Browse Prior Art Database

Requirements for Password-Authenticated Key Agreement (PAKE) Schemes (RFC8125)

IP.com Disclosure Number: IPCOM000249861D
Original Publication Date: 2017-Apr-01
Included in the Prior Art Database: 2017-Apr-20
Document File: 20 page(s) / 25K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

J. Schmidt: AUTHOR

Abstract

Passwords are the predominant method of accessing the Internet today due, in large part, to their intuitiveness and ease of use. Since a user needs to enter passwords repeatedly in many connections and applications, these passwords tend to be easy to remember and can be entered repeatedly with a low probability of error. They tend to be low-grade and not-so-random secrets that are susceptible to brute- force guessing attacks.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 11% of the total text.

Internet Research Task Force (IRTF)                           J. Schmidt Request for Comments: 8125                     secunet Security Networks Category: Informational                                       April 2017 ISSN: 2070-1721

   Requirements for Password-Authenticated Key Agreement (PAKE) Schemes

Abstract

   Password-Authenticated Key Agreement (PAKE) schemes are interactive    protocols that allow the participants to authenticate each other and    derive shared cryptographic keys using a (weaker) shared password.    This document reviews different types of PAKE schemes.  Furthermore,    it presents requirements and gives recommendations to designers of    new schemes.  It is a product of the Crypto Forum Research Group    (CFRG).

Status of This Memo

   This document is not an Internet Standards Track specification; it is    published for informational purposes.

   This document is a product of the Internet Research Task Force    (IRTF).  The IRTF publishes the results of Internet-related research    and development activities.  These results might not be suitable for    deployment.  This RFC represents the consensus of the Crypto Forum    Research Group of the Internet Research Task Force (IRTF).  Documents    approved for publication by the IRSG are not a candidate for any    level of Internet Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,    and how to provide feedback on it may be obtained at    http://www.rfc-editor.org/info/rfc8125.

Copyright Notice

   Copyright (c) 2017 IETF Trust and the persons identified as the    document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal    Provisions Relating to IETF Documents    (http://trustee.ietf.org/license-info) in effect on the date of    publication of this document.  Please review these documents    carefully, as they describe your rights and restrictions with respect    to this document.

Schmidt                       Informational                     [Page 1]
 RFC 8125                PAKE Scheme Requirements              April 2017

 Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2

   2.  Requirements Notation . . . . . . . . . . . . . . . . . . . .   3

   3.  PAKE Taxonomy . . . . . . . . . . . . . . . . . . . . . . . .   3

     3.1.  Storage of the Password . . . . . . . . . . . . . . . . .   3

     3.2.  Transmission of Public Keys . . . . . . . . . . . . . . .   4

     3.3.  Two Party versus Multiparty . . . . . . . . . . . . . . .   4

   4.  Security of PAKEs . . . . . . . . . . . . . . . . . . . . . .   5

     4.1.  Implementation Aspects  . . ....