Skip to content

Server verifies first #2

New issue
New issue
Open
Open
Server verifies first#2
@Sc00bz

Description

@Sc00bz
Sc00bz
opened on Jan 30, 2019

I noticed that the server verifies first instead of the client verifying first. Also when the client verifies they can also send encrypted data, saving an RTT.

Current:

C->S: client id
C<-S: version, algo, opslimit, memlimit, salt
C->S: X
C<-S: Y, server verifier
C->S: client verifier

Should be:

C->S: client id
C<-S: version, algo, opslimit, memlimit, salt, Y
C->S: X, client verifier
C<-S: server verifier

With blind salt it will look like this:

C->S: client id, blind salt
C<-S: version, algo, opslimit, memlimit, blind salt', Y
C->S: X, client verifier
C<-S: server verifier

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions