File formats:

Also available: XML file for editing

 

Status:

INFORMATIONAL

Authors:

D. Bourdrez
H. Krawczyk
K. Lewi
C. A. Wood

Stream:

IRTF

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9807

Discuss this RFC: Send questions or comments to the mailing list cfrg@irtf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9807

Abstract

This document describes the OPAQUE protocol, an Augmented (or Asymmetric) Password-Authenticated Key Exchange (aPAKE) protocol that supports mutual authentication in a client-server setting without reliance on PKI and with security against pre-computation attacks upon server compromise. In addition, the protocol provides forward secrecy and the ability to hide the password from the server, even during password registration. This document specifies the core OPAQUE protocol and one instantiation based on 3DH. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.