The OPAQUE Asymmetric PAKE Protocol
draft-irtf-cfrg-opaque-09
Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
|
|
---|---|---|---|
Authors | Daniel Bourdrez , Hugo Krawczyk , Kevin Lewi , Christopher A. Wood | ||
Last updated | 2023-01-07 (Latest revision 2022-07-06) | ||
Replaces | draft-krawczyk-cfrg-opaque | ||
RFC stream | Internet Research Task Force (IRTF) | ||
Formats | |||
IETF conflict review | conflict-review-irtf-cfrg-opaque, conflict-review-irtf-cfrg-opaque, conflict-review-irtf-cfrg-opaque, conflict-review-irtf-cfrg-opaque | ||
Additional resources | Mailing list discussion | ||
Stream | IRTF state | Active RG Document | |
Consensus boilerplate | Yes | ||
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes the OPAQUE protocol, a secure asymmetric password-authenticated key exchange (aPAKE) that supports mutual authentication in a client-server setting without reliance on PKI and with security against pre-computation attacks upon server compromise. In addition, the protocol provides forward secrecy and the ability to hide the password from the server, even during password registration. This document specifies the core OPAQUE protocol and one instantiation based on 3DH.
Authors
Daniel Bourdrez
Hugo Krawczyk
Kevin Lewi
Christopher A. Wood
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)