目录
- .cargoUpdating dual-license language (#324)2年前
- .githubUpgrade ml-kem from 0.2 to 0.3.0-rc.0 (#421)22天前
- benchesSIGMA-I Key Exchange (#378)11个月前
- examplesDeleting extraneous file (#412)5个月前
- scriptsFixing simple_login test to enable argon2 feature (#328)2年前
- srcUpgrade ml-kem from 0.2 to 0.3.0-rc.0 (#421)22天前
- testsPublishing v4.0.0 (#407)6个月前
- .gitignoreRemove Cargo.lock4年前
- CHANGELOG.mdUpgrade ml-kem from 0.2 to 0.3.0-rc.0 (#421)22天前
- CODE_OF_CONDUCT.mdInitial commit5年前
- CONTRIBUTING.mdUpdating dual-license language (#324)2年前
- Cargo.tomlUpgrade ml-kem from 0.2 to 0.3.0-rc.0 (#421)22天前
- LICENSE-APACHEAdding audit report reference to README + licenses (#253)4年前
- LICENSE-MITAdding audit report reference to README + licenses (#253)4年前
- README.mdUpgrade ml-kem from 0.2 to 0.3.0-rc.0 (#421)22天前
- clippy.tomlSIGMA-I Key Exchange (#378)11个月前
- deny.tomlFixing clippy issues (#418)3个月前
- rustfmt.tomlFormat (#257)4年前
- taplo.tomlGeneral Improvements (#268)4年前
邀请码
版权所有:中国计算机学会技术支持:开源发展技术委员会
京ICP备13000930号-9
京公网安备 11010802032778号
The OPAQUE key exchange protocol
OPAQUE is an augmented password-authenticated key exchange protocol. It allows a client to authenticate to a server using a password, without ever having to expose the plaintext password to the server.
This implementation is based on RFC 9807.
Background
Augmented Password Authenticated Key Exchange (aPAKE) protocols are designed to provide password authentication and mutually authenticated key exchange without relying on PKI (except during user/password registration) and without disclosing passwords to servers or other entities other than the client machine.
OPAQUE is a PKI-free aPAKE that is secure against pre-computation attacks and capable of using a secret salt.
Documentation
The API can be found here along with an example for usage. More examples can be found in the examples directory.
Installation
Add the following line to the dependencies of your
Cargo.toml:Minimum Supported Rust Version
Rust 1.87 or higher.
Audit
This library was audited by NCC Group in June of 2021. The audit was sponsored by WhatsApp for its use in enabling end-to-end encrypted backups.
The audit found issues in release
v0.5.0, and the fixes were subsequently incorporated into releasev1.2.0. See the full audit report here.Resources
@serenity-kit/opaqueandopaque-wasmcan be found here@serenity-kit/opaqueContributors
The authors of this code are Kevin Lewi (@kevinlewi) and François Garillot (@huitseeker). To learn more about contributing to this project, see this document.
Acknowledgments
Special thanks go to Hugo Krawczyk and Chris Wood for helping to clarify discrepancies and making suggestions for improving this implementation. Additional credit goes to @daxpedda for adding no_std support, p256 support, and making other general improvements to the library.
License
This project is dual-licensed under either the MIT license or the Apache License, Version 2.0. You may select, at your option, one of the above-listed licenses.