Skip to content

OPAQUE

OPAQUE

  • Password-Authenticated Key Exchange Protocol (PAKE)
  • Authenticates the user with a password or hash

https://blog.cryptographyengineering.com/2018/10/19/lets-talk-about-pake/
https://eprint.iacr.org/2018/163.pdf
https://github.com/lowbee2019/OPAQUE/blob/master/OPAQUE.py

oblivious PRF

  • Keeps the salt from being sent to the user
  • Keeps the password from being sent to the server
  • If password is bad wrong salt2 is generated
    The server stores "salt", and the client has the password.

salt2 = PRF(salt, password) // This is calculated between the 
                            // client and server, using an oblivious
                            // protocol where the client never learns
                            // salt, and the server never learns
                            // the password. The client obtains salt2

K      = PasswordHash(salt2, password) // This is done on the client