-
The section about iterative hash function "IHF" in the CPace draft (https://tools.ietf.org/html/draft-haase-cpace-01) is orphan documentation and should be removed.
The function "IHF" is used inc…
-
There should be test vectors that compare with @filosottile's implementation: https://github.com/FiloSottile/go-cpace-ristretto255
-
Hello "jesdict1",
I would like to draw your attention to the latest version of the ID regarding CPace.
https://datatracker.ietf.org/doc/draft-irtf-cfrg-cpace/
There are a couple of minor chan…
-
>Simply concatenating variable-length, possibly attacker controlled values as the
>I-D suggests is dangerous. For example, the (idA, idB) pairs ("ax", "b") and
>("a", "xb") would result equivalent…
-
https://blog.cryptographyengineering.com/2018/10/19/lets-talk-about-pake/
I am using croc. What do you think of OPAQUE ?
-
This issue is to track the CFRG PAKE selection process going on in the IETF. When that process completes, if they pick a PAKE other than SPAKE2, we should consider swapping out SPAKE2 if there are no…
-
Hi @BjoernMHaase, I noticed that there is an inconsistency in the test vector generation for the optional sid output fields, see the following:
https://github.com/cfrg/draft-irtf-cfrg-cpace/blob/80…
-
> https://eprint.iacr.org/2018/733.pdf
An Oblivious PRF (OPRF) is a protocol between a server holding a key to a PRF and a user holding an input. At the end of the interaction, the user learns the …
-
Since the PAKE has ~128-bit security, it would be slightly cleaner to use SHA-256 for the HKDF construction rather than SHA-512, so that the strength of the hash function is balanced with the strength…
-
The crates.io listing (https://crates.io/crates/pake-cpace/) should be added to the readme or somewhere else so people on the repository on github can find it on crates.io