559f05eefc
The password stretching (using slow and/or memory hard hashes) in PAKEs usually serves two purposes: - Defending against server compromise impersonation attacks. J-PAKE is an augmented PAKE and as such, stores a password-equivalent and defending against this class of attacks is out of scope. - Preventing offline dictionary attacks. J-PAKE is proven to be zero knowledge and leaks no information beyond the fact if the passwords matched and offline dictionary attack is not possible. In summary: J-PAKE does not benefit from pasword stretching and is unlikely to be an input. This part of the API is not necessary at this point and can be added later. Signed-off-by: Janos Follath <janos.follath@arm.com> |
||
|---|---|---|
| .. | ||
| mbedtls | ||
| psa | ||
| .gitignore | ||
| CMakeLists.txt | ||