Overview#Password-authenticated Key Agreement Authentication Method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a Shared Secret (or Password).
An important property is that an eavesdropper or Man-In-The-Middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each (few) guesses. This means that strong security can be obtained using weak passwords.
Password-authenticated key agreement generally encompasses methods such as:
- Balanced password-authenticated key exchange
- Augmented Password-authenticated Key Exchange (PAKE)
- Password-authenticated key retrieval
- Multi-server methods
- Multi-party methods