<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] ([PAKE]) is a special form of cryptographic [Key-Exchange] [protocol] was defined in [Year 1992]

[{$pagename}] protocols distinguishing feature is the [client] will [authenticate] to the server using a [password]. 

[{$pagename}] provides that an [eavesdropper] or [Man-In-The-Middle] cannot obtain enough [data] to be able to [Brute-Force] or guess a [password] (or [key]) without further interactions with the parties for each (few) guesses. This property allow strong security can be obtained using weak passwords.


[{$pagename}] is where two or more parties, based only on their knowledge of a [password], establish a [Cryptographic Key] using an exchange of [messages], such that an [unauthorized] party (one who controls the communication channel but does not possess the [password]) cannot participate in the method and is constrained as much as possible from brute force guessing the password. (The optimal case yields exactly one guess per run exchange.) 

[{$pagename}] has two basic classifications 

Balanced [{$pagename}] allows parties that use the same [password] to negotiate and [authenticate] a [Shared Secret]. This means that both parties have either [password] or, in some cases, [Private Key] for corresponding [Public Key]. In some scenarios [PKI] can be represented by [Ephemeral Keys] in order to simplify [Key-Exchange] and take less user interaction for [Public Key] management.


Augmented [{$pagename}] is a variation applicable to [Client-server] scenarios, in which the [server] does not store [password] equivalent [data]. This means that an [attacker] that stole the [server] [data] still cannot [masquerade] as the client unless they first perform a [Brute-Force] search for the [password]. Either there is one more vector for application of AugPAKE. When it comes to [Constrained Nodes] [Private Key] absence could be huge deal and some of the most popular and secure Balanced PAKE methods simply could not be applied.


!! Category
%%category [Information security]%%

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Password-authenticated Key Exchange|Wikipedia:Password-authenticated_key_agreement/|target='_blank'] - based on information obtained 2016-06-05
* [#2] - [Encrypted Key Exchange Password-Based Protocols Secure Against Dictionary Attacks|https://www.cs.columbia.edu/~smb/papers/neke.pdf|target='_blank'] - based on information obtained 2018-10-21
* [#3] - [Password-authenticated key agreement|http://cryptowiki.net/index.php?title=Password-authenticated_key_agreement|target='_blank'] - based on information obtained 2020-02-20 
</pre>