Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate using modern ZKPPs #3

Open
KellerFuchs opened this issue Aug 25, 2016 · 2 comments
Open

Investigate using modern ZKPPs #3

KellerFuchs opened this issue Aug 25, 2016 · 2 comments
Assignees
@KellerFuchs

Comments

@KellerFuchs
Copy link
Owner

KellerFuchs commented Aug 25, 2016
edited
Loading

It seems that newer ZKPPs than SRP, namely SPAKE2+, use modern crypto and are provably secure.
Moreover, there is a pull request to add an implementation in the Stanford JS Crypto Library.

The goal is to have both:

  • not relying on the communication channel to the (auth) server being secure;
  • not storing information on the server that is sufficient to impersonate a user.
@KellerFuchs KellerFuchs self-assigned this Aug 25, 2016
@KellerFuchs
Copy link
Owner Author

Looks like what we would want here is a so-called Augmented PAKE.

@KellerFuchs
Copy link
Owner Author

KellerFuchs commented Aug 25, 2016
edited
Loading

@lrvick I'm tempted to simply modify AugPAKE to use an elliptic curve instead of a Z/nZ group.
This would trivially preserve the security proof, to boot.
(We lose pwh's current “post-quantumness”, but only for preventing people with the DB from impersonating clients; the passwords still get a pretty-much “Oh My God” security level)

On the other hand, homebaked crypto is not something I would relish recommending...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@KellerFuchs KellerFuchs

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@KellerFuchs