Secure Remote Password

From VuzeWiki
Jump to: navigation, search

The Secure Remote Password Protocol is a great mechanism for securing remote access to Vuze - it has many desirable characteristics as detailed in the Wikipedia article.

  • It is a 'zero knowledge password proof' - meaning that someone eavesdropping (or capable of doing so) on the messages passing between your remote client and Vuze (e.g. your ISP, the Vuze proxy servers used to establish connectivity when Vuze is fire-walled) can not gain any knowledge about your password.
  • Your password is not stored in any plain-text equivalent within Vuze, so even if your local machine is compromised the attacker can not obtain the password without a costly brute-force approach.
  • The protocol also has perfect forward-secrecy. This means that if in the future your password is compromised, this knowledge, along with records from eavesdropping on messages, can't be used to decrypt previous messages.