Hello everyone,
I was looking at SPAKE2+ example (NCS v2.6.99) and trying to understand where the password used to derived the shared secret is set or used. Can anyone help me?
BR.
Hello everyone,
I was looking at SPAKE2+ example (NCS v2.6.99) and trying to understand where the password used to derived the shared secret is set or used. Can anyone help me?
BR.
The second message exchange (different values for verifier and prover), before the final message that has the same K_shared. Also, I want to know if there is any way to adjust the example to use CMAC-AES-128.
BR.
I want to have something like this example:
Where the CMAC output (confirmP and confirmV) are both 16 bytes.
BR.
Hi,
I will discuss your questions with our developers. I expect to get back to you by the end of the next week.
Best regards,
Dejan
Hi,
We mainly support Matter version of SPAKE2+ which is HMAC based. You could try to follow the logic in sdk-oberon-psa-crypto to change to CMAC-AES-128. For intermediate values, please note that PAKE is basically implementing APIs from PSA. You can look at this PSA API document.
Best regards,
Dejan