http://www.rfc-editor.org/rfc/rfc5683.txt
RFC 5683: Password-Authenticated Key (PAK) Diffie-Hellman Exchange, A. Brusilovsky, I. Faynberg, Z. Zeltsan, S. Patel2010-02-01T23:00:00-00:00The protocol is secure against all passive and active attacks. In particular, it does not allow either type of attacker to obtain any information that would enable an offline dictionary attack on the password. PAK provides Forward Secrecy. This document is not an Internet Standards Track specification; it is published for informational purposes.