RFC 8133

The Security Evaluated Standardized Password-Authenticated Key Exchange (SESPAKE) Protocol, March 2017

File formats:
icon for text file icon for PDF icon for HTML
Status:
INFORMATIONAL
Authors:
S. Smyshlyaev, Ed.
E. Alekseev
I. Oshkin
V. Popov
Stream:
INDEPENDENT

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC8133

Discuss this RFC: Send questions or comments to rfc-ise@rfc-editor.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document describes the Security Evaluated Standardized Password- Authenticated Key Exchange (SESPAKE) protocol. The SESPAKE protocol provides password-authenticated key exchange for usage in systems for protection of sensitive information. The security proofs of the protocol were made for situations involving an active adversary in the channel, including man-in-the-middle (MitM) attacks and attacks based on the impersonation of one of the subjects.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.