软件包:python3-spake2(0.9-1)
SPAKE2 password-authenticated key exchange (pure python)
This library implements the SPAKE2 password-authenticated key exchange ("PAKE") algorithm. This allows two parties, who share a weak password, to safely derive a strong shared secret (and therefore build an encrypted authenticated channel).
A passive attacker who eavesdrops on the connection learns no information about the password or the generated secret. An active attacker (man-in-the-middle) gets exactly one guess at the password, and unless they get it right, they learn no information about the password or the generated secret. Each execution of the protocol enables one guess. The use of a weak password is made safer by the rate-limiting of guesses: no off-line dictionary attack is available to the network-level attacker, and the protocol does not depend upon having previously-established confidentiality of the network (unlike e.g. sending a plaintext password over TLS).
The protocol requires the exchange of one pair of messages, so only one round trip is necessary to establish the session key. If key-confirmation is necessary, that will require a second round trip.
其他与 python3-spake2 有关的软件包
|
|
|
|
-
- dep: python3
- 交互式高级面向对象语言(默认 python3 版本)
-
- dep: python3-cryptography
- Python library exposing cryptographic recipes and primitives (Python 3)