0Pricing
Cryptology Academy · Lesson

PAKE Protocols and Their Properties

Survey the family of Password-Authenticated Key Exchange protocols including OPAQUE and SPAKE2.

PAKE Family Introduction

Password Authenticated Key Exchange (PAKE) is a family of protocols that allow two parties sharing only a low-entropy password to establish a high-entropy session key with mutual authentication. Unlike traditional password authentication, PAKE provides forward secrecy and resistance to offline dictionary attacks without transmitting the password.

Balanced vs Augmented PAKE

Balanced PAKE (B-PAKE) treats both parties symmetrically: both client and server hold the same secret (the password or a symmetric transform of it). Augmented PAKE (A-PAKE) is asymmetric: the server holds only a public verifier derived from the password, making server compromise non-catastrophic for client security.

All lessons in this course

  1. The Fundamental Password Authentication Problem
  2. SRP: Secure Remote Password Protocol
  3. PAKE Protocols and Their Properties
  4. Passwordless Auth: WebAuthn and FIDO2
← Back to Cryptology Academy