PAKEs icon indicating copy to clipboard operation
PAKEs copied to clipboard

Published 20 hours ago verified publisher icon RustCrypto

srp: compute `K = H(S)` correctly.

Open zadlg opened this issue 10 months ago • 5 comments

srp: compute K = H(S) correctly.

According to the specification section The SRP protocol, K (which corresponds to the session key) is computed as follows:

K = H(S)

where H is the digest algorithm, and S is the common exponential value.

In the current implementation, K is equal to S, which does not follow the SRP protocol specification.

This commit fixes this issue by computing the right value for K.

zadlg avatar Apr 08 '24 16:04 zadlg

See also #153 and #163, as well as RFC5054

tarcieri avatar May 10 '24 00:05 tarcieri

up

zadlg avatar Jun 29 '24 12:06 zadlg

@zadlg your opinion on the existing PRs and any overlap and existing discussion would be appreciated

tarcieri avatar Jun 29 '24 12:06 tarcieri

Sorry, I didn't understand you were waiting for an answer from me.

I think the specification is quite clear, isn't it ?

zadlg avatar Jun 29 '24 13:06 zadlg

Let me be a little more explicit:

  • Do you think your PR is a duplicate?
  • What do you think about the approach in the other PR?
  • Which PRs should be merged?

tarcieri avatar Jun 29 '24 13:06 tarcieri