Public Report – WhatsApp opaque-ke Cryptographic Implementation Review

In June 2021, WhatsApp engaged NCC Group to conduct a security assessment of the 'opaque-ke' library, an open source Rust implementation of the OPAQUE password authenticated key exchange protocol. The protocol is designed to allow password-based authentication in such a way that a server does not actually learn the plaintext value of the client's password, … Continue reading Public Report – WhatsApp opaque-ke Cryptographic Implementation Review