Implementation of SPAKE2 key exchange protocol.
Working implementation that interoperates with python-spake2 using the default settings, i.e. with Ed25519.
No other groups implemented.
- compatibility with python-spake2
- (stretch) submit to cryptonite
Right now:
- PAKE2+
- any Elligator Edition variants
The interoperability harness entry point is the best working example of how to use the code.
The main module documentation might also help.
Requires the LeastAuthority interoperability harness.
Assumes that haskell-spake2 has been compiled (stack build
will do it)
and that you know where the executable lives (stack install
might be helpful here).
To show that Python works as Side A and Haskell works as Side B:
$ runhaskell TestInterop.hs ./python-spake2-interop-entrypoint.hs A abc -- /path/to/haskell-spake2-interop-entrypoint B abc
["./python-spake2-interop-entrypoint.py","A","abc"]
["/path/to/haskell-spake2-interop-entrypoint","B","abc"]
A's key: 8a2e19664f0a2bc6e446d2c44900c67604fe42f6d7e0a1328a5253b21f4131a5
B's key: 8a2e19664f0a2bc6e446d2c44900c67604fe42f6d7e0a1328a5253b21f4131a5
Session keys match.
Note: if you want to run runhaskell
with stack
,
you will need to invoke it like:
stack runhaskell TestInterop.hs -- ./python-spake2-interop-entrypoint.hs A abc -- /path/to/haskell-spake2-interop-entrypoint B abc
The above results are genuine, and demonstrate that the Haskell SPAKE2 implementation does work. Specifically, that it interoperates with python-spake2.
We use stack for building and testing.
High-quality documentation with examples is very strongly encouraged, because this stuff is pretty hard to figure out, and we need all the help we can get.