FileAccessManager, a key management program including an implementation of RFC 2945, the SRP authentication and key exchange system
Most computer users use simple passwords for access to their computers. These passwords are chosen because they are easy to remember. Using dictionary words for passwords, allow attackers to easily gain entrance to a system. There are authentication algorithms available now that can offer some protection against simple passwords. The Secure Remote Password Protocol (SRP) is a verifier-based authentication scheme that protects weak passwords by storing a password verifier and salt on the server. The security of SRP is based in the discrete logarithm problem. A separate session key is computed for each authentication session as a strong encryption key. This value cannot be computed from publicly known values, thus preventing a snooper from gaining password information during authentication. To further protect data in an intranet, files can be encrypted. Frequently, users are unfamiliar with encryption. The FileAccessManager is a client and server program that authenticates users, encrypts/decrypts files, and stores the encryption keys with file identifiers and access lists. The FileAccessManager Server controls access to identifier and encryption keys for files, while the Client authenticates users and offers encryption and decryption of files. The user is responsible for transmitting encrypted files to other users.