Simple Password Exponential Key Exchange for Node.js. Resistant to MITM, unlike vanilla Diffie-Hellman
An incredibly simple balanced password-authenticated key exchange (PAKE) for Node.js.
This library is an implementation of SPEKE. Meant to reflect Node.js crypto's Diffie-Hellman API.
// Our password.var password = 'keyboardcat';// Prepares an object for both Alice and Bob, with a prime value set.var alice = SPEKEgetSPEKE'modp5';var bob = SPEKEgetSPEKE'modp5';// Initialize the generator, based on the password, as well as create the// public and private keys.alicegenerateKeyspassword;bobgenerateKeyspassword;// Compute the shared secret, with Alice using Bob's public key, and Bob using// Alice's public key.var alice_secret = alicecomputeSecretbobgetPublicKey null 'hex';var bob_secret = bobcomputeSecretalicegetPublicKey null 'hex';// We should now have the same shared secret.assertalice_secretlength > 1;assertalice_secret === bob_secret;
The API is 100% compatible with Node.js Crypto's Diffie-Hellman API, except that the
generateKeys method absolutely requires a password as the first parameter, and the second parameter is an optional encoding type, which can either be set to
'base64'. At the absence of the latter parameter, a buffer is returned for the public key.