Password-Authenticated Key (PAK) Diffie-Hellman Exchange (RFC5683)
Original Publication Date: 2010-Feb-01
Included in the Prior Art Database: 2010-Feb-10
Internet Society Requests For Comment (RFCs)
A. Brusilovsky: AUTHOR [+4]
PAK has the following advantages:
Independent Submission A. Brusilovsky Request for Comments: 5683 I. Faynberg Category: Informational Z. Zeltsan ISSN: 2070-1721 Alcatel-Lucent S. Patel Google, Inc. February 2010
Password-Authenticated Key (PAK) Diffie-Hellman Exchange
This document proposes to add mutual authentication, based on a human-memorizable password, to the basic, unauthenticated Diffie- Hellman key exchange. The proposed algorithm is called the Password- Authenticated Key (PAK) exchange. PAK allows two parties to authenticate themselves while performing the Diffie-Hellman exchange.
The protocol is secure against all passive and active attacks. In particular, it does not allow either type of attacker to obtain any information that would enable an offline dictionary attack on the password. PAK provides Forward Secrecy.
Status of This Memo
This document is not an Internet Standards Track specification; it is published for informational purposes.
This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc5683.
Brusilovsky, et al. Informational [Page 1]
RFC 5683 PAK Diffie-Hellman Exchange February 2010
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http:trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this docu...