Security Evaluated Standardized Password-Authenticated Key Exchange (GOST cryptography)

Previous: External/internal rekeying mechanisms, Up: GOST cryptography

Security Evaluated Standardized Password-Authenticated Key Exchange ¶

Algorithm type: Password-Authenticated balanced Key Agreement protocol (PAKE)
RFC: 8133

Features:

Password can be weak (strong PAKE), offline dictionary attacks are not dangerous
PBKDF2 password strengthening
There is key confirmation step
GOST R 34.10 elliptic can could be used