Ubuntu
python-spake2 package

python-spake2 0.8-2.1 source package in Ubuntu

Changelog

python-spake2 (0.8-2.1) unstable; urgency=medium

  * Non-maitainer upload.
  * Fix Python 3.12 compatibility (Closes: #1058253)

  [ Ondřej Nový ]
  * d/control: Update Vcs-* fields with new Debian Python Team Salsa
    layout.

  [ Debian Janitor ]
  * Bump debhelper from deprecated 9 to 12.
  * Re-export upstream signing key without extra signatures.
  * Set upstream metadata fields: Repository, Repository-Browse.

 -- Alexandre Detiste <email address hidden>  Sun, 28 Jan 2024 13:07:51 +0100

Upload details

Uploaded by:
anarcat
Uploaded to:
Sid
Original maintainer:
anarcat
Architectures:
all
Section:
misc
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Noble: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-spake2_0.8-2.1.dsc 2.2 KiB ed56d05262f8101948cb58a7deb4a1cb942dc4491e85c894962b6516497c19a2
python-spake2_0.8.orig.tar.gz 56.7 KiB c17a614b29ee4126206e22181f70a406c618d3c6c62ca6d6779bce95e9c926f4
python-spake2_0.8.orig.tar.gz.asc 858 bytes 1e390ded9ebd552becbe3613adaa893033ca07f3499d304716b02e7dfbcfc565
python-spake2_0.8-2.1.debian.tar.xz 5.8 KiB deacf0903257c55a8b99c4db7c0ecf143a984371be0a0fbe78036f3b3da16b7e

Available diffs

No changes file available.

Binary packages built by this source

python3-spake2: SPAKE2 password-authenticated key exchange (pure python)

 This library implements the SPAKE2 password-authenticated key
 exchange ("PAKE") algorithm. This allows two parties, who share a
 weak password, to safely derive a strong shared secret (and therefore
 build an encrypted+authenticated channel).
 .
 A passive attacker who eavesdrops on the connection learns no
 information about the password or the generated secret. An active
 attacker (man-in-the-middle) gets exactly one guess at the password,
 and unless they get it right, they learn no information about the
 password or the generated secret. Each execution of the protocol
 enables one guess. The use of a weak password is made safer by the
 rate-limiting of guesses: no off-line dictionary attack is available
 to the network-level attacker, and the protocol does not depend upon
 having previously-established confidentiality of the network (unlike
 e.g. sending a plaintext password over TLS).
 .
 The protocol requires the exchange of one pair of messages, so only
 one round trip is necessary to establish the session key. If
 key-confirmation is necessary, that will require a second round
 trip.