Skip to content

Go implementation of OPAQUE, the asymmetric password-authenticated key exchange protocol.

License

Notifications You must be signed in to change notification settings

bytemare/opaque

Repository files navigation

OPAQUE

OPAQUE Go Reference codecov

  import "github.com/bytemare/opaque"

This package implements OPAQUE, an asymmetric password-authenticated key exchange protocol that is secure against pre-computation attacks. It enables a client to authenticate to a server without ever revealing its password to the server.

This implementation is developed by one of the authors of the RFC Internet Draft. The main branch is in sync with the latest developments of the draft, and the releases correspond to the official draft versions.

What is OPAQUE?

OPAQUE is an aPAKE that is secure against pre-computation attacks. OPAQUE provides forward secrecy with respect to password leakage while also hiding the password from the server, even during password registration. OPAQUE allows applications to increase the difficulty of offline dictionary attacks via iterated hashing or other key stretching schemes. OPAQUE is also extensible, allowing clients to safely store and retrieve arbitrary application data on servers using only their password.

References

Documentation Go Reference

You can find the documentation and usage examples in the package doc and the project wiki .

Versioning

SemVer is used for versioning. For the versions available, see the tags on the repository.

Minor v0.x versions match the corresponding CFRG draft version, the master branch implements the latest changes of the draft development.

Contributing

Please read CONTRIBUTING.md for details on the code of conduct, and the process for submitting pull requests.

License

This project is licensed under the MIT License - see the LICENSE file for details.