SPAKE2, a Password-Authenticated Key Exchange
RFC 9382, “SPAKE2, a Password-Authenticated Key Exchange”, is an Informational document published in September 2023 by W. Ladd. The canonical text is published by the RFC Editor.
Abstract
This document describes SPAKE2, which is a protocol for two parties that share a password to derive a strong shared key without disclosing the password. This method is compatible with any group, is computationally efficient, and has a security proof. This document predated the Crypto Forum Research Group (CFRG) password-authenticated key exchange (PAKE) competition, and it was not selected; however, given existing use of variants in Kerberos and other applications, it was felt that publication was beneficial. Applications that need a symmetric PAKE, but are unable to hash onto an elliptic curve at execution time, can use SPAKE2. This document is a product of the Crypto Forum Research Group in the Internet Research Task Force (IRTF).
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 9382 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 9381 Verifiable Random Functions
- RFC 9383 SPAKE2+, an Augmented Password-Authenticated Key Exchange Protocol
- RFC 9380 Hashing to Elliptic Curves
- RFC 9384 A BGP Cease NOTIFICATION Subcode for Bidirectional Forwarding Detection
- RFC 9385 Using GOST Cryptographic Algorithms in the Internet Key Exchange Protocol Version 2
- RFC 9378 In Situ Operations, Administration, and Maintenance Deployment
- RFC 9386 IPv6 Deployment Status
- RFC 9377 IS-IS Flood Reflection