The SPEKE Password-Based Key Agreement Methods
draft-jablon-speke-02
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | David Jablon | ||
| Last updated | 2002-11-11 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document describes SPEKE, B-SPEKE, and SRP-4, three methods for password-based key agreement and authentication. In the same class of techniques as SRP-3 [RFC 2945], these methods provide a zero- knowledge proof of a password and authenticate session keys over an unprotected channel, with minimal dependency on infrastructure and proper user behavior. These methods are compatible with IEEE 1363 and ANSI X9 standards, and are closely aligned with RFC 2945 from an application perspective. They use different techniques than earlier patented alternatives, and provide an expanded set of choices for convenient and secure personal authentication over the Internet.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)