References and Links

N. Haller and R. Atkinson, "On Internet Authentication", RFC 1704, Naval Research Laboratory, October 1994.

D. Jablon, "Strong Password-Only Authenticated Key Exchange", ACM Computer Communications Review, October 1996.

S. M. Bellovin and M. Merritt, "Limitations of the Kerberos Authentication System", Proceedings of the 1991 USENIX Conference, Dallas, TX 1991.

S. M. Bellovin and M. Merritt, "Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks", Proceedings of the 1992 IEEE Computer Society Conference on Research in Security and Privacy, May 1992.

S. M. Bellovin and M. Merritt, "Augmented Encrypted Key Exchange: a Password-Based Protocol Secure Against Dictionary Attacks and Password File Compromise", AT&T Bell Laboratories (c. 1994).

M. Steiner, G. Tsudik, and M. Waidner, "Refinement and Extension of Encrypted Key Exchange", ACM Operating Systems Review, Vol. 29, No. 3, July 1995.

D. Denning and G. Sacco, "Timestamps in Key Distribution Systems", Communications of the ACM, August 1981.

B. Schneier, "Applied Cryptography", 2nd ed., John Wiley & Sons, 1996.

SRP on the Net

Other Crypto Resources