Crate pake_cpace_embedded

Source
Expand description

CPace PAKE (Password-Authenticated Key Exchange) implementation using Ristretto255.

§Overview

This crate implements CPace, a secure and efficient password-authenticated key exchange protocol. The implementation is designed to operate without the standard library (#![no_std]).

§Parties

  • Initiating Party: The party initiating the key exchange (e.g., the client).
  • Peer: The other party participating in the key exchange (e.g., the server).

§Protocol Workflow

  1. Step 1: The initiating party generates a Step1Out object containing a context and a step 1 packet.
  2. Step 2: The responder processes the step 1 packet and generates a Step2Out object with shared keys and a step 2 packet.
  3. Step 3: The initiating party finalizes the exchange using the step 2 packet, obtaining the shared keys.

§Constants

  • SESSION_ID_BYTES: Length of the session ID in bytes.
  • STEP1_PACKET_BYTES: Length of the step 1 packet in bytes.
  • STEP2_PACKET_BYTES: Length of the step 2 packet in bytes.
  • SHARED_KEY_BYTES: Length of each derived shared key in bytes.

§Errors

The Error enum defines possible errors, including:

  • Overflow conditions.
  • Random number generator failures.
  • Invalid public keys.

§Example Usage

use pake_cpace_embedded::*;
use rand::rngs::OsRng;

let initiating_party = CPace::step1_with_rng("password", "initiating_party", "responder", Some("ad"), OsRng).unwrap();
let responder = CPace::step2_with_rng(&initiating_party.packet(), "password", "initiating_party", "responder", Some("ad"), OsRng).unwrap();
let shared_keys = initiating_party.step3(&responder.packet()).unwrap();

assert_eq!(shared_keys.k1, responder.shared_keys().k1);
assert_eq!(shared_keys.k2, responder.shared_keys().k2);

Structs§

CPace
Internal CPace context.
SharedKeys
Shared keys derived from the CPace protocol.
Step1Out
Output of the first step of the CPace protocol.
Step2Out
Output of the second step of the CPace protocol.

Enums§

Error
Errors that may occur during the CPace protocol.

Constants§

SESSION_ID_BYTES
Length of the session ID in bytes.
SHARED_KEY_BYTES
Length of each shared key in bytes.
STEP1_PACKET_BYTES
Length of the step 1 packet in bytes.
STEP2_PACKET_BYTES
Length of the step 2 packet in bytes.