search

facebook / opaque-ke

An implementation of the OPAQUE password-authenticated key exchange protocol
Apache License 2.0
301 stars 46 forks source link

Where to find Argon2? #317

Closed EntityinArray closed 1 year ago

EntityinArray commented 1 year ago

Wiki suggests using Argon2 KDF instead of Identity. I enabled argon2 feature, but can't seem to find it.

use opaque_ke::CipherSuite;

struct Default;
impl CipherSuite for Default {
    type OprfCs = opaque_ke::Ristretto255;
    type KeGroup = opaque_ke::Ristretto255;
    type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDh;
    type Ksf = opaque_ke::ksf::Argon2;
}
error[E0412]: cannot find type `Argon2` in module `opaque_ke::ksf`
 --> src/main.rs:8:32
  |
8 |     type Ksf = opaque_ke::ksf::Argon2;
  |                                ^^^^^^ not found in `opaque_ke::ksf`
kevinlewi commented 1 year ago

Can you try mirroring the simple_login.rs example:

https://github.com/facebook/opaque-ke/blob/main/examples/simple_login.rs#L46-L53

That should work.

EntityinArray commented 1 year ago

Hi, thank you for such quick response. It still doesn't seem to work:

use opaque_ke::CipherSuite;
use argon2::Argon2;

struct Default;

impl CipherSuite for Default {
    type OprfCs = opaque_ke::Ristretto255;
    type KeGroup = opaque_ke::Ristretto255;
    type KeyExchange = opaque_ke::key_exchange::tripledh::TripleDh;

    type Ksf = Argon2<'static>;
}
error[E0277]: the trait bound `Argon2<'static>: Ksf` is not satisfied
  --> src/main.rs:11:16
   |
11 |     type Ksf = Argon2<'static>;
   |                ^^^^^^^^^^^^^^^ the trait `Ksf` is not implemented for `Argon2<'static>`
   |
   = help: the following other types implement trait `Ksf`:
             Identity
             argon2::Argon2<'_>
note: required by a bound in `opaque_ke::CipherSuite::Ksf`
  --> /home/entityinarray/.cargo/registry/src/github.com-1ecc6299db9ec823/opaque-ke-2.0.0/src/ciphersuite.rs:42:15
   |
42 |     type Ksf: Ksf;
   |               ^^^ required by this bound in `CipherSuite::Ksf`
kevinlewi commented 1 year ago

Hmm, what version of opaque-ke are you trying this with, and do you have the argon2 feature enabled? When I clone off of the main branch and run:

cargo run --features argon2 --example simple_login

It works just fine...

daxpedda commented 1 year ago

The error seems to imply that the crate feature is actually enabled:

   = help: the following other types implement trait `Ksf`:
             Identity
             argon2::Argon2<'_>

So probably the version of argon2 @EntityinArray uses differs from the one required by opaque-ke, this is probably related to the bump we had here: #314. opaque-ke on crates.io requires argon2 v0.4, but the newest one is v0.5.

@kevinlewi I think it would be useful to have a new pre-release for opaque-ke, that would also correspond to the new one for voprf.

kevinlewi commented 1 year ago

I see, thanks @daxpedda! Addressing this with #318.

EntityinArray commented 1 year ago

Thank you very much for addressing this so quickly! I'm going to use argon2 0.4 for now. When #318 is going to make its way into the crate?