Requirements for Password-Authenticated Key Agreement Schemes
RFC 8125, “Requirements for Password-Authenticated Key Agreement Schemes”, is an Informational document published in April 2017 by J. Schmidt. The canonical text is published by the RFC Editor.
Abstract
Password-Authenticated Key Agreement (PAKE) schemes are interactive protocols that allow the participants to authenticate each other and derive shared cryptographic keys using a (weaker) shared password. This document reviews different types of PAKE schemes. Furthermore, it presents requirements and gives recommendations to designers of new schemes. It is a product of the Crypto Forum Research Group (CFRG).
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 8125 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8124 The Session Description Protocol WebSocket Connection URI Attribute
- RFC 8126 Guidelines for Writing an IANA Considerations Section in RFCs
- RFC 8123 Requirements for Marking SIP Messages to be Logged
- RFC 8127 Mobile Access Gateway Configuration Parameters Controlled by the Local Mobility Anchor
- RFC 8122 Connection-Oriented Media Transport over the Transport Layer Security Protocol in the Session Description Protocol
- RFC 8128 IETF Appointment Procedures for the ICANN Root Zone Evolution Review Committee
- RFC 8121 Mutual Authentication Protocol for HTTP: Cryptographic Algorithms Based on the Key Agreement Mechanism 3
- RFC 8129 Authentication Indicator in Kerberos Tickets