package spoke

  1. Overview
  2. Docs
SPAKE+EE implementation in OCaml


Dune Dependency






A Password-authenticated key agreement protocol in OCaml

Published: 14 Feb 2023


Spoke, a password-authenticated key agreement protocol in OCaml

The goal of Spoke is to establish an agreement on two strong keys from a shared weak password. This implementation comes from a description of SPAKE2+EE available here.

Let's start with Bob and Alice. They share a weak password and they want to initiate a secure connection. Spoke is able to derive from this weak password 2 keys that can be used to establish a secure connection using symmetric encryption (like AEAD).

Spoke implements a handshake between Alice and Bob and returns the 2 keys for Alice and for Bob. It provides a Mirage_flow.S implementation which uses GCM, CCM or ChaCha20_Poly1305 as a symmetric encryption mechamism between the client to the server and the server to the client (they can be different).

You can simulate this handshake with the bin/simulate.exe program. It creates a socket and simulates a communication between Alice and Bob and finds an arrangement about 2 keys usable for symmetric encryption. Then, it sends a file to the server which repeats contents to the client. The client check the integrity of the received contents.

                         .---->----. (via GCM)
                 [ client ]       [ server ]
 (via ChaCha20_Poly1305) '----<----'

You can execute it with:

$ dune exec bin/simulate.exe -- filename hello-world

The goal of this tool is to ensure:

  • that the handshake is done correctly if Bob & Alice share the same password

  • the transmission throught a symmetric cipher from the shared keys works

A full explanation of the protocol and the handshake is available on my blog: Spoke, how to implement a little cryptographic protocol. Finally, you should take a look on bob which has a real usage of Spoke.

Dependencies (14)

  1. result >= "1.5"
  2. lwt >= "5.6.1"
  3. mirage-flow >= "3.0.0" & < "4.0.0"
  4. mirage-crypto >= "0.11.0" & < "1.0.0"
  5. ke
  6. encore >= "0.8"
  7. bigstringaf >= "0.9.0"
  8. digestif >= "0.8.1"
  9. base64 >= "3.0.0"
  10. logs
  11. hxd
  12. fmt
  13. dune >= "2.9.0"
  14. ocaml >= "4.08.0"

Dev Dependencies (3)

  1. tcpip with-test & >= "6.0.0"
  2. rresult with-test
  3. mimic with-test

Used by





Innovation. Community. Security.