| 12
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 
 | Source: python-spake2
Maintainer: Antoine Beaupré <anarcat@debian.org>
Section: python
Priority: optional
Build-Depends: debhelper-compat (= 9),
               dh-python,
               python3-all,
               python3-hkdf,
               python3-setuptools
Standards-Version: 4.1.3
Homepage: https://github.com/warner/python-spake2
Vcs-Git: https://salsa.debian.org/python-team/modules/python-spake2.git
Vcs-Browser: https://salsa.debian.org/python-team/modules/python-spake2
Package: python3-spake2
Architecture: all
Depends: ${misc:Depends}, ${python3:Depends}
Description: SPAKE2 password-authenticated key exchange (pure python)
 This library implements the SPAKE2 password-authenticated key
 exchange ("PAKE") algorithm. This allows two parties, who share a
 weak password, to safely derive a strong shared secret (and therefore
 build an encrypted+authenticated channel).
 .
 A passive attacker who eavesdrops on the connection learns no
 information about the password or the generated secret. An active
 attacker (man-in-the-middle) gets exactly one guess at the password,
 and unless they get it right, they learn no information about the
 password or the generated secret. Each execution of the protocol
 enables one guess. The use of a weak password is made safer by the
 rate-limiting of guesses: no off-line dictionary attack is available
 to the network-level attacker, and the protocol does not depend upon
 having previously-established confidentiality of the network (unlike
 e.g. sending a plaintext password over TLS).
 .
 The protocol requires the exchange of one pair of messages, so only
 one round trip is necessary to establish the session key. If
 key-confirmation is necessary, that will require a second round
 trip.
 |