//! a generator modulo `N`. It's STRONGLY recommended to use SRP parameters
//! provided by this crate in the [`groups`](groups/index.html) module.
//!
-//! Client | | Server
-//! ------------------------|-------------------|------------------------
-//! `a_pub = g^a` | — `a_pub`, `I` —> | (lookup `s`, `v` for given `I`)
-//! `x = PH(P, s)` | <— `b_pub`, `s` — | `b_pub = k*v + g^b`
-//! `u = H(a_pub || b_pub)` | | `u = H(a_pub || b_pub)`
-//! `s = (b_pub - k*g^x)^(a+u*x)` | | `S = (b_pub - k*g^x)^(a+u*x)`
-//! `K = H(s)` | | `K = H(s)`
-//! `M1 = H(A || B || K)` | — `M1` —> | (verify `M1`)
-//! (verify `M2`) | <— `M2` — | `M2 = H(A || M1 || K)`
+//! | Client | Data transfer | Server |
+//! |------------------------|-------------------|---------------------------------|
+//! |`a_pub = g^a` | — `a_pub`, `I` —> | (lookup `s`, `v` for given `I`) |
+//! |`x = PH(P, s)` | <— `b_pub`, `s` — | `b_pub = k*v + g^b` |
+//! |`u = H(a_pub ‖ b_pub)` | | `u = H(a_pub ‖ b_pub)` |
+//! |`s = (b_pub - k*g^x)^(a+u*x)` | | `S = (b_pub - k*g^x)^(a+u*x)` |
+//! |`K = H(s)` | | `K = H(s)` |
+//! |`M1 = H(A ‖ B ‖ K)` | — `M1` —> | (verify `M1`) |
+//! |(verify `M2`) | <— `M2` — | `M2 = H(A ‖ M1 ‖ K)` |
//!
//! Variables and notations have the following
//! meaning:
//! - `P` — user password
//! - `H` — one-way hash function
//! - `PH` — password hashing algroithm, in the RFC 5054 described as
-//! `H(s || H(I || ":" || P))`
+//! `H(s ‖ H(I ‖ ":" ‖ P))`
//! - `^` — (modular) exponentiation
-//! - `||` — concatenation
+//! - `‖` — concatenation
//! - `x` — user private key
//! - `s` — salt generated by user and stored on the server
//! - `v` — password verifier equal to `g^x` and stored on the server
projects / PAKEs.git / commitdiff