Browse Prior Art Database

Dragonfly Key Exchange (RFC7664)

IP.com Disclosure Number: IPCOM000245005D
Original Publication Date: 2015-Nov-01
Included in the Prior Art Database: 2016-Feb-05
Document File: 36 page(s) / 38K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Harkins: AUTHOR [+2]

Abstract

Passwords and passphrases are the predominant way of doing authentication in the Internet today. Many protocols that use passwords and passphrases for authentication exchange password- derived data as a proof-of-knowledge of the password (for example, [RFC7296] and [RFC5433]). This opens the exchange up to an offline dictionary attack where the attacker gleans enough knowledge from either an active or passive attack on the protocol to run through a pool of potential passwords and compute verifiers until it is able to match the password-derived data.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 7% of the total text.

Internet Research Task Force (IRTF)                      D. Harkins, Ed. Request for Comments: 7664                                Aruba Networks Category: Informational                                    November 2015 ISSN: 2070-1721

                          Dragonfly Key Exchange

Abstract

   This document specifies a key exchange using discrete logarithm    cryptography that is authenticated using a password or passphrase.    It is resistant to active attack, passive attack, and offline    dictionary attack.  This document is a product of the Crypto Forum    Research Group (CFRG).

Status of This Memo

   This document is not an Internet Standards Track specification; it is    published for informational purposes.

   This document is a product of the Internet Research Task Force    (IRTF).  The IRTF publishes the results of Internet-related research    and development activities.  These results might not be suitable for    deployment.  This RFC represents the individual opinion(s) of one or    more members of the Crypto Forum Research Group of the Internet    Research Task Force (IRTF).  Documents approved for publication by    the IRSG are not a candidate for any level of Internet Standard; see    Section 2 of RFC 5741.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc7664.

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.

 Harkins                       Informational                     [Page 1]
 RFC 7664                        Dragonfly                  November 2015

 Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2

     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   2

     1.2.  Definitions . . . . . . . . . . . . . . . . . . . . . . .   3

       1.2.1.  Notations . . . . . . . . . . . . . . . . . . . . . .   3

       1.2.2.  Resistance to Dictionary Attack . . . . . . . . . . .   3

   2.  Discrete Logarithm Cryptography . . . . . . . . . . . . . . .   4

     2.1.  Elliptic Curve Cryptography . . . . . . . . . . . . . . .   4

     2.2.  Finite Field Cryptography . . . . . . . . . . . . . . . .   5

   3.  The Dragonfly Key Exchange  . ....