diff options
Diffstat (limited to 'srp/src')
| -rw-r--r-- | srp/src/lib.rs | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/srp/src/lib.rs b/srp/src/lib.rs index df11ae9..9dfffee 100644 --- a/srp/src/lib.rs +++ b/srp/src/lib.rs @@ -1,17 +1,17 @@ //! [Secure Remote Password][1] (SRP) protocol implementation. -//! +//! //! This implementation is generic over hash functions using //! [`Digest`](https://docs.rs/digest) trait, so you will need to choose a hash //! function, e.g. `Sha256` from [`sha2`](https://crates.io/crates/sha2) crate. //! Additionally this crate allows to use a specialized password hashing //! algorithm for private key computation instead of method described in the //! SRP literature. -//! +//! //! Compatability with over implementations was not yet tested. -//! +//! //! # Usage //! Add `srp` dependecy to your `Cargo.toml`: -//! +//! //! ```toml //! [dependencies] //! rand = "0.3" @@ -28,31 +28,31 @@ //! //! # Algorithm description //! Here we briefly describe implemented algroithm. For additionall information -//! refer to SRP literature. All arithmetic is done modulo `N`, where `N` is a +//! refer to SRP literature. All arithmetic is done modulo `N`, where `N` is a //! large safe prime (`N = 2q+1`, where `q` is prime). Additionally `g` MUST be //! a generator modulo `N`. It's STRONGLY recommended to use SRP parameters //! provided by this crate in the [`groups`](groups/index.html) module. -//! -//! Client | | Server -//! ------------------------|---------------|------------------------ -//! | — `I` —> | (lookup `s`, `v`) -//! `x = PH(P, s)` | <— `s`, `v` — | -//! `a_pub = g^a` | — `a_pub` —> | `b_pub = k*v + g^b` -//! `u = H(a_pub || b_pub)` | <— `b_pub` — | `u = H(a_pub || b_pub)` -//! `s = (b_pub - k*g^x)^(a+u*x)` | | `S = (b_pub - k*g^x)^(a+u*x)` -//! `K = H(s)` | | `K = H(s)` -//! `M1 = H(A || B || K)` | — `M1` —> | (verify `M1`) -//! (verify `M2`) | <— `M2` — | `M2 = H(A || M1 || K)` -//! -//! `||` denotes concatenation, variables and notations have the following +//! +//! Client | | Server +//! ------------------------|-------------------|------------------------ +//! `a_pub = g^a` | — `a_pub`, `I` —> | (lookup `s`, `v` for given `I`) +//! `x = PH(P, s)` | <— `b_pub`, `s` — | `b_pub = k*v + g^b` +//! `u = H(a_pub || b_pub)` | | `u = H(a_pub || b_pub)` +//! `s = (b_pub - k*g^x)^(a+u*x)` | | `S = (b_pub - k*g^x)^(a+u*x)` +//! `K = H(s)` | | `K = H(s)` +//! `M1 = H(A || B || K)` | — `M1` —> | (verify `M1`) +//! (verify `M2`) | <— `M2` — | `M2 = H(A || M1 || K)` +//! +//! Variables and notations have the following //! meaning: -//! +//! //! - `I` — user identity (username) //! - `P` — user password //! - `H` — one-way hash function //! - `PH` — password hashing algroithm, in the RFC 5054 described as //! `H(s || H(I || ":" || P))` //! - `^` — (modular) exponentiation +//! - `||` — concatenation //! - `x` — user private key //! - `s` — salt generated by user and stored on the server //! - `v` — password verifier equal to `g^x` and stored on the server |