Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
pake
PAKE library for generating a strong secret between parties over an insecure channel (by schollz)
-
matrix-doc
Discontinued Proposals for changes to the matrix specification [Moved to: https://github.com/matrix-org/matrix-spec-proposals]
There's some dust on it, but I made a proof-of-concept OPAQUE implementation some years back (disclaimer: this was done for educational, not security purposes). The README has some good discussion of the various components of OPAQUE, and I'd argue the code (mostly C) is quite readable. If folks are interested, I'd encourage them to take a look: https://github.com/GeorgeLyon/Opaque.
A few years ago, I saw this article and wrote https://github.com/cretz/gopaque as a learning exercise (meaning I am no cryptographer, code has not been vetted, probably outdated, etc).
Library for PAKE (but not OPAQUE specifically) in Go: https://github.com/schollz/pake
> The server can store a sha256 of the PBKDF2 output of your client hashing process or whatevs?
Before we started working on the PAKE thing, I actually kludged together something similar in my own client:
https://github.com/matrix-org/matrix-doc/pull/3265
Related posts
- Conduit: Simple, fast and reliable chat server powered by matrix
- Databag – tiny self-hosted federated messenger for the decentralized web
- Are group video and audio calls encrypten?
- Have any of you used a decentralized messenger before?
- The Matrix Holiday Update 2022: "We are witnessing a classic tragedy of the commons."