Hi Ruslan,

I was look at the SRP6a PHP demo code today. I noted line 37 in this file:

https://github.com/RuslanZavacky/srp-6a-demo/blob/master/srp/Server/Srp.php#L37

it will only repeat the loop when “bcmod($this->N, 16) === 0” and since N is a constant it will either never happen else if someone is configuring a custom N which happens match then it will be an infinite loop.

Reading wikipedia it says that “Carol will abort if she receives B == 0 (mod N)”. So I am thinking that the loop should be checking whether B mod N == 0:

while (!$this->B || cmod($this->B, $this->N) === 0) { ... }

Thanks

End.

When trying to run it:

tobjasr@ubuntu-desktop:~/srp-6a-demo$ composer install && bower install
Loading composer repositories with package information
Installing dependencies (including require-dev) from lock file
Nothing to install or update
Generating autoload files
bower isaac#1.0             not-cached https://github.com/RuslanZavacky/isaac.js.git#1.0
bower isaac#1.0                resolve https://github.com/RuslanZavacky/isaac.js.git#1.0
bower jquery#^3.1.0             cached https://github.com/jquery/jquery-dist.git#3.6.0
bower jquery#^3.1.0           validate 3.6.0 against https://github.com/jquery/jquery-dist.git#^3.1.0
bower big-integer#*             cached https://github.com/peterolson/BigInteger.js.git#1.6.51
bower big-integer#*           validate 1.6.51 against https://github.com/peterolson/BigInteger.js.git#*
bower js-sha256#^0.3.0          cached https://github.com/emn178/js-sha256.git#0.3.2
bower js-sha256#^0.3.0        validate 0.3.2 against https://github.com/emn178/js-sha256.git#^0.3.0
bower bootstrap#^3.3.7          cached https://github.com/twbs/bootstrap.git#3.4.1
bower bootstrap#^3.3.7        validate 3.4.1 against https://github.com/twbs/bootstrap.git#^3.3.7
Username for 'https://github.com': tobjasr
Password for 'https://[email protected]': 
bower isaac#1.0                ECMDERR Failed to execute "git ls-remote --tags --heads https://github.com/RuslanZavacky/isaac.js.git", exit code of #128 remote: Support for password authentication was removed on August 13, 2021. remote: Please see https://docs.github.com/en/get-started/getting-started-with-git/about-remote-repositories#cloning-with-https-urls for information on currently recommended modes of authentication. fatal: Authentication failed for 'https://github.com/RuslanZavacky/isaac.js.git/'

Additional error details:
remote: Support for password authentication was removed on August 13, 2021.
remote: Please see https://docs.github.com/en/get-started/getting-started-with-git/about-remote-repositories#cloning-with-https-urls for information on currently recommended modes of authentication.
fatal: Authentication failed for 'https://github.com/RuslanZavacky/isaac.js.git/'

:-(

The PHP method Srp.getSecureRandom uses and older version the Secure-random-bytes-in-PHP. The newer version has further sources of entropy. It would probably be a good idea to have the Srp class method invoke the newer secure_random_bytes logic checked in as its own file srand.php.

Hi

I have implemented your protocol implementation in my new product at:

http://pcrypt.org/lastcommit

My problem is that the srp6a protocol fail from time to time (about 1 in 10)

Also your demo code at:

https://pcrypt.org/dev/rod/srp6a/register.php

Fail some times (about the same rate)

srpm value is different for client and server.

I have tried to trace down where the problem is located and think it is on the PHP server side as different browsers do not seam to make any change, but finding the real problem seam to be very difficult - for me at least :-)

Do you have any hint about where the problem may be located?

BTW: both sites have hard coded login information!

Thank you
Benny

The default key material storage of SRP is considered to be weak (see Solar Designer here http://lists.randombit.net/pipermail/cryptography/2015-March/007121.html) .

For this reason we suggest, following discussion on randombit cryptography mailing list, to integrate scrypt as an additional custom hashing method to SRP as described by Alfonso De Gregorio (see http://lists.randombit.net/pipermail/cryptography/2015-March/007123.html) .

It's suggest to use the the following scrypt library This ticket ishttps://github.com/dchest/scrypt-async-js (by Solar designer, see http://lists.randombit.net/pipermail/cryptography/2015-March/007117.html).

By improving SRP authentication, bundling it with scrypt KDF, the authentication protocol would also feature strong password storage server side.

The demo didn't work for me.
Finally I've found that registerBtn in register.phtml had no value assigned and so the condition

if (!empty($_POST['registerBtn']))

in register.php was never satisfied

Thinking about issue #5 it occurs to me that its not immediately clear how to protect a page using the library code. It would be helpful if the successful authentication path left a variable $_SESSION['SRP_AUTHENTICATED'] = true;. At the same time it could unset the hashes and set the SRP session key which could be useful for further cryptography now that the WebCryptoAPI is getting some traction in major browsers.

Hi

First of all I like the demo purpose and I need it to implement SRP :-)

But really missing some sort of instructions about how to use it ;-)

As far as I can see the demo is not running as expected (for me at least).

When I place the files on a Linux PHP server and access register.php from a browser I get a page with two logical parts. A register and login part with respective activation buttons.

I can press register and nothing happens (may be correct). When I press login I get to an empty page (as json_encode gets no variables).

What do I do wrong?

Best regards
Benny