- edited description
random number generator for `a` doesn't comply with RFC 5054
Issue #12
resolved
RFC5054 says to use a minimum of 256 bit random numbers and to pick a number in the range [1,N)
. The current client lib uses exactly 256 bits. It would be better to use max(N.getLength(), 256)
bit random BigInteger values and then mod(N)
. This would mean that for N of 1024 bits we would use 1024 random bits rather than the current 256 random bits.
The upstream Nimbus project has Java code which takes the approach outlined above which can be ported to JavaScript https://bitbucket.org/connect2id/nimbus-srp/src/3d066aca4e68ab42f0527b98ed3c04c6e821d382/src/main/java/com/nimbusds/srp6/SRP6Routines.java?at=issue20&fileviewer=file-view-default#SRP6Routines.java-139
Comments (2)
-
reporter -
reporter - changed status to resolved
merged to master
- Log in to comment