Skip to content
Advertisement

Browser-Based SRP without Java

I am considering implementing the Secure Remote Password protocol to conduct a zero-knowledge password proof between the browser and my web application. The SRP website provides an example, but it requires java to perform calculations. I am wondering whether it is possible to implement SRP using javascript without the use of Java, as I do not want to require my users to have Java installed, particularly as my audience will be a security conscious one which would potentially consider the risk of having the java plugin enabled a greater risk to their security than a zero-knowledge password proof.

Here is the link to their demo: http://srp.stanford.edu/demo/

Advertisement

Answer

I am wondering whether it is possible to implement SRP using javascript without the use of Java,

If you are looking for a standardized method, the answer in NO.

The WebCrypto Working Group is standardizing things now for some crypto operations. However, the WG has already stated they will not provide access to the underlying BigInt primitives needed for the modular operations, so you won’t have the primitives you need in the first release. You may get it in a subsequent release. See Question on BigInteger operations from their mailing list.

Update: the WebCrypto Working Group is not going to provide Diffie-Hellman as part of the standard, either. And the Chrome team is not even going to provide Diffie-Hellman as an extension. They claim there are no use cases or demand for Diffie-Hellman, either. See Diffie-Hellman in WebCrypto from their mailing list.

You might be able to find it in a Javascript library, but I would expect it to be slow (or slower than a native implementation).


Related, keep in mind that the same folks who are denying you BigInts and Diffie-Hellman are the same folks who decreed “interception is a valid use case” in the browser security model.

And they are the same folks who broke RFC 7469 Public Key Pinning Extension for HTTP. For a detailed commentary, see Comments on draft-ietf-websec-key-pinning. Worse, when they were called-out for providing the overrides and breaking the secure channel, they changed the language in Draft 21 to Final to make it even more obscure and hidden away.

User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement