Security Encyclopedia

Salted Challenge Response Authentication Mechanism

Salted Challenge Response Authentication Mechanism, often referred to as SCRAM, is a protocol used to support password-based authentication. It is a revision to the previous CRAM protocol.

With SCRAM, mutual authentication is established between the client and server through sharing salt that was generated on the server and an IC (iteration counter). This protocol is commonly used in XMPP, IMAP, and SMTP.