1

In ALLJOYN_SRP_KEYX auth mechnism, how do clients know password?

asked 2015-07-29 20:01:25 -0700

eekshs16 gravatar image

updated 2015-07-29 20:02:59 -0700

I'm reading following link, and I have a question about ALLJOYN_SRP_KEYX.

https://allseenalliance.org/developer...

Provider app may read password from an text file.

Consumer app may read password from client user.

Should both passwords be same? If so, how do clients know password?

Should clients check password from devices' LCD or something like that?

edit retag flag offensive close merge delete

Comments

you might try on the core mailing list. https://lists.allseenalliance.org/mailman/listinfo/allseen-core

ry.jones ( 2015-08-07 20:56:23 -0700 )edit

1 answer

Sort by ยป oldest newest most voted
1

answered 2015-08-10 01:43:31 -0700

praveenb gravatar image

updated 2015-10-20 16:58:52 -0700

Yes. For Secure Remote Password (SRP) protocol based authentication to be successful, passwords at both end should be identical.

The clients are expected to know the password via out-of-band mechanism (for eg. prior knowledge / agreement).

Note: If you do not want to use any prior agreement, you will have to go for a public-key based authentication mechanism viz. ALLJOYN_ECDHE_ECDSA.

edit flag offensive delete publish link more
Login/Signup to Answer

Question Tools

Follow
1 follower

Stats

Asked: 2015-07-29 20:01:25 -0700

Seen: 86 times

Last updated: Oct 20 '15