PAKE
RFC8125: Requirements for Password-Authenticated Key Agreement (PAKE) Schemes
Password Authenticated Key Exchange (PAKE) protocols 指的是通信双方基于共享的password安全生成session key。
balanced PAKE是指通信双方保存相同的password,augumented PAKE是指其中一方保存password的变换值。
PFS & wPFS
HMQV: A High-Performance Secure Diffie-Hellman Protocol
Session-Key Generation using Human Passwords Only
PFS (perfect forward secrecy) 指即使long term key泄漏,也不会影响之前的session key
wPFS (weak perfect forward secrecy) 指即使long term key泄漏,也不会影响之前passive attacker监听下的session key(但是 actively interfered attacker的session key可能受影响)
公钥的传输方式
Encrypted Key Exchange(EKE):以Password派生的kek,加密ephemeral public key
J-PAKE:交换ephemeral public key,以及基于password派生的value
Strong Password-Only Authenticated Key Exchange (SPEKE):基于Password派生generator,交换派生的public key
PACE:加密传输nonce,以nonce派生common base。
是否多人参与
Group PAKEs
安全性
尤其是对dictionary attack的抗性
用途
基于password做key distribution
是否整合long term public key
用户标识的隐私保护可考虑数字信封
形态
balanced PAKE
augumented PAKE