20 releases (5 stable)
|Jul 25, 2023
|Mar 15, 2023
|Sep 22, 2022
|Jul 11, 2022
|Jun 5, 2020
#260 in No standard library
11,033 downloads per month
Used in 6 crates (5 directly)
The OPAQUE key exchange protocol
OPAQUE is an asymmetric password-authenticated key exchange protocol. It allows a client to authenticate to a server using a password, without ever having to expose the plaintext password to the server.
This implementation is based on the Internet Draft for OPAQUE.
Asymmetric Password Authenticated Key Exchange (aPAKE) protocols are designed to provide password authentication and mutually authenticated key exchange without relying on PKI (except during user/password registration) and without disclosing passwords to servers or other entities other than the client machine.
OPAQUE is a PKI-free aPAKE that is secure against pre-computation attacks and capable of using a secret salt.
Add the following line to the dependencies of your
opaque-ke = "3.0.0-pre.4"
Minimum Supported Rust Version
Rust 1.65 or higher.
This library was audited by NCC Group in June of 2021. The audit was sponsored by WhatsApp for its use in enabling end-to-end encrypted backups.
The audit found issues in release
v0.5.0, and the fixes were subsequently incorporated into release
v1.2.0. See the full audit report here.
- OPAQUE academic publication, including formal definitions and a proof of security
- draft-irtf-cfrg-opaque-11, containing a detailed (byte-level) specification for OPAQUE
- "Let's talk about PAKE", an introductory blog post written by Matthew Green that covers OPAQUE
- @serenity-kit/opaque, a WebAssembly package for this library
- opaque-wasm, a WebAssembly package for this library. A comparison between
opaque-wasmcan be found here
- react-native-opaque, a React Native package for this library matching the API of
Special thanks go to Hugo Krawczyk and Chris Wood for helping to clarify discrepancies and making suggestions for improving this implementation. Additional credit goes to @daxpedda for adding no_std support, p256 support, and making other general improvements to the library.