avoid earlier patents.
... but is itself patented, thus making it of academic interest only.
(Seems like half the password-assisted PKCs around exist mostly to avoid
patents on other password-assisted PKCs).
Peter.
More information about the Python-list
mailing list