Is server private key used in AKE protocol?

cfrg / draft-irtf-cfrg-opaque

The OPAQUE Asymmetric PAKE Protocol

https://cfrg.github.io/draft-irtf-cfrg-opaque/draft-irtf-cfrg-opaque.html

Other

100 stars 20 forks source link

Is server private key used in AKE protocol? #391

Closed mitar closed 1 year ago

mitar commented 1 year ago

In 6. Online Authenticated Key Exchange it is listed that server_private_key is input to the AKE protocol, but in 10.12. AKE Private Key Storage it says:

Server implementations of OPAQUE do not need access to the raw AKE private key.

Do do server implementations need a private key or not? Or is this not the same private key and is something else?

bytemare commented 1 year ago

The answer to your question should be in the rest of the paragraph.

A server implementation could delegate operations with the AKE private key to a dedicated backend. The protocol doesn't need raw access to the private key (in contrast with the public key) but needs "something" to perform the AKE on its behalf, like using an HSM for example.

mitar commented 1 year ago

I see. Thanks.