#cryptography #crypto #opaque #passwords #authentication

no-std opaque-ke

An implementation of the OPAQUE password-authenticated key exchange protocol

12 releases (3 stable)

1.2.0 Oct 7, 2021
1.0.0 Jul 19, 2021
0.6.0 Jun 30, 2021
0.5.0 Mar 2, 2021
0.1.0 Jun 5, 2020

#37 in No standard library

Download history 6/week @ 2021-07-07 50/week @ 2021-07-14 21/week @ 2021-07-21 38/week @ 2021-07-28 34/week @ 2021-08-04 48/week @ 2021-08-11 65/week @ 2021-08-18 49/week @ 2021-08-25 35/week @ 2021-09-01 53/week @ 2021-09-08 74/week @ 2021-09-15 31/week @ 2021-09-22 48/week @ 2021-09-29 29/week @ 2021-10-06 41/week @ 2021-10-13 49/week @ 2021-10-20

185 downloads per month

MIT license

4.5K SLoC

The OPAQUE key exchange protocol Build Status

OPAQUE is an asymmetric password-authenticated key exchange protocol. It allows a client to authenticate to a server using a password, without ever having to expose the plaintext password to the server.

This implementation is based on the Internet Draft for OPAQUE.


Asymmetric Password Authenticated Key Exchange (aPAKE) protocols are designed to provide password authentication and mutually authenticated key exchange without relying on PKI (except during user/password registration) and without disclosing passwords to servers or other entities other than the client machine.

OPAQUE is a PKI-free aPAKE that is secure against pre-computation attacks and capable of using a secret salt.


The API can be found here along with an example for usage.


Add the following line to the dependencies of your Cargo.toml:

opaque-ke = "1"

Minimum Supported Rust Version

Rust 1.51 or higher.



The authors of this code are Kevin Lewi (@kevinlewi) and François Garillot (@huitseeker). To learn more about contributing to this project, see this document.


Special thanks go to Hugo Krawczyk and Chris Wood for helping to clarify discrepancies and making suggestions for improving this implementation.


This project is MIT licensed.


~63K SLoC