3 unstable releases
| 0.3.6 | Jun 13, 2024 |
|---|---|
| 0.2.1 | Jan 15, 2022 |
| 0.2.0 | Jan 13, 2022 |
#410 in Authentication
123 downloads per month
22KB
323 lines
This crate was originally named opaquebind, but has been renamed to opaque-borink. The last version named opaquebind can be found found here.
A simple configuration of the opaque-ke OPAQUE implementation, using a base64url-encoded format to serialize and deserialize the Rust structs.
OPAQUE (see the Internet-Draft) is an upcoming standard for password authentication. It is more secure than a traditional simple salt and password hash scheme.
It uses a basic CipherSuite configured as follows:
- curve25519_dalek Ristretto group as Group
- opaque-ke's own TripleDH as KeyExchange
- sha2 Sha512 as Hash
- argon2 default Argon2 as SlowHash
It exposes four functions on both the server and client: login finish/start and register finish/start; as well as a key generation function.
opaquebind serves as the core library for opaquepy and @tiptenbrink/opaquewasm, bindings for Python and WebAssembly, respectively.
Dependencies
~5MB
~96K SLoC