PAKE: Password Authenticated Key Exchange
Password-Authenticated Key Exchange is a protocol for multiple parties to establish a shared cryptographic keys based on their same knowledge of a password. All parties can compute the exactly same result from the password and the public messages exchanged among them. The unauthorized party who doesn't possess the password has no way to get the password from the communication channel. With the password, there is no need for a trusted third party like public key infrastructure(PKI) for authentication.
PAKE prevents attacks from an eavesdropper or man-in-middle. The attackers are unable to guess the password without interaction with engaging parties. It can use weak human-memorable passwords to generate a high-entropy strong key to encrypt/decrypt, so it's very convenient in use and widely deployed in many commercial applications today.
Applications
- Mutual authentication by low-entropy passwords: PAKE can generate a high-entropy cryptographically strong key from low-entropy passwords for engaging parties to authenticate mutually.
- Alternative for computationally expensive authentication: For low-end devices, it's computationally expensive to use asymmetric encryption like RSA. It would be easy to use a simple symmetric encryption protocol like pake to do it.
PAKE Family
There are so many PAKE protocol had been proposed. In our content, only two protocols will be mentioned. One is Balanced PAKE, and the other is Augmented PAKE.
Overview of PAKE family we will mention:
- Balanced PAKE
- EKE: Encrypted Key Exchange
- DH-EKE: Diffie-Hellman Encrypted Key Exchange
- SPEKE: Simple Password Exponential Key Exchange
- J-PAKE: Password Authenticated Key Exchange by Juggling
- EKE: Encrypted Key Exchange
- Augmented PAKE
- SRP: Secure Remote Password protocol
Goal of PAKE
Establish a shared key among devices for encryption without PKI
Diffie-Hellman Key Exchange
Many protocols of PAKE are variant of Diffie-Hellman Key Exchange. In order to understand the balance PAKE such as DH-EKE, SPEKE, or the augmented PAKE such as SRP, the first thing you need to do is to understand the underlying Diffie-Hellman Key Exchange. For those who don't know it, please read Diffie-Hellman Key Exchange in appendix. If you are already familiar with it, just skip it and keep on reading.