[IRTF-Announce] RFC 9382 on SPAKE2, a Password-Authenticated Key Exchange
rfc-editor@rfc-editor.org Sat, 30 September 2023 16:23 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: irtf-announce@ietfa.amsl.com
Delivered-To: irtf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F3343C16B5C3; Sat, 30 Sep 2023 09:23:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.468
X-Spam-Level:
X-Spam-Status: No, score=-4.468 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, RDNS_NONE=0.793, SPF_HELO_SOFTFAIL=0.732, SPF_SOFTFAIL=0.665, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jbCzHQQKLDKl; Sat, 30 Sep 2023 09:23:15 -0700 (PDT)
Received: from rfcpa.amsl.com (unknown [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3C04FC1782BF; Sat, 30 Sep 2023 09:23:15 -0700 (PDT)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 222AA7633A; Sat, 30 Sep 2023 09:23:15 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org, irtf-announce@irtf.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, cfrg@irtf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20230930162315.222AA7633A@rfcpa.amsl.com>
Date: Sat, 30 Sep 2023 09:23:15 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/irtf-announce/TRMIXCkaa7MBPs5V4Z7NJio4kws>
Subject: [IRTF-Announce] RFC 9382 on SPAKE2, a Password-Authenticated Key Exchange
X-BeenThere: irtf-announce@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IRTF-Announce <irtf-announce.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/irtf-announce/>
List-Post: <mailto:irtf-announce@irtf.org>
List-Help: <mailto:irtf-announce-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Sep 2023 16:23:20 -0000
A new Request for Comments is now available in online RFC libraries. RFC 9382 Title: SPAKE2, a Password-Authenticated Key Exchange Author: W. Ladd Status: Informational Stream: IRTF Date: September 2023 Mailbox: watsonbladd@gmail.com Pages: 17 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-irtf-cfrg-spake2-26.txt URL: https://www.rfc-editor.org/info/rfc9382 DOI: 10.17487/RFC9382 This document describes SPAKE2, which is a protocol for two parties that share a password to derive a strong shared key without disclosing the password. This method is compatible with any group, is computationally efficient, and has a security proof. This document predated the Crypto Forum Research Group (CFRG) password-authenticated key exchange (PAKE) competition, and it was not selected; however, given existing use of variants in Kerberos and other applications, it was felt that publication was beneficial. Applications that need a symmetric PAKE, but are unable to hash onto an elliptic curve at execution time, can use SPAKE2. This document is a product of the Crypto Forum Research Group in the Internet Research Task Force (IRTF). This document is a product of the Crypto Forum Research Group of the IRTF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce lists.To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist https://www.irtf.org/mailman/listinfo/irtf-announce For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC