A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Crypto Forum Research Group Working Group of
the IETF.
Title : Augmented Password-Authenticated Key Exchange
(AugPAKE)
Author(s) : SeongHan Shin
Kazukuni Kobara
Filename : draft-irtf-cfrg-augpake-00.txt
Pages : 17
Date : 2013-09-06
Abstract:
This document describes a secure and highly-efficient augmented
password-authenticated key exchange (AugPAKE) protocol where a user
remembers a low-entropy password and its verifier is registered in
the intended server. In general, the user password is chosen from a
small set of dictionary whose space is within the off-line dictionary
attacks. The AugPAKE protocol described here is secure against
passive attacks, active attacks and off-line dictionary attacks (on
the obtained messages with passive/active attacks). Also, this
protocol provides resistance to server compromise in the context that
an attacker, who obtained the password verifier from the server, must
at least perform off-line dictionary attacks to gain any advantage in
impersonating the user. The AugPAKE protocol is not only provably
secure in the random oracle model but also the most efficient over
the previous augmented PAKE protocols (SRP and AMP).
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-augpake
There's also a htmlized version available at:
http://tools.ietf.org/html/draft-irtf-cfrg-augpake-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
