diff options
| author | Артём Павлов [Artyom Pavlov] <newpavlov@gmail.com> | 2017-08-13 04:08:23 +0300 |
|---|---|---|
| committer | Артём Павлов [Artyom Pavlov] <newpavlov@gmail.com> | 2017-08-13 04:08:23 +0300 |
| commit | 7919c89b5eecdfef77bd859b4fd33ea04b155cc9 (patch) | |
| tree | 36c72d420612d8efa4e36ec1347be2fdf04894b9 /src/lib.rs | |
| download | PAKEs-7919c89b5eecdfef77bd859b4fd33ea04b155cc9.tar.xz | |
First commit
Diffstat (limited to 'src/lib.rs')
| -rw-r--r-- | src/lib.rs | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/src/lib.rs b/src/lib.rs new file mode 100644 index 0000000..9401514 --- /dev/null +++ b/src/lib.rs @@ -0,0 +1,59 @@ +//! [Secure Remote Password][1] (SRP) protocol implementation. +//! +//! This implementation uses little-endian serialization of big integers and is +//! generic over hash functions using `Digest` trait, so you will need to choose +//! a hash function, e.g. `Sha256` from `sha2` crate. Additionally this crate +//! allows to use a specialized password hashing algorithms for private key +//! computation instead of method described in the SRP literature. +//! +//! Currently compatability with over implementations was not tested. +//! +//! # Algorithm description +//! Here we briefly describe implemented algroithm. For additionall information +//! refer to SRP literature. All arithmetic is done modulo `N`, where `N` is a +//! large safe prime (`N = 2q+1`, where `q` is prime). +//! +//! Client | | Server +//! -------|-------|-------- +//! | — `I` —> | (lookup `s`, `v`) +//! `x = PH(P, s)` | <— `s`, `v` — | +//! `a_pub = g^a` | — `a_pub` —> | `b_pub = k*v + g^b` +//! `u = H(a_pub || b_pub)` | <— `b_pub` — | `u = H(a_pub || b_pub)` +//! `s = (b_pub - k*g^x)^(a+u*x)` | | `S = (b_pub - k*g^x)^(a+u*x)` +//! `K = H(s)` | | `K = H(s)` +//! `M1 = H(A || B || K)` | — `M1` —> | (verify `M1`) +//! (verify `M2`) | <— `M2` — | `M2 = H(A || M1 || K)` +//! +//! `||` denotes concatenation, variables and notations have the following +//! meaning: +//! +//! - `I` — user identity (username) +//! - `P` — user password +//! - `H` — one-way hash function +//! - `HP` — password hashing algroithm, in the SRP described as +//! `H(s || I || P)` or `H(s || P)` +//! - `^` — (modular) exponentiation +//! - `x` — user private key +//! - `s` — salt generated by user and stored on the server +//! - `v` — password verifier equal to `g^x` and stored on the server +//! - `a`, `b` — secret ephemeral values +//! - `A`, `B` — Public ephemeral values +//! - `u` — scrambling parameter +//! - `g` — a generator modulo `N` +//! - `k` — multiplier parameter (`k = H(N || g)` in SRP-6a) +//! +//! [1]: https://en.wikipedia.org/wiki/Secure_Remote_Password_protocol +extern crate num; +extern crate digest; +extern crate generic_array; +extern crate rand; + +mod tools; +pub mod client; +pub mod server; +pub mod types; + +/// 1024 bit prime number which can be used as `n` in the `SrpParams`. +/// +/// For conversion to `BigUint` use `BigUint::from_bytes_le(SRP_PRIME)`. +pub const PRIME: &'static [u8] = include_bytes!("prime.bin"); |