TLS/SRP in browsers?

L

4

16

Is there a plan or existing implementation of RFC 5054 in any of the major browsers yet?

If nobody has an implementation yet, then which major browsers have it on their roadmap? Where?

Lulita answered 6/5, 2010 at 5:22 Comment(0)

S

8

This feature is on Mozilla's radar, and there are a couple of feature enhancement requests on record at bugzilla.mozilla.org (356855,405155), but they've been pretty quiet lately. There maybe a lack of an appreciation of what SRP is good for.

For my two cents, SRP/TLS seems to not mesh well with existing security models in Firefox, so implementation touches many different parts of the browser (from UI to NSS). Could be a similar issue for other browsers as well?

Shearin answered 16/5, 2010 at 7:55 Comment(2)

Could be. But it seems like lately NOTHING meshes with the existing security models (including security). I think we're due for a rethink on SSL certificates (see also DN spoofing) as well. – Lulita 16/5, 2010 at 22:10

@Lulita SSL has it's weak points, its true. I wasn't digging on SRP/TLS, the idea of it is really growing on me. The point I was alluding to is that in a large, complex project like a browser, it can be hard to make these kind of changes without serious demand, and demand is just not there among general users. Go hence, and spread the word of RFC 5054! – Shearin 17/5, 2010 at 1:19

K

5

cURL will have TLS-SRP support in the next release. See the Patch for TLS-SRP support (using GnuTLS) thread in curl-library. (I revived a patch by Peter Sylvester.)

And I'm trying to revive Steffen Schulz's bugzilla patches for TLS-SRP in NSS (bugzilla #405155), which is Mozilla's SSL/TLS library. I've updated the patches to work with the latest NSS and will post them in a week or so. Once it's working in NSS, then Firefox is next.

Kappa answered 20/1, 2011 at 19:17 Comment(2)

a new problem is also rising: the SRP is defined only with AES-CBC ciphers, none with AES-GCM. Also, its use of FFDH construction makes it rather slow, I wonder if translating it to ECC wouldn't make it a bit better too... That does mean we need RFCs that do that – Rounds 18/10, 2015 at 14:47

Another issue is that none of the SRP suites use SHA2 or higher. Since SHA1 is now considered broken, there will probably not be much consideration of these suites going forward. – Impart 20/3, 2017 at 15:43

W

1

There is some code for NSS, Chrome and Firefox, nothing merged yet, but it works. Some minor non-technical issues are still to be resolved however. Some code and info can be found on trustedhttp.org, and in Firefox and Chromium bugzillas.

Waddle answered 10/6, 2011 at 23:22 Comment(0)

R

0

A JavaScript implementation works in Firefox:

http://srp.stanford.edu/demo/demo.html

Reverential answered 6/5, 2010 at 5:26 Comment(2)

So to the best of your knowledge, none of the web browsers have implemented this natively? – Lulita 7/5, 2010 at 19:23

That demo uses a Java applet. – Tyishatyke 10/5, 2010 at 22:30

Recommended topics

Hot tags