The SPEKE Password-Based Key Agreement Methods

Document Type Expired Internet-Draft (individual)
Last updated 2002-11-11
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document describes SPEKE, B-SPEKE, and SRP-4, three methods for password-based key agreement and authentication. In the same class of techniques as SRP-3 [RFC 2945], these methods provide a zero- knowledge proof of a password and authenticate session keys over an unprotected channel, with minimal dependency on infrastructure and proper user behavior. These methods are compatible with IEEE 1363 and ANSI X9 standards, and are closely aligned with RFC 2945 from an application perspective. They use different techniques than earlier patented alternatives, and provide an expanded set of choices for convenient and secure personal authentication over the Internet.


David Jablon (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)