Security Evaluated Standardized Password-Authenticated Key Exchange ¶
- Algorithm type
Password-Authenticated balanced Key Agreement protocol (PAKE)
- RFC
8133
Features:
- Password can be weak (strong PAKE), offline dictionary attacks are not dangerous
- PBKDF2 password strengthening
- There is key confirmation step
- GOST R 34.10 elliptic can could be used