[Cfrg] I-D Action: draft-irtf-cfrg-augpake-08.txt

internet-drafts@ietf.org Tue, 18 July 2017 18:51 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: cfrg@ietf.org
Delivered-To: cfrg@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B3D8612EC11; Tue, 18 Jul 2017 11:51:21 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <i-d-announce@ietf.org>
Cc: cfrg@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.56.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150040388169.11304.11188669832144366187@ietfa.amsl.com>
Date: Tue, 18 Jul 2017 11:51:21 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/S0qjrTh3aqcSOm2pnBSDl9Qof9w>
Subject: [Cfrg] I-D Action: draft-irtf-cfrg-augpake-08.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.22
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jul 2017 18:51:22 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Crypto Forum of the IETF.

        Title           : Augmented Password-Authenticated Key Exchange (AugPAKE)
        Authors         : SeongHan Shin
                          Kazukuni Kobara
	Filename        : draft-irtf-cfrg-augpake-08.txt
	Pages           : 20
	Date            : 2017-07-18

   This document describes a secure and highly-efficient augmented
   password-authenticated key exchange (AugPAKE) protocol where a user
   remembers a low-entropy password and its verifier is registered in
   the intended server.  In general, the user's password is chosen from
   a small set of dictionary, making the password susceptible to offline
   dictionary attacks.  The AugPAKE protocol described here is secure
   against passive attacks, active attacks and offline dictionary
   attacks (on the obtained messages with passive/active attacks).
   Also, this protocol provides resistance to server compromise in the
   context that an attacker, who obtained the password verifier from the
   server, must at least perform offline dictionary attacks to gain any
   advantage in impersonating the user.  The AugPAKE protocol is not
   only provably secure in the random oracle model but also the most
   efficient over the previous augmented PAKE protocols (SRP and AMP).

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: