|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] iSCSI: SRP s vs. S> > > 10.4 SRP: N,g,s,A,B,M and H(A | M | K) are binary-values > > > 10.5 CHAP: C and R are binary-values > > > > The only ones of these that should routinely fit in 64 bits are SRP's > > g (usually a small integer, even though it's mathematically a member of > > a very large binary field - I think Paul Koning missed the fact that > > generators tend to be single-digit numbers) and s (doesn't need to be > > a large number to get the job done). > > You're right about g. As for S, it's the result of an exponentiation > modulo N, so it's no more likely to be a small integer than the other > SRP intermediate values. Note that values supplied by the other end > are involved (as in conventional D-H) so you don't have the ability to > constrain your implementation to produce small S values. Paul - please recheck RFC 2945, as you may have confused s (lower case) with S (upper case). s (lower case) is the <salt from passwd file> and is what goes across the wire. S (upper case) is an intermediate in the SRP computations that should be identical on both sides, but is *not* sent across the wire (good thing too, as the session key(s) can easily be determined from knowledge of it). s (lower case) need not be a big number to get the job done, and would be ok to send in decimal, although my first reaction to "salt from passwd file" would be to use hex. Thanks, --David --------------------------------------------------- David L. Black, Senior Technologist EMC Corporation, 42 South St., Hopkinton, MA 01748 +1 (508) 249-6449 FAX: +1 (508) 497-8018 black_david@emc.com Mobile: +1 (978) 394-7754 ---------------------------------------------------
Home Last updated: Wed Jul 03 16:18:51 2002 11103 messages in chronological order |