CryptKit 0.9: cryptsock

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Dec 5 14:42:09 CET 2001


dpj at world.std.com (David P Jablon) writes:

>References and links for many of the papers in the field of 
>password-based public key cryptography can be found at:
>http://www.integritysciences.com/links.html

>And several relevant submissions to IEEE P1363.2 can be found at:
>http://grouper.ieee.org/groups/1363/StudyGroup/submissions.html

>In article <7x667pw8ap.fsf at ruckus.brouhaha.com>,
>Paul Rubin  <phr-n2001d at nightsong.com> wrote:
>>Bryan <bryan at eevolved.com> writes:
>>> Thanks for the link, it lead me to research other password-based
>>> key-agreement schemes. I found Authentication and Key Agreement via
>>> Memorable Password (
>>> http://citeseer.nj.nec.com/kwon00authentication.html ) which claims
>>> to be the most efficient of all of them ( EKE, PAK, SRP, GXY, AuthA
>>> ).  I believe I will implement AMP.  Your input would be
>>> appreciated.
>>
>>I'm not familiar with AMP.  The SRP paper has references to some other
>>protocols of this type though.  Main problem I see is patent issues
>>around many of them.  I believe SRP was developed in order to avoid
>>the EKE patent.

>I can confirm that SPEKE was designed to avoid earlier patents.

... but is itself patented, thus making it of academic interest only.

(Seems like half the password-assisted PKCs around exist mostly to avoid
 patents on other password-assisted PKCs).

Peter.




More information about the Python-list mailing list