Package python3-module-spake2: Information

Source package: python3-module-spake2
Version: 0.8-alt1
Build time:  Jun 8, 2019, 12:00 AM
Report package bug
License: MIT
Summary: SPAKE2 password-authenticated key exchange (pure python)
This library implements the SPAKE2 password-authenticated key exchange
("PAKE") algorithm. This allows two parties, who share a weak password, to
safely derive a strong shared secret (and therefore build an
encrypted+authenticated channel).

A passive attacker who eavesdrops on the connection learns no information
about the password or the generated secret. An active attacker
(man-in-the-middle) gets exactly one guess at the password, and unless they
get it right, they learn no information about the password or the generated
secret. Each execution of the protocol enables one guess. The use of a weak
password is made safer by the rate-limiting of guesses: no off-line
dictionary attack is available to the network-level attacker, and the
protocol does not depend upon having previously-established confidentiality
of the network (unlike e.g. sending a plaintext password over TLS).

The protocol requires the exchange of one pair of messages, so only one round
trip is necessary to establish the session key. If key-confirmation is
necessary, that will require a second round trip.

All messages are bytestrings. For the default security level (using the
Ed25519 elliptic curve, roughly equivalent to an 128-bit symmetric key), the
message is 33 bytes long.

List of rpms provided by this srpm:
python3-module-spake2 (noarch)

Maintainer: Vitaly Lipatov

List of contributors:
Vitaly Lipatov

    1. python3-dev
    2. python3-module-setuptools
    3. python3-module-setuptools
    4. rpm-build-python3

Last changed

June 9, 2018 Vitaly Lipatov 0.8-alt1
- new version 0.8 (with rpmrb script)
Dec. 24, 2017 Vitaly Lipatov 0.7-alt1
- Initial build for ALT Sisyphus