Navigation
  • Home
  • Recent
  • Most Active
  • Popular
  • Blog
  • Credits
  • RSS
    		•
      Interaction
  • Register
  • Statistics
    		•
      Help
  • Suggestions
  • Contact Us
  • How to Edit
  • Help
    		•



    [Edit]


    In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password.
    Password-authenticated key agreement generally encompasses methods such as:

      Balance password-authenticated key exchange
      Augmented password-authenticated key exchange
      Password-authenticated key retrieval
      Multi-server methods
      Multi-party methods

    In the most stringent password-only security models, there is no requirement for the user of the method to remember any secret or public data other than the password.

    Password authenticated key exchange (PAKE) is where two or more parties, based only on their knowledge of a password, establish a cryptographic key using an exchange of messages, such that one who controls the communication channel but does not possess the password cannot participate in the method and is constrained as much as possible from guessing the password. (The optimal case yields exactly one guess per run exchange.) Two forms of PAKE are Balanced and Augmented methods.

    Balanced PAKE allows parties that use the same password to negotiate and authenticate a shared key. Examples of these are:

      PAK and PPK
      SPEKE (Simple password exponential key exchange)

    Augmented PAKE is a variation applicable to client/server scenarios, in which an attacker must perform a successful brute-force attack in order to masquerade as the client using stolen server data. Examples of these are:

      AMP
      Augmented-EKE
      B-SPEKE
      PAK-Z

    Password-authenticated key retrieval is a process in which a client obtains a static key in a password-based negotiation with a server that knows data associated with the password, such as the Ford and Kaliski methods. In the most stringent setting, one party uses only a password in conjunction with two or more (N) servers to retrieve a static key, in a way that protects the password (and key) even if any N-1 of the servers are completely compromised.

        Password-authenticated key agreement
            Brief history
            See also

    top

    Brief history

    The first successful password-authenticated key agreement methods were Encrypted Key Exchange methods described by Steven M. Bellovin and Michael Merritt in 1992. Although several of the first methods were flawed, the surviving and enhanced forms of EKE effectively amplify a shared password into a shared key, where the key may subsequently be used to provide a zero-knowledge password proof or other functions.

    The first password-authenticated key retrieval methods were described by Ford and Kaliski in 2000.

    A considerable number of refinements, alternatives, variations, and security proofs have been proposed in this growing class of password-authenticated key agreement methods. Current standardization efforts for these methods include IETF RFC 2945, IEEE P1363.2, and ISO-IEC Draft 11770-4.

    top

    See also
     
    Search more:
     

       
    Source Privacy License Download Contact Us Atlas
    Scientus.org Dictionary (Yet Another Wiki) RC : 1.39
    This article is licensed under the GNU Free Documentation License [copyleft]. It uses material from the Wikipedia article "Password-authenticated key agreement". link