Let’s talk about PAKE

Created on 2022-09-09T07:49:34-05:00

Return to the Index

This card pertains to a resource available on the internet.

This card can also be read via Gemini.

Purpose of a PAKE system is so that a password can be used to authenticate a Diffie-Hellman key exchange. Ideally the server never learns the password and the client never learns the salt. High security padding/extension can be done on a password because the server does not need to verify that; the client pays to hash.

SRP: protocol used by Apple. Old, patents are expired, but had many revisions due to security failure.

OPAQUE: newer PAKE algorithm that could be used with elliptic curve crypto.