Last 12 weeks · 0 commits
4 of 6 standards met
Repository: facebook/pake-kem. Description: An implementation of a PAKE based on a KEM Stars: 4, Forks: 4. Primary language: Rust. Languages: Rust (100%). License: Apache-2.0. Open PRs: 0, open issues: 0. Last activity: 4mo ago. Community health: 75%. Top contributors: kevinlewi, rozbb.
I added a more detailed threat model to the README, to inform any users. This PAKE would work for, eg, a protocol that uses an ephemeral PIN as a password, but that's not true of every use case. A quick explanation of one of the claims. The reason a quantum adversary with an old transcript can learn the password is simply bc they see MAC tags which are generated using the CPace shared secret. This is enough information for a quantum adversary to tell whether their password guess is correct. cc @kevinlewi