@CiPHPerCoder are you familiar with TLS-SRP in the latest OpenSSL and whether the old concerns of username leak are still merited? Looking to see if PHP's OpenSSL implementation can expose SRP and if so is it worth the effort?
-
-
Replying to @dalabarge
I would ask
@matthew_d_green who knows OpenSSL and SRP far better than I do. I'm more interested in projects like OPAQUE than legacy SRP.3 replies 0 retweets 0 likes -
Replying to @CiPHPerCoder @matthew_d_green
Do you have comparison of the benefits of OPAQUE compared to SRP?
2 replies 0 retweets 0 likes -
SRP with blind salt is one extra message back and forth than OPAQUE. Quantum computer resistance SRP: observe a successful exchange and solve a DLP for each pw guess. OPAQUE: solve a DLP and have standard offline pw guessing. Side note SPAKE2+EE is better than SRP6a.
1 reply 0 retweets 2 likes -
Replying to @Sc00bzT @dalabarge and
Steve Retweeted Steve
I'm getting around to doing this (https://twitter.com/Sc00bzT/status/1073441426506162176 …) and I keep forgetting how SRP6a works so minor correction: "SRP with blind salt is the same number of messages as OPAQUE." Forgot to mention that OPAQUE and SPAKE2+EE can use elliptic curves and SRP can't.
Steve added,
1 reply 0 retweets 1 like -
Replying to @Sc00bzT @dalabarge and
SPAKE2+EE with blind salt is still one extra message back and forth… depending on your use. It can be one extra message or even the same if client is the first to send data over the session or first to verify.
2 replies 0 retweets 1 like
I’ll add salt blinding to my SPAKE2+EE implementation once libsodium 1.0.17 is officially released.
-
-
Replying to @jedisct1 @dalabarge and
P.S. blind with the inverse so you can test for 0: C: r = clamp(random()) C: P = hashtopoint(H(pw, userId, serverId)) // or whatever C: R = (1/r) * P C->S: R S: R' = clamp(salt) * R S: if R' == 0, abort C<-S: R' C: blindSalt = r * R' C: if blindSalt==0, abort
0 replies 0 retweets 1 likeThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.