[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1092863: marked as done (ITP: opaque-store -- store encrypted blobs of information online, protected by a password using the OPAQUE protocol)

Your message dated Mon, 27 Jan 2025 07:07:26 +0000
with message-id <E1tcJDS-00Dbu5-Jk@fasolo.debian.org>
and subject line Bug#1092863: fixed in opaque-store 0.2.0-1
has caused the Debian Bug report #1092863,
regarding ITP: opaque-store -- store encrypted blobs of information online, protected by a password using the OPAQUE protocol
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1092863: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1092863
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: wnpp
Severity: wishlist
Owner: Joost van Baal-Ilić <joostvb@debian.org>

* Package name    : opaque-store
  Upstream Author : Stefan Marsiske
* URL             : https://github.com/stef/opaque-store
* License         : GPLv3
  Programming Lang: Zig, Python
  Description     : store encrypted blobs of information online, protected by a
                     password using the OPAQUE protocol

 The opaque-store software manages a simple OPAQUE based online store of small
 blobs.

 The OPAQUE protocol is described in the IRTF Crypto Forum Research Group draft
 (https://github.com/cfrg/draft-irtf-cfrg-opaque). The OPAQUE protocol combines
 a Oblivious Pseudo-Random Function (OPRF) and an Authenticated Key-Exchange
 (AKE) into a protocol where a user holding nothing but a password and a server
 holding some information protected by the password can establish a shared
 secret.  The protocol describes an augmented (or asymmetric)
 password-authenticated key exchange (aPAKE) that supports mutual authentication
 in a client-server setting without reliance on PKI and with security against
 pre-computation attacks upon server compromise. In addition, the protocol
 provides forward secrecy and the ability to hide the password from the server,
 even during password registration.

 OPAQUE-Store goes beyond the original OPAQUE protocol as specified by the
 IRTF/CFRG and also supports a threshold variant of OPAQUE. In a threshold setup
 you have a number N of servers that all hold a share of your secret and at
 least a threshold number T of these need to cooperate to recover the secret.
 This provides extra robustness and dillution of responsibility (losing a server
 is not the end of the world!) while at the same time increases security, as an
 attacker now has to compromise at least T servers to get access to some
 information.

For now, my packaging work will focus on shipping the client software only.
That part of the code is implemented in Python, using the pysodium,
SecureString, opaque, and pyoprf Python modules.  It can optionally use
zxcvbn-python.

I will be working on the opaque-store package at (yet to be created)
https://salsa.debian.org/debian/opaque-store .

Once zig is shipped with Debian, work on packaging the server side could
start.  See https://bugs.debian.org/995670 ,
https://bugs.debian.org/1012286 and https://salsa.debian.org/zig-team/zig for
current status of getting zig shipped with Debian.

One is recommended to use pwdsphinx (https://packages.debian.org/pwdsphinx)
as a front-end to opaque-store.

Planned is the packaging of the klutshnik software ( https://klutshnik.info/ ,
https://github.com/stef/klutshnik ) which can interact with authentication
tokens as used by opaque-store, an ITP for this is upcoming.

This work is part of NLnet's ThresholdOPRF project, which is funded through
NLnet's NGI0 Entrust, with financial support from the European Commission's
Next Generation Internet (https://ngi.eu) program. Learn more at the
ThresholdOPRF NLnet project page at https://nlnet.nl/project/ThresholdOPRF.

Bye,

Joost

--- End Message ---
--- Begin Message --- 
Source: opaque-store
Source-Version: 0.2.0-1
Done: Joost van Baal-Ilić <joostvb@debian.org>

We believe that the bug you reported is fixed in the latest version of
opaque-store, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1092863@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joost van Baal-Ilić <joostvb@debian.org> (supplier of updated opaque-store package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 22 Jan 2025 16:51:20 +0100
Source: opaque-store
Binary: opaque-store
Architecture: source all
Version: 0.2.0-1
Distribution: unstable
Urgency: low
Maintainer: Joost van Baal-Ilić <joostvb@debian.org>
Changed-By: Joost van Baal-Ilić <joostvb@debian.org>
Description:
 opaque-store - store OPAQUE password encrypted blobs of information online
Closes: 1092863
Changes:
 opaque-store (0.2.0-1) unstable; urgency=low
 .
   * Initial release (Closes: #1092863)
Checksums-Sha1:
 b41e0e845c64620a730b4bcd3e123285fc64b235 1951 opaque-store_0.2.0-1.dsc
 f372f68bf7815e412cac977c4400aef3dbebfc05 57326 opaque-store_0.2.0.orig.tar.gz
 8bcfbc5da1f19995e2e89091aefcca77c186c748 2084 opaque-store_0.2.0-1.debian.tar.xz
 b4b8f0b0ee244abe7b5285ef1b13c4aa5b81f93c 15260 opaque-store_0.2.0-1_all.deb
 c1cd2ad643f951f80e130d5328fd8d1d522db324 7113 opaque-store_0.2.0-1_amd64.buildinfo
Checksums-Sha256:
 2dcd241a957e59154ccb5d0cfd9b475fb20624577f2d5073f28835a7a410dc28 1951 opaque-store_0.2.0-1.dsc
 8c5487ae63ad5a2d37f2552b758f43364fc20f98fcb01c2621f62ed72ae6b05f 57326 opaque-store_0.2.0.orig.tar.gz
 9c671fc69a507c9c795aecef863ccaa103ccd6c8601d58af66a78bee603746ca 2084 opaque-store_0.2.0-1.debian.tar.xz
 1a2c3fcc1ae4ed2e5bd09104ea8e0f8ba90b0dbcfad4e7a0cb0ffa7301ec172e 15260 opaque-store_0.2.0-1_all.deb
 2878e1754a1b97a9cea18f0842948f4f32aa81fa3fe086e0971ce4d97df02c87 7113 opaque-store_0.2.0-1_amd64.buildinfo
Files:
 660ec91698d7440c622b67cbd10de5da 1951 utils optional opaque-store_0.2.0-1.dsc
 6864fcaf7c1ed9d568332845e8b41a35 57326 utils optional opaque-store_0.2.0.orig.tar.gz
 ecbe6d992c07ba173cd1157e33f1c1c6 2084 utils optional opaque-store_0.2.0-1.debian.tar.xz
 f31239c01b82f11db67fb1f7ac75a1c8 15260 utils optional opaque-store_0.2.0-1_all.deb
 74007d3b74731a1a6e17738d5e465180 7113 utils optional opaque-store_0.2.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEkqrZAbIbS8eaR6AwVPGmYxdIZxMFAmeRFI4ACgkQVPGmYxdI
ZxNvNxAAoTHFVA4iWgJF5mZsx5ln/+leT08OCFAHJYocOtwz0E8nw7czRHfUS9/E
4aaVWZCkuPQat68I+53W/rDNiVay6LXzK9iW0Vx6Tf+u31mxc27JCPkDO9mPAnXj
Yk/5i9zhI+5Ybc7dIXC5rzGcAwnE6jeHDKjBsbUGrdAs5Bp2K6UzMQJ+ltXyAQsw
NaPuCFsHYpPcGQl67CeLgmrY+8NQnMMmj7BF5uWtxjeEcXTK4dXUFDOfGY0sIqyB
5qQFqzPGGHZQ3/qdhkfcy47TixXHvVSBaT8k2AAGTJir6EZcl3XeQitDimgdRTsC
O1HWqBSQDFZ35pFRFpQ7TIgEE51WKCqh4NLWuLXClTvEIbKYmeftStTgP24k1hpR
erN6w5uXuWo5xYFyfSPoUjshrvV0WY968l2RYU9ihfLBMbnj9RVHRgidsjd8gf2G
7iew7dtOhfPTW6pmncCWJGmhuaDDZQP876Snlfe7BadC59aCTddNMQlrIgQe61ro
yhw+HDWgfRHtyAp6Gm6AdAJdWLd8ITVX5InUMZpdyFrPhCjT6yZVVFuKgbp8Krhs
1FH5tYDZIUcHeaeVo86ahLNFy5H3MM7FWO/2J7jIwF9Y54P2kON07LI3VGC9nxbP
3Ay6BF81qN+AVeTp5ESWl1Wu8+5X+PceAKfqPE0xW1MlMIoiAn8=
=XSux
-----END PGP SIGNATURE-----

Attachment: pgpllHQWPLvuk.pgp
Description: PGP signature


--- End Message ---
Reply to: