Browse Prior Art Database

The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol (RFC8133)

IP.com Disclosure Number: IPCOM000249754D
Original Publication Date: 2017-Mar-01
Included in the Prior Art Database: 2017-Mar-31

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Smyshlyaev. Ed.: AUTHOR [+4]

Abstract

This document describes the Security Evaluated Standardized Password- Authenticated Key Exchange (SESPAKE) protocol. The SESPAKE protocol provides password-authenticated key exchange for usage in systems for protection of sensitive information. The protocol is intended to be used to establish keys that are then used to organize a secure channel for protection of sensitive information. The security proofs of the protocol were made for situations involving an active adversary in the channel, including man-in-the-middle (MitM) attacks and attacks based on the impersonation of one of the subjects.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 3% of the total text.

Independent Submission                                S. Smyshlyaev, Ed. Request for Comments: 8133                                   E. Alekseev Category: Informational                                        I. Oshkin ISSN: 2070-1721                                                 V. Popov                                                               CRYPTO-PRO                                                               March 2017

 The Security Evaluated Standardized Password-Authenticated Key Exchange                            (SESPAKE) Protocol

Abstract

   This document describes the Security Evaluated Standardized Password-    Authenticated Key Exchange (SESPAKE) protocol.  The SESPAKE protocol    provides password-authenticated key exchange for usage in systems for    protection of sensitive information.  The security proofs of the    protocol were made for situations involving an active adversary in    the channel, including man-in-the-middle (MitM) attacks and attacks    based on the impersonation of one of the subjects.

Status of This Memo

   This document is not an Internet Standards Track specification; it is    published for informational purposes.

   This is a contribution to the RFC Series, independently of any other    RFC stream.  The RFC Editor has chosen to publish this document at    its discretion and makes no statement about its value for    implementation or deployment.  Documents approved for publication by    the RFC Editor are not a candidate for any level of Internet    Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc8133.

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.

Smyshlyaev, et al.            Informational                     [Page 1]
 RFC 8133                         SESPAKE                      March 2017

 Table of Contents

   1. Introduction ....................................................2

   2. Conventions Used in This Document ...............................2

   3. Notations ..................