Important: This documentation covers Yarn 1 (Classic).
For Yarn 2+ docs and migration guide, see yarnpkg.com.

Package detail

opaque-low-io

tvquizphd44MIT4.0.0TypeScript support: included

Typescript OPAQUE (OPRF asymmetric PAKE) with minimal client/server io

asymmetric, password, authenticated, key-exchange, OPAQUE, aPAKE, PAKE, JavaScript, TypeScript, cryptography, cryptographic-library

readme

opaque-low-io

Typescript OPAQUE (OPRF asymmetric PAKE) with minimal client/server io.

This is a fork of a typescript port of @nthparty/opaque.

Protocol

Implementation of this Internet Draft proposal.

Installation

You may also install this module from npm.

npm install opaque-low-io

Calling the API

The process generally works as follows:

// Each party includes the 1-out-of-n module with IO:
const OT = require('opaque-low-io')(IO);

// Login credentials never reaches the server in plaintext
const user_id = 'newuser';
const password = 'correct horse battery staple';

// Sign up
OPAQUE.clientRegister(password, user_id).then(console.debug.bind(null, 'Registered:'));

// Log in for the first time and receive a session token
OPAQUE.clientAuthenticate(password, user_id).then(console.debug.bind(null, 'Shared secret:'));

// Register a new user
let user = OPAQUE.serverRegister();

// Handle a login attempt
OPAQUE.serverAuthenticate(user.id, user.pepper);

// Result:
'Registered: true'
'Login for newuser succeeded with: 4ccdf3b8cacf08273a085c952aaf3ee83633e6afcedf4f86c00497e862f43c78'
'Shared secret: 4ccdf3b8cacf08273a085c952aaf3ee83633e6afcedf4f86c00497e862f43c78'