Skip to main content

SPAKE2, a Password-Authenticated Key Exchange
RFC 9382

Revision differences

Document history

Date By Action
2024-01-25
Cindy Morgan Removed "Benjamin Kaduk" as author
2023-09-30
(System)
Received changes through RFC Editor sync (created alias RFC 9382, changed title to 'SPAKE2, a Password-Authenticated Key Exchange', changed abstract to 'This document describes …
Received changes through RFC Editor sync (created alias RFC 9382, changed title to 'SPAKE2, a Password-Authenticated Key Exchange', changed abstract to 'This document describes SPAKE2, which is a protocol for two parties that share a password to derive a strong shared key without disclosing the password.  This method is compatible with any group, is computationally efficient, and has a security proof.  This document predated the Crypto Forum Research Group (CFRG) password-authenticated key exchange (PAKE) competition, and it was not selected; however, given existing use of variants in Kerberos and other applications, it was felt that publication was beneficial.  Applications that need a symmetric PAKE, but are unable to hash onto an elliptic curve at execution time, can use SPAKE2.  This document is a product of the Crypto Forum Research Group in the Internet Research Task Force (IRTF).', changed standardization level to Informational, changed state to RFC, added RFC published event at 2023-09-30, changed IRTF state to Published RFC)
2023-09-30
(System) RFC published