{"draft":"draft-irtf-cfrg-spake2-26","doc_id":"RFC9382","title":"SPAKE2, a Password-Authenticated Key Exchange","authors":["W. Ladd"],"format":["HTML","TEXT","PDF","XML"],"page_count":"17","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Crypto Forum Research Group","abstract":"This document describes SPAKE2, which is a protocol for two parties\r\nthat share a password to derive a strong shared key without\r\ndisclosing the password. This method is compatible with any group, is\r\ncomputationally efficient, and has a security proof. This document\r\npredated the Crypto Forum Research Group (CFRG)\r\npassword-authenticated key exchange (PAKE) competition, and it was\r\nnot selected; however, given existing use of variants in Kerberos and\r\nother applications, it was felt that publication was beneficial.\r\nApplications that need a symmetric PAKE, but are unable to hash onto\r\nan elliptic curve at execution time, can use SPAKE2. This document is\r\na product of the Crypto Forum Research Group in the Internet Research\r\nTask Force (IRTF).","pub_date":"September 2023","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9382","errata_url":null}