%% You should probably cite draft-ietf-kitten-krb-spake-preauth-13 instead of this revision.
@techreport{ietf-kitten-krb-spake-preauth-09,
    number =    {draft-ietf-kitten-krb-spake-preauth-09},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-ietf-kitten-krb-spake-preauth/09/},
    author =    {Nathaniel McCallum and Simo Sorce and Robbie Harwood and Greg Hudson},
    title =     {{SPAKE Pre-Authentication}},
    pagetotal = 37,
    year =      2020,
    month =     jun,
    day =       10,
    abstract =  {This document defines a new pre-authentication mechanism for the Kerberos protocol that uses a password authenticated key exchange. This document has three goals. First, increase the security of Kerberos pre-authentication exchanges by making offline brute-force attacks infeasible. Second, enable the use of second factor authentication without the need for a separately-established secure channel. This is achieved using the existing trust relationship established by the shared first factor. Third, make Kerberos pre- authentication more resilient against time synchronization errors by removing the need to transfer an encrypted timestamp from the client.},
}