diff --git a/core/srp.js b/core/srp.js
index 84876321..742f64fb 100644
--- a/core/srp.js
+++ b/core/srp.js
@@ -22,8 +22,8 @@ sjcl.keyexchange.srp = {
    * @param {String} P The password.
    * @param {Object} s A bitArray of the salt.
    * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
-                           to obtain this object.
-   * @return {Object} A bitArray of SRP v.
+   *                       to obtain this object.
+   * @return {Object} A bn of SRP v.
    */
   makeVerifier: function(I, P, s, group) {
     var x;
@@ -45,6 +45,132 @@ sjcl.keyexchange.srp = {
     return sjcl.hash.sha1.hash(sjcl.bitArray.concat(s, inner));
   },
 
+  /**
+   * Calculates SRP group constant k.
+   *   k = SHA1(N | PAD(g)) [RFC 5054]
+   * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
+   *                       to obtain this object.
+   * @return {Object} A bitArray of SRP k.
+   */
+  makeK: function(group) {
+    var nbits = group.N.bitLength();
+    var inner = sjcl.bitArray.concat(group.N.toBits(nbits), group.g.toBits(nbits));
+    return sjcl.hash.sha1.hash(inner);
+  },
+
+  /**
+   * Calculates key derivation variable u per [RFC 5054].
+   *   u = SHA1(PAD(A) | PAD(B))
+   * @param {Object} clientPub A bn of client pubilc message (A).
+   * @param {Object} serverPub A bn of server public message (B).
+   * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
+   *                       to obtain this object.
+   * @return {Object} A bitArray of SRP u.
+   */
+  makeU: function(clientPub, serverPub, group) {
+    var nbits = group.N.bitLength();
+    var inner = sjcl.bitArray.concat(clientPub.toBits(nbits), serverPub.toBits(nbits));
+    return sjcl.hash.sha1.hash(inner);
+  },
+  
+  /**
+   * Calculates client secret and public values for the client key exchange SRP message.
+   *   private = a = random value from 0 to N-2
+   *   public = A = g^a mod N  [RFC 5054]
+   * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
+   *                       to obtain this object.
+   * @param {Object} priv When given, will be used instad of random value for client secret.
+   *                      Expected bn.
+   * @return {Object} A pair of bn of SRP a and A as {private: a, public: A}.
+   */
+  makeClientMsg: function(group, priv=undefined) {
+    var a, A; // Private and public parts
+    var q = group.N.sub(1); // Group order
+
+    if (priv === undefined) {
+      a = sjcl.bn.random(q);
+    } else {
+      a = priv;
+    }
+
+    A = group.g.powermod(a, group.N);
+    return { private: a, public: A };
+  },
+
+  /**
+   * Calculates server secret and public values for the server key exchange SRP message.
+   *   private = b = random value from 0 to N-2
+   *   public = B = k*v + g^b mod N  [RFC 5054]
+   * @param {Object} v A bn of client verification token v.
+   * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
+   *                       to obtain this object.
+   * @param {Object} priv When given, will be used instad of random value for server secret.
+   *                      Expected bn.
+   * @return {Object} A pair of bn of SRP a and A as {private: a, public: A}.
+   */
+  makeServerMsg: function(v, group, priv=undefined) {
+    var b, B; // Private and public parts
+    var q = group.N.sub(1); // Group order
+    var k = sjcl.keyexchange.srp.makeK(group);
+
+    if (priv === undefined) {
+      b = sjcl.bn.random(q);
+    } else {
+      b = priv;
+    }
+
+    k = sjcl.bn.fromBits(k);
+    // B = k*v + g^b % N
+    B = group.g.powermod(b, group.N);
+    B.addM(k.mulmod(v, group.N));
+    B = B.mod(group.N);
+    return { private: b, public: B };
+  },
+
+  /**
+   * Calculates shared secret (pre-master secret key per [RFC 5054] nomenclature) from using client's data.
+   *   pmsk = (B - (k * g^x)) ^ (a + (u * x)) mod N  [RFC 5054]
+   * @param {String} I The username.
+   * @param {String} P The password.
+   * @param {Object} s A bitArray of the salt.
+   * @param {Object} clientMsg Client ephemeral key pair as returned by makeClientMsg.
+   * @param {Object} serverPub A bn of server ephemeral public key (server key exchange message).
+   * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
+   *                       to obtain this object.
+   * @return {Object} A bitArray of pmsk (shared secret).
+   */
+  makeClientPmsk: function(I, P, s, clientMsg, serverPub, group) {
+    var q = group.N.sub(1); /* Group order */
+    var u = sjcl.keyexchange.srp.makeU(clientMsg.public, serverPub, group);
+    var k = sjcl.keyexchange.srp.makeK(group);
+    var x = sjcl.keyexchange.srp.makeX(I, P, s);
+    u = sjcl.bn.fromBits(u);
+    k = sjcl.bn.fromBits(k);
+    x = sjcl.bn.fromBits(x);
+    // (B - (k * g^x)) ^ (a + (u * x)) mod N
+    var base = serverPub.sub(k.mulmod(group.g.powermod(x, group.N), group.N)).mod(group.N);
+    var exp = clientMsg.private.add(u.mulmod(x, q)).mod(q);
+    return base.powermod(exp, group.N).toBits(group.N.bitLength());
+  },
+
+  /**
+   * Calculates shared secret (pre-master secret key per [RFC 5054] nomenclature) from using server's data.
+   *   pmsk = (A * v^u) ^ b mod N  [RFC 5054]
+   * @param {Object} v A bn of client verification token v.
+   * @param {Object} clientPub A bn of client ephemeral public key (client key exchange message).
+   * @param {Object} serverMsg Server ephemeral key pair as retuurned by makeServerMsg.
+   * @param {Object} group The SRP group. Use sjcl.keyexchange.srp.knownGroup
+   *                       to obtain this object.
+   * @return {Object} A bitArray of pmsk (shared secret).
+   */
+  makeServerPmsk: function(v, clientPub, serverMsg, group) {
+    var u = sjcl.keyexchange.srp.makeU(clientPub, serverMsg.public, group);
+    u = sjcl.bn.fromBits(u);
+    // (A * v^u) ^ b mod N
+    var base = clientPub.mulmod(v.powermod(u, group.N), group.N);
+    return base.powermod(serverMsg.private, group.N).toBits(group.N.bitLength());
+  },
+
   /**
    * Returns the known SRP group with the given size (in bits).
    * @param {String} i The size of the known SRP group.
diff --git a/test/srp_test.js b/test/srp_test.js
index 8a40b871..d16af8c7 100644
--- a/test/srp_test.js
+++ b/test/srp_test.js
@@ -8,14 +8,80 @@ new sjcl.test.TestCase("SRP known-answer (RFC 5054) tests", function (cb) {
   var i, kat = sjcl.test.vector.srp, tv, group, v, x;
 
   for (i=0; i<kat.length; i++) {
-    tv = kat[i];
+    // Make shallow copy of test vector as to not modify the original
+    // Note: This is a workaround for older EcmaScript variants (<=5), for EcmaScript 6+ Object.assign could be used instead.
+    tv = {}
+    for (var attr in kat[i]) { tv[attr] = kat[i][attr]; }
     group = sjcl.keyexchange.srp.knownGroup(tv.known_group_size);
     tv.s = sjcl.codec.hex.toBits(tv.s);
+    tv.v = new sjcl.bn(tv.v);
+    tv.a = new sjcl.bn(tv.a);
+    tv.A = new sjcl.bn(tv.A);
+    tv.b = new sjcl.bn(tv.b);
+    tv.B = new sjcl.bn(tv.B);
+    tv.pmsk = sjcl.codec.hex.toBits(tv.pmsk);
+
     x = sjcl.keyexchange.srp.makeX(tv.I, tv.P, tv.s);
     this.require(sjcl.codec.hex.fromBits(x).toUpperCase() === tv.x, "srpx #"+i);
 
     v = sjcl.keyexchange.srp.makeVerifier(tv.I, tv.P, tv.s, group);
-    this.require(v.equals(new sjcl.bn(tv.v)), "srpv #"+i);
+    this.require(v.equals(tv.v), "srpv #"+i);
+
+    k = sjcl.keyexchange.srp.makeK(group);
+    this.require(sjcl.codec.hex.fromBits(k).toUpperCase() === tv.k, "srpk #"+i);
+
+    u = sjcl.keyexchange.srp.makeU(tv.A, tv.B, group);
+    this.require(sjcl.codec.hex.fromBits(u).toUpperCase() === tv.u, "srpu #"+i);
+
+    clientMsg = sjcl.keyexchange.srp.makeClientMsg(group, tv.a);
+    this.require(clientMsg.private.equals(tv.a), "srpa #"+i);
+    this.require(clientMsg.public.equals(tv.A), "srpA #"+i);
+
+    serverMsg = sjcl.keyexchange.srp.makeServerMsg(tv.v, group, tv.b);
+    this.require(serverMsg.private.equals(tv.b), "srpb #"+i);
+    this.require(serverMsg.public.equals(tv.B), "srpB #"+i);
+
+    clientPmsk = sjcl.keyexchange.srp.makeClientPmsk(tv.I, tv.P, tv.s, {private: tv.a, public: tv.A}, tv.B, group);
+    this.require(sjcl.bitArray.equal(clientPmsk, tv.pmsk), "srppmsk-a #"+i)
+    serverPmsk = sjcl.keyexchange.srp.makeServerPmsk(tv.v, tv.A, {private: tv.b, public: tv.B}, group);
+    this.require(sjcl.bitArray.equal(clientPmsk, tv.pmsk), "srppmsk-b #"+i)
   }
   cb && cb();
 });
+
+new sjcl.test.TestCase("SRP simulation (RFC 5054) tests", function (cb) {
+  // Simple interaction simulation based on the RFC 5054 test vectors
+
+  if (!sjcl.keyexchange.srp) {
+    this.unimplemented();
+    cb && cb();
+    return;
+  }
+
+  var i, kat = sjcl.test.vector.srp, tv, group, v, x;
+
+  // NOTE: This initializes the global PRNG with a known seed
+  var entropy = [ 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, 0xFEEDBEEF, 0xDEADD00D, ];
+  sjcl.random.addEntropy(entropy, 256, "object");
+
+  for (i=0; i<kat.length; i++) {
+    // Make shallow copy of test vector as to not modify the original
+    // Note: This is a workaround for older EcmaScript variants (<=5), for EcmaScript 6+ Object.assign could be used instead.
+    tv = {}
+    for (var attr in kat[i]) { tv[attr] = kat[i][attr]; }
+    group = sjcl.keyexchange.srp.knownGroup(tv.known_group_size);
+    tv.s = sjcl.codec.hex.toBits(tv.s);
+    tv.v = new sjcl.bn(tv.v);
+
+    // Simulation with random private messages
+        
+    clientMsg = sjcl.keyexchange.srp.makeClientMsg(group);
+    serverMsg = sjcl.keyexchange.srp.makeServerMsg(tv.v, group);
+
+    clientPmsk = sjcl.keyexchange.srp.makeClientPmsk(tv.I, tv.P, tv.s, clientMsg, serverMsg.public, group);
+    serverPmsk = sjcl.keyexchange.srp.makeServerPmsk(tv.v, clientMsg.public, serverMsg, group);
+
+    this.require(sjcl.bitArray.equal(clientPmsk, serverPmsk), "srppmsk-rand #"+i)
+  }
+  cb && cb();
+});
\ No newline at end of file
diff --git a/test/srp_vectors.js b/test/srp_vectors.js
index 5cab5e40..a1448a9a 100644
--- a/test/srp_vectors.js
+++ b/test/srp_vectors.js
@@ -4,8 +4,16 @@ sjcl.test.vector.srp = [
   I: "alice",
   P: "password123",
   s: "BEB25379D1A8581EB5A727673A2441EE",
+  k: "7556AA045AEF2CDD07ABAF0F665C3E818913186F",
   x: "94B7555AABE9127CC58CCF4993DB6CF84D16C124",
   v: "7E273DE8696FFC4F4E337D05B4B375BEB0DDE1569E8FA00A9886D8129BADA1F1822223CA1A605B530E379BA4729FDC59F105B4787E5186F5C671085A1447B52A48CF1970B4FB6F8400BBF4CEBFBB168152E08AB5EA53D15C1AFF87B2B9DA6E04E058AD51CC72BFC9033B564E26480D78E955A5E29E7AB245DB2BE315E2099AFB",
+  a: "60975527035CF2AD1989806F0407210BC81EDC04E2762A56AFD529DDDA2D4393",
+  b: "E487CB59D31AC550471E81F00F6928E01DDA08E974A004F49E61F5D105284D20",
+  A: "61D5E490F6F1B79547B0704C436F523DD0E560F0C64115BB72557EC44352E8903211C04692272D8B2D1A5358A2CF1B6E0BFCF99F921530EC8E39356179EAE45E42BA92AEACED825171E1E8B9AF6D9C03E1327F44BE087EF06530E69F66615261EEF54073CA11CF5858F0EDFDFE15EFEAB349EF5D76988A3672FAC47B0769447B",
+  B: "BD0C61512C692C0CB6D041FA01BB152D4916A1E77AF46AE105393011BAF38964DC46A0670DD125B95A981652236F99D9B681CBF87837EC996C6DA04453728610D0C6DDB58B318885D7D82C7F8DEB75CE7BD4FBAA37089E6F9C6059F388838E7A00030B331EB76840910440B1B27AAEAEEB4012B7D7665238A8E3FB004B117B58",
+  u: "CE38B9593487DA98554ED47D70A7AE5F462EF019",
+  pmsk: "B0DC82BABCF30674AE450C0287745E7990A3381F63B387AAF271A10D233861E359B48220F7C4693C9AE12B0A6F67809F0876E2D013800D6C41BB59B6D5979B5C00A172B4A2A5903A0BDCAF8A709585EB2AFAFA8F3499B200210DCC1F10EB33943CD67FC88A2F39A4BE5BEC4EC0A3212DC346D7E474B29EDE8A469FFECA686E5A",
+
   known_group_size: 1024
 }
 ];