J-PAKE: Password Authenticated Key Exchange by Juggling
draft-hao-jpake-04
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 8236.
|
|
---|---|---|---|
Author | Feng Hao | ||
Last updated | 2016-09-28 (Latest revision 2016-07-06) | ||
RFC stream | Independent Submission | ||
Formats | |||
IETF conflict review | conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake, conflict-review-hao-jpake | ||
Additional resources | |||
Stream | ISE state | In ISE Review | |
Consensus boilerplate | Unknown | ||
Document shepherd | (None) | ||
IESG | IESG state | Became RFC 8236 (Informational) | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
draft-hao-jpake-04
quot;, BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. Hao Expires January 7, 2017 [Page 11] Internet-Draft J-PAKE July 2016 [RFC5054] Taylor, D., Wu, T., Mavrogiannopoulos, N., and T. Perrin, "Using the Secure Remote Password (SRP) Protocol for TLS Authentication", RFC 5054, DOI 10.17487/RFC5054, November 2007, <http://www.rfc-editor.org/info/rfc5054>. [SEC1] "Standards for Efficient Cryptography. SEC 1: Elliptic Curve Cryptography", SECG SEC1-v2, May 2004, <http://www.secg.org/sec1-v2.pdf>. [ABM15] Abdalla, M., Benhamouda, F., and P. MacKenzie, "Security of the J-PAKE Password-Authenticated Key Exchange Protocol", IEEE Symposium on Security and Privacy, May 2015. [BM92] Bellovin, S. and M. Merrit, "Encrypted Key Exchange: Password-based Protocols Secure against Dictionary Attacks", IEEE Symposium on Security and Privacy, May 1992. [HR08] Hao, F. and P. Ryan, "Password Authenticated Key Exchange by Juggling", 16th Workshop on Security Protocols (SPW'08), May 2008. [HR10] Hao, F. and P. Ryan, "J-PAKE: Authenticated Key Exchange Without PKI", Springer Transactions on Computational Science XI, 2010. [HS14] Hao, F. and S. Shahandashti, "The SPEKE Protocol Revisited", Security Standardisation Research, December 2014. [Jab96] Jablon, D., "Strong Password-Only Authenticated Key Exchange", ACM Computer Communications Review, October 1996. [Wu98] Wu, T., "The Secure Remote Password protocol", Symposimum on Network and Distributed System Security, March 1998. [I-D-Schnorr] Hao, F., "Schnorr NIZK proof: Non-interactive Zero Knowledge Proof for Discrete Logarithm", Internet Draft submitted to IETF, 2013. 9.2. Informative References Hao Expires January 7, 2017 [Page 12] Internet-Draft J-PAKE July 2016 [BJS07] Barker, E., Johnson, D., and M. Smid, "Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised)", NIST Special Publication 800-56A, March 2007, <http://csrc.nist.gov/publications/nistpubs/800-56A/ SP800-56A_Revision1_Mar08-2007.pdf>. [Jas96] Jaspan, B., "Dual-Workfactor Encrypted Key Exchange: Efficiently Preventing Password Chaining and Dictionary Attacks", USENIX Symphosium on Security, July 1996. [Zha04] Zhang, M., "Analysis of The SPEKE Password-Authenticated Key Exchange Protocol", IEEE Communications Letters, January 2004. [Hao10] Hao, F., "On Small Subgroup Non-Confinement Attacks", IEEE conference on Computer and Information Technology, 2010. 9.3. URIs [1] https://wiki.mozilla.org/Services/Sync/SyncKey/J-PAKE [2] https://www.palemoon.org/sync/ [3] http://boinc.berkeley.edu/android-boinc/libssl/crypto/jpake/ [4] https://dxr.mozilla.org/mozilla- central/source/security/nss/lib/freebl/jpake.c [5] https://www.bouncycastle.org/docs/docs1.5on/org/bouncycastle/cryp to/agreement/jpake/package-summary.html [6] http://threadgroup.org/Portals/0/documents/whitepapers/ Thread%20Commissioning%20white%20paper_v2_public.pdf [7] http://www.iso.org/iso/home/store/catalogue_tc/ catalogue_detail.htm?csnumber=67933 Author's Address Hao Expires January 7, 2017 [Page 13] Internet-Draft J-PAKE July 2016 Feng Hao (editor) Newcastle University (UK) Claremont Tower, School of Computing Science, Newcastle University Newcastle Upon Tyne United Kingdom Phone: +44 (0)191-208-6384 EMail: feng.hao@ncl.ac.uk Hao Expires January 7, 2017 [Page 14]