@misc{rfc9807,
    series =    {Request for Comments},
    number =    9807,
    howpublished =  {RFC 9807},
    publisher = {RFC Editor},
    doi =       {10.17487/RFC9807},
    url =       {https://www.rfc-editor.org/info/rfc9807},
    author =    {Daniel Bourdrez and Hugo Krawczyk and Kevin Lewi and Christopher A. Wood},
    title =     {{The OPAQUE Augmented Password-Authenticated Key Exchange (aPAKE) Protocol}},
    pagetotal = 73,
    year =      2025,
    month =     jul,
    abstract =  {This document describes the OPAQUE protocol, an Augmented (or Asymmetric) Password-Authenticated Key Exchange (aPAKE) protocol that supports mutual authentication in a client-server setting without reliance on PKI and with security against pre-computation attacks upon server compromise. In addition, the protocol provides forward secrecy and the ability to hide the password from the server, even during password registration. This document specifies the core OPAQUE protocol and one instantiation based on 3DH. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.},
}