Skip to content

Commit 2c3b93e

Browse files
committed
Update README
1 parent f04c4bf commit 2c3b93e

File tree

1 file changed

+22
-5
lines changed

1 file changed

+22
-5
lines changed

README.md

Lines changed: 22 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,19 +4,36 @@
44
[![codecov](https://codecov.io/gh/bytemare/opaque/branch/main/graph/badge.svg?token=5bQfB0OctA)](https://codecov.io/gh/bytemare/opaque)
55
[![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fbytemare%2Fopaque.svg?type=shield)](https://app.fossa.com/projects/git%2Bgithub.com%2Fbytemare%2Fopaque?ref=badge_shield)
66

7-
This package implements the asymmetric password-authenticated key exchange protocol as in the latest [Internet Draft](https://github.com/cfrg/draft-irtf-cfrg-opaque).
7+
This package implements [OPAQUE](https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque), an asymmetric password-authenticated
8+
key exchange protocol that is secure against pre-computation attacks. It enables a client to authenticate to a server
9+
without ever revealing its password to the server.
810

9-
[OPAQUE](https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque) enables a client to authenticate to a server without ever revealing its password, with strong security guarantees. The server and client share a nice session secret on successful authentication.
11+
This implementation is developed by one of the authors of the RFC [Internet Draft](https://github.com/cfrg/draft-irtf-cfrg-opaque).
12+
The main branch is in sync with the latest developments of the draft, and [the releases](https://github.com/bytemare/opaque/releases)
13+
correspond to the [official draft versions](https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque).
14+
15+
#### What is OPAQUE?
16+
17+
> OPAQUE is a PKI-free secure aPAKE that is secure against pre-computation attacks. OPAQUE provides forward secrecy with
18+
> respect to password leakage while also hiding the password from the server, even during password registration. OPAQUE
19+
> allows applications to increase the difficulty of offline dictionary attacks via iterated hashing or other key
20+
> stretching schemes. OPAQUE is also extensible, allowing clients to safely store and retrieve arbitrary application data
21+
> on servers using only their password.
22+
23+
#### References
24+
- [The original paper](https://eprint.iacr.org/2018/163.pdf) from Jarecki, Krawczyk, and Xu.
25+
- [OPAQUE is used in WhatsApp](https://engineering.fb.com/2021/09/10/security/whatsapp-e2ee-backups) to enable end-to-end encrypted backups.
26+
- [The GitHub repo](https://github.com/cfrg/draft-irtf-cfrg-opaque) where the draft is being specified.
1027

1128
## Installation
1229

1330
```
14-
go get github.com/bytemare/opaque@v0.6.0
31+
go get github.com/bytemare/opaque@latest
1532
```
1633

17-
## Usage
34+
## Documentation [![Go Reference](https://pkg.go.dev/badge/github.com/bytemare/opaque.svg)](https://pkg.go.dev/github.com/bytemare/opaque)
1835

19-
You can find the documentation and usage examples in [the project wiki](https://github.com/bytemare/opaque/wiki) and [the package doc](https://pkg.go.dev/github.com/bytemare/opaque).
36+
You can find the documentation and usage examples in [the package doc](https://pkg.go.dev/github.com/bytemare/opaque) and [the project wiki](https://github.com/bytemare/opaque/wiki) .
2037

2138
## Versioning
2239

0 commit comments

Comments
 (0)