IETF Logo Mail Archive

[IRTF-Announce] RFC 9382 on SPAKE2, a Password-Authenticated Key Exchange

rfc-editor@rfc-editor.org Sat, 30 September 2023 16:23 UTC

Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: irtf-announce@ietfa.amsl.com
Delivered-To: irtf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3343C16B5C3; Sat, 30 Sep 2023 09:23:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.468
X-Spam-Level:
X-Spam-Status: No, score=-4.468 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_SOFTFAIL=0.732, SPF_SOFTFAIL=0.665, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jbCzHQQKLDKl; Sat, 30 Sep 2023 09:23:15 -0700 (PDT)
Received: from rfcpa.amsl.com (unknown [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C04FC1782BF; Sat, 30 Sep 2023 09:23:15 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 222AA7633A; Sat, 30 Sep 2023 09:23:15 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org, irtf-announce@irtf.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, cfrg@irtf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20230930162315.222AA7633A@rfcpa.amsl.com>
Date: Sat, 30 Sep 2023 09:23:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/irtf-announce/TRMIXCkaa7MBPs5V4Z7NJio4kws>
Subject: [IRTF-Announce] RFC 9382 on SPAKE2, a Password-Authenticated Key Exchange
X-BeenThere: irtf-announce@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IRTF-Announce <irtf-announce.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/irtf-announce/>
List-Post: <mailto:irtf-announce@irtf.org>
List-Help: <mailto:irtf-announce-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Sep 2023 16:23:20 -0000

A new Request for Comments is now available in online RFC libraries.

        
        RFC 9382

        Title:      SPAKE2, a Password-Authenticated Key Exchange 
        Author:     W. Ladd
        Status:     Informational
        Stream:     IRTF
        Date:       September 2023
        Mailbox:    watsonbladd@gmail.com
        Pages:      17
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-irtf-cfrg-spake2-26.txt

        URL:        https://www.rfc-editor.org/info/rfc9382

        DOI:        10.17487/RFC9382

This document describes SPAKE2, which is a protocol for two parties
that share a password to derive a strong shared key without
disclosing the password. This method is compatible with any group, is
computationally efficient, and has a security proof. This document
predated the Crypto Forum Research Group (CFRG)
password-authenticated key exchange (PAKE) competition, and it was
not selected; however, given existing use of variants in Kerberos and
other applications, it was felt that publication was beneficial.
Applications that need a symmetric PAKE, but are unable to hash onto
an elliptic curve at execution time, can use SPAKE2. This document is
a product of the Crypto Forum Research Group in the Internet Research
Task Force (IRTF).

This document is a product of the Crypto Forum Research Group of the IRTF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce lists.To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
  https://www.irtf.org/mailman/listinfo/irtf-announce

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

v2.23.0 | Report a Bug | By Email