Skip to main content

Threat for the Secure Remote Password Protocol and a Leak in Apple’s Cryptographic Library

  • Conference paper
  • First Online:
Applied Cryptography and Network Security (ACNS 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12727))

Included in the following conference series:


The Secure Remote Password protocol is a password-based authenticated key-exchange between two parties. One advantage is to prevent offline dictionary attacks from an adversary eavesdropping the communication. We present how such an attack is feasible if the modular exponentiation at the heart of the protocol is vulnerable and leaks some data related to the password.

In the case of a fixed exponent, adding randomness during the execution is a classical protection mechanism, and such a mechanism is present in Apple’s cryptographic library to randomize the exponent. Despite being intended to protect against complex side-channel attacks, we show that its usage makes the implementation vulnerable to simple side-channels such as power analysis.

This leakage observed in the library is mild but is useful for the attack we propose on the Secure Remote Password protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others


  1. 1. (bottom of the page).

  2. 2.

    No version number is indicated, but copyright notice and last file update refer to late 2019.

  3. 3.

  4. 4.

    In the file ccdh/src/ccdh_power_blinded.c.

  5. 5.

  6. 6.

  7. 7.

    In the file ccec/src/ccec_mult.c.


  1. Aldaya, A.C., García, C.P., Brumley, B.B.: From A to Z: projective coordinates leakage in the wild. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(3), 428–453 (2020).

    Article  Google Scholar 

  2. Aranha, D.F., Novaes, F.R., Takahashi, A., Tibouchi, M., Yarom, Y.: LadderLeak: breaking ECDSA with less than one bit of nonce leakage. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) 2020 ACM SIGSAC, CCS 2020, pp. 225–242. ACM (2020).

  3. Boudot, F., Gaudry, P., Guillevic, A., Heninger, N., Thomé, E., Zimmermann, P.: Comparing the difficulty of factorization and discrete logarithm: a 240-digit experiment. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 62–91. Springer, Cham (2020).

    Chapter  Google Scholar 

  4. Braga, D.D.A., Fouque, P., Sabt, M.: Dragonblood is still leaking: practical cache-based side-channel in the wild. In: ACSAC 2020, pp. 291–303. ACM (2020).

  5. Brumley, B.B., Tuveri, N.: Remote timing attacks are still practical. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 355–371. Springer, Heidelberg (2011).

    Chapter  Google Scholar 

  6. Cash, D., Kiltz, E., Shoup, V.: The twin Diffie–Hellman problem and applications. J. Cryptol. 22(4), 470–504 (2009).

    Article  MathSciNet  MATH  Google Scholar 

  7. Ciet, M., Joye, M.: (Virtually) free randomization techniques for elliptic curve cryptography. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 348–359. Springer, Heidelberg (2003).

    Chapter  Google Scholar 

  8. Cohen, H., et al. (eds.): Handbook of Elliptic and Hyperelliptic Curve Cryptography. Chapman and Hall/CRC (2005).

  9. Coron, J-S.: Resistance Against Differential Power Analysis For Elliptic Curve Cryptosystems. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 292–302. Springer, Heidelberg (1999).

  10. Feix, B., Roussellet, M., Venelli, A.: Side-channel analysis on blinded regular scalar multiplications. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 3–20. Springer, Cham (2014).

    Chapter  Google Scholar 

  11. Genkin, D., Pachmanov, L., Pipman, I., Tromer, E., Yarom, Y.: ECDSA key extraction from mobile devices via nonintrusive physical side channels. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM SIGSAC 2016, pp. 1626–1638. ACM (2016).

  12. Goudarzi, D., Rivain, M., Vergnaud, D.: Lattice attacks against elliptic-curve signatures with blinded scalar multiplication. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 120–139. Springer, Cham (2017).

    Chapter  Google Scholar 

  13. Goundar, R.R., Joye, M., Miyaji, A., Rivain, M., Venelli, A.: Scalar multiplication on Weierstraß elliptic curves from co-Z arithmetic. J. Cryptogr. Eng. 1(2), 161–176 (2011).

    Article  Google Scholar 

  14. Jancar, J., Sedlacek, V., Svenda, P., Sýs, M.: Minerva: the curse of ECDSA nonces. Systematic analysis of lattice attacks on noisy leakage of bit-length of ECDSA nonces. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(4), 281–308 (2020).

  15. Kocher, P.C.: Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 104–113. Springer, Heidelberg (1996).

    Chapter  Google Scholar 

  16. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999).

    Chapter  Google Scholar 

  17. Montgomery, P.L.: Speeding the pollard and elliptic curve methods of factorization. Math. Comput. 48, 243–264 (1987)

    Article  MathSciNet  Google Scholar 

  18. Muller, F., Valette, F.: High-order attacks against the exponent splitting protection. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 315–329. Springer, Heidelberg (2006).

    Chapter  Google Scholar 

  19. Proton Technologies AG: Protonmail v3.6 release notes

    Google Scholar 

  20. Roche, T., Imbert, L., Lomné, V.: Side-channel attacks on blinded scalar multiplications revisited. In: Belaïd, S., Güneysu, T. (eds.) CARDIS 2019. LNCS, vol. 11833, pp. 95–108. Springer, Cham (2020).

    Chapter  Google Scholar 

  21. Taylor, D., Wu, T., Mavrogiannopoulos, N., Perrin, T.: Using the secure remote password (SRP) protocol for TLS authentication. RFC 5054, 1–24 (2007).

    Article  Google Scholar 

  22. Vanhoef, M., Ronen, E.: Dragonblood: analyzing the dragonfly handshake of WPA3 and EAP-pwd. In: 2020 IEEE Symposium on Security and Privacy, SP 2020, pp. 517–533. IEEE (2020).

  23. Wilson, E.B.: Probable inference, the law of succession, and statistical inference. J. Am. Stat. Assoc. 22(158), 209–212 (1927).

    Article  Google Scholar 

  24. Wu, T.: The SRP authentication and key exchange system. RFC 2945, 1–8 (2000).

    Article  Google Scholar 

  25. Wu, T.D.: The secure remote password protocol. In: NDSS 1998. The Internet Society (1998).

Download references


The author would like to thanks the anonymous reviewers for their comments, Apple Product Security for their collaboration, and finally his colleague Cyril Delétré who provided the power trace captures.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Andy Russon .

Editor information

Editors and Affiliations


A SRP Requests and Responses in iCloud Keychain Recovery

In this appendix, we present the HTTP request srp_init in the context described in Sect. 3.5.

The captures were made on a secondary device using WiresharkFootnote 5 and FridaFootnote 6 to export the TLS session keys for decryption.

Fig. 11.
figure 11

Client’s side of the initialization phase of the SRP protocol in iCloud Keychain recovery.

Fig. 12.
figure 12

Server’s side of the initialization phase of the SRP protocol in iCloud Keychain recovery.

In Fig. 11, the ephemeral value A is base64 encoded and corresponds to 256 bytes, consistent with the 2048-bit group. The server’s answer is given in Fig. 12, and contains the salt and ephemeral value B at the end of the data in the base64 string respBlob, each preceded by their length in bytes: 64 and 256.

We confirmed on the first device that the SRP protocol is executed to retrieve the same record and salt after signing in and out. The new record created for the first device is the one that is used on the secondary device when the experiment is repeated.

B Elliptic Curve and SPAKE2+

In this appendix, we present briefly the implementation of the exponentiation (scalar multiplication) with elliptic curves where the Euclidean splitting technique is also used. We first present the differences of the algorithm implementation, and the consequence on the password-based authenticated key-exchange protocol SPAKE2+, which can be attacked similarly as with SRP.

1.1 B.1 Elliptic Curve Scalar Multiplication

The elliptic curves named secp192r1, secp224r1, secp256r1, secp384r1, and secp521r1 share the same exponentiation algorithm that is implemented in the function ccec_mult.Footnote 7

The whole exponentiation is given with generic group notations in Algorithm 4. It is randomized with the Euclidean splitting, but we note differences with the previous case of modular exponentiation:

  • A padding to hide the bit length of the exponent x with the group order is applied [5];

  • A padding is applied on the remainder of the Euclidean division, so the bit length of the remainder is hidden;

  • The individual exponentiations are executed with the Montgomery ladder algorithm that leaks the bit length of the exponents.

figure d

With a padding on the remainder, the only variation in the execution of the ccec_mult function is the exponentiation with the quotient. As a consequence, the timing execution of the whole exponentiation leaks the bit length of the quotient. An approximation of the secret exponent can be done with timing analysis if the auxiliary processing before and after the call of the function can be controlled.

This issue has been addressed in the updated version of the library. The Montgomery ladder algorithm has been tweaked to make it work when leading bits are set to 0 using characteristics of the algorithm and the point addition formulas from co-Z arithmetic [13].

1.2 B.2 SPAKE2+

The SPAKE2+ protocol [6] is another PAKE protocol similar to the SRP protocol and shares properties such as protection against an eavesdropper or a Man in the Middle. In Apple’s library, it is solely used with elliptic curves.

The attack on SRP can be adapted to work with this protocol, and there are a few differences. The first is that two exponents are derived from the password, and, according to the source code of the library, the client computes two distinct exponentiations with these values. Since the exponentiation is vulnerable, it gives two distinguishers to run an offline dictionary attack. In the situation of the first variant, where the attacker is only an observer, this makes the filtering more effective.

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Russon, A. (2021). Threat for the Secure Remote Password Protocol and a Leak in Apple’s Cryptographic Library. In: Sako, K., Tippenhauer, N.O. (eds) Applied Cryptography and Network Security. ACNS 2021. Lecture Notes in Computer Science(), vol 12727. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-78374-7

  • Online ISBN: 978-3-030-78375-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics