J-PAKE: Password Authenticated Key Exchange by Juggling
draft-hao-jpake-04

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft that was ultimately published as RFC 8236.
Author Feng Hao
Last updated 2016-09-28 (Latest revision 2016-07-06)
RFC stream Independent Submission
Formats
txt htmlized pdf bibtex bibxml
IETF conflict review conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake
Additional resources
Stream ISE state In ISE Review
Revised I-D Needed
Consensus boilerplate Unknown
Document shepherd (None)
IESG IESG state Became RFC 8236 (Informational)
Telechat date (None)
Responsible AD (None)
Send notices to (None)
Email authors IPR References Referenced by Nits Search email archive
draft-hao-jpake-04 
quot;, BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

Hao                      Expires January 7, 2017               [Page 11]
Internet-Draft                   J-PAKE                        July 2016

   [RFC5054]  Taylor, D., Wu, T., Mavrogiannopoulos, N., and T. Perrin,
              "Using the Secure Remote Password (SRP) Protocol for TLS
              Authentication", RFC 5054, DOI 10.17487/RFC5054, November
              2007, <http://www.rfc-editor.org/info/rfc5054>.

   [SEC1]     "Standards for Efficient Cryptography. SEC 1: Elliptic
              Curve Cryptography",  SECG SEC1-v2, May 2004,
              <http://www.secg.org/sec1-v2.pdf>.

   [ABM15]    Abdalla, M., Benhamouda, F., and P. MacKenzie, "Security
              of the J-PAKE Password-Authenticated Key Exchange
              Protocol",  IEEE Symposium on Security and Privacy, May
              2015.

   [BM92]     Bellovin, S. and M. Merrit, "Encrypted Key Exchange:
              Password-based Protocols Secure against Dictionary
              Attacks",  IEEE Symposium on Security and Privacy, May
              1992.

   [HR08]     Hao, F. and P. Ryan, "Password Authenticated Key Exchange
              by Juggling",  16th Workshop on Security Protocols
              (SPW'08), May 2008.

   [HR10]     Hao, F. and P. Ryan, "J-PAKE: Authenticated Key Exchange
              Without PKI",  Springer Transactions on Computational
              Science XI, 2010.

   [HS14]     Hao, F. and S. Shahandashti, "The SPEKE Protocol
              Revisited",  Security Standardisation Research, December
              2014.

   [Jab96]    Jablon, D., "Strong Password-Only Authenticated Key
              Exchange",  ACM Computer Communications Review, October
              1996.

   [Wu98]     Wu, T., "The Secure Remote Password protocol",  Symposimum
              on Network and Distributed System Security, March 1998.

   [I-D-Schnorr]
              Hao, F., "Schnorr NIZK proof: Non-interactive Zero
              Knowledge Proof for Discrete Logarithm",  Internet Draft
              submitted to IETF, 2013.

9.2.  Informative References

Hao                      Expires January 7, 2017               [Page 12]
Internet-Draft                   J-PAKE                        July 2016

   [BJS07]    Barker, E., Johnson, D., and M. Smid, "Recommendation for
              Pair-Wise Key Establishment Schemes Using Discrete
              Logarithm Cryptography (Revised)",  NIST Special
              Publication 800-56A, March 2007,
              <http://csrc.nist.gov/publications/nistpubs/800-56A/
              SP800-56A_Revision1_Mar08-2007.pdf>.

   [Jas96]    Jaspan, B., "Dual-Workfactor Encrypted Key Exchange:
              Efficiently Preventing Password Chaining and Dictionary
              Attacks",  USENIX Symphosium on Security, July 1996.

   [Zha04]    Zhang, M., "Analysis of The SPEKE Password-Authenticated
              Key Exchange Protocol",  IEEE Communications Letters,
              January 2004.

   [Hao10]    Hao, F., "On Small Subgroup Non-Confinement Attacks",
               IEEE conference on Computer and Information Technology,
              2010.

9.3.  URIs

   [1] https://wiki.mozilla.org/Services/Sync/SyncKey/J-PAKE

   [2] https://www.palemoon.org/sync/

   [3] http://boinc.berkeley.edu/android-boinc/libssl/crypto/jpake/

   [4] https://dxr.mozilla.org/mozilla-
       central/source/security/nss/lib/freebl/jpake.c

   [5] https://www.bouncycastle.org/docs/docs1.5on/org/bouncycastle/cryp
       to/agreement/jpake/package-summary.html

   [6] http://threadgroup.org/Portals/0/documents/whitepapers/
       Thread%20Commissioning%20white%20paper_v2_public.pdf

   [7] http://www.iso.org/iso/home/store/catalogue_tc/
       catalogue_detail.htm?csnumber=67933

Author's Address

Hao                      Expires January 7, 2017               [Page 13]
Internet-Draft                   J-PAKE                        July 2016

   Feng Hao (editor)
   Newcastle University (UK)
   Claremont Tower, School of Computing Science, Newcastle University
   Newcastle Upon Tyne
   United Kingdom

   Phone: +44 (0)191-208-6384
   EMail: feng.hao@ncl.ac.uk

Hao                      Expires January 7, 2017               [Page 14]