Expand description
SPAKE2+ augmented PAKE protocol implementation.
Implements the SPAKE2+ protocol per RFC 9383 with pluggable ciphersuites.
Unlike balanced SPAKE2, the server (Verifier) stores only a verifier
(w0, L) derived from the password — not the password itself.
Re-exports§
pub use ciphersuite::Spake2PlusCiphersuite;pub use error::Spake2PlusError;pub use prover::Prover;pub use prover::ProverOutput;pub use prover::ProverState;pub use registration::compute_verifier;pub use transcript::Spake2PlusOutput;pub use verifier::Verifier;pub use verifier::VerifierState;
Modules§
- ciphersuite
- SPAKE2+ ciphersuite trait.
- encoding
- RFC 9383 transcript encoding.
- error
- SPAKE2+-specific error types.
- prover
- SPAKE2+ Prover (client) state machine.
- registration
- Registration helper for computing the SPAKE2+ verifier.
- transcript
- Key schedule and output per RFC 9383 section 3.4.
- verifier
- SPAKE2+ Verifier (server) state machine.