TypeScript implementation of the OPAQUE asymmetric PAKE (aPAKE) protocol
Implementation of this Internet Draft proposal.
You may also install this module from npm.
npm install @nthparty/opaqueThe process generally works as follows:
// Each party includes the 1-out-of-n module with IO:
const OT = require('@nthparty/opaque')(IO);
// Login credentials never reaches the server in plaintext
const user_id = 'newuser';
const password = 'correct horse battery staple';
// Sign up
OPAQUE.client_register(password, user_id).then(console.debug.bind(null, 'Registered:'));
// Log in for the first time and receive a session token
OPAQUE.client_authenticate(password, user_id).then(console.debug.bind(null, 'Shared secret:'));
// Register a new user
let user = OPAQUE.server_register();
// Handle a login attempt
OPAQUE.server_authenticate(user.id, user.pepper);
// Result:
'Registered: true'
'Login for newuser succeeded with: 4ccdf3b8cacf08273a085c952aaf3ee83633e6afcedf4f86c00497e862f43c78'
'Shared secret: 4ccdf3b8cacf08273a085c952aaf3ee83633e6afcedf4f86c00497e862f43c78'Please read opaque.test.ts for a more detailed example, and run npm test to test it (requires npm ci -also=dev first to install dependencies).