-
Notifications
You must be signed in to change notification settings - Fork 7
Home
Welcome to the opaque wiki!
For the full protocol definitions please refer to the IETF draft.
OPAQUE is a 3-message authentication protocol. It used 3 messages for client credential registrations, and 3 messages for online authentication.
The client only needs a password, and the server will store a so-called verifier that contains a public key.
After registration, the server has a client record containing public material only.
On successful client authentication, both client and server share a common secret session key that they can use for various purposes: derive encryption keys for the session, derive authentication token, etc.
Both the registration and online login procedures put out an export_key to the client only.
The registration consists of the 3 messages sent between the client and the server, initiated by the client.
Client Server
------------------------------------------------------
(request, blind) = CreateRegistrationRequest(password)
request
------------------------->
(response, oprf_key) = CreateRegistrationResponse(request,
server_public_key,
credential_identifier,
oprf_seed)
response
<-------------------------
(record, export_key) = FinalizeRequest(client_private_key,
password,
blind,
response)
record
------------------------->
todo
todo
todo
Client Server ------------------------------------------------------ ke1 = ClientInit(client_identity, password, client_info)
ke1
------------------------->
ke2 = ServerInit(server_identity, server_private_key,
server_public_key, record,
credential_identifier, oprf_seed, ke1)
ke2
<-------------------------
(ke3,
server_info,
session_key,
export_key) = ClientFinish(password, client_identity,
server_identity, ke2)
ke3
------------------------->
session_key = ServerFinish(ke3)
todo
todo
todo
todo