PAKE (Password-Authenticated Key Exchange).

A class of cryptographic protocols (SRP, OPAQUE, SPAKE2, CPace) that let two parties derive a strong shared key from a low-entropy password without exposing the password to offline brute-force or to passive eavesdroppers. サイバーセキュリティの 暗号 カテゴリに属します。

A class of cryptographic protocols (SRP, OPAQUE, SPAKE2, CPace) that let two parties derive a strong shared key from a low-entropy password without exposing the password to offline brute-force or to passive eavesdroppers.

Password-Authenticated Key Exchange (PAKE) protocols solve a long-standing problem: how to let a user prove possession of a password to a server, and derive an authenticated session key, without ever sending the password (or anything offline-brute-forceable from it) over the wire. The first widely deployed PAKE was SRP-6a (used by Apple iCloud, 1Password, ProtonMail). Modern designs include SPAKE2 (used in CHIP/Matter device commissioning, IETF RFC 9382), CPace (the IETF augmented PAKE recommended in RFC 9380), and OPAQUE (an asymmetric / augmented PAKE that hides the password from the server even during enrolment). PAKE properties matter: a passive attacker on the network learns nothing about the password; an active attacker can only attempt one password per online interaction (no offline grinding); and an attacker who breaches the server's password database cannot impersonate users without further work. The IETF CFRG selected CPace and OPAQUE in 2020 as recommended modern PAKE designs. Adoption is growing: Matter uses SPAKE2 for QR-code device pairing, WPA3 uses Dragonfly (a PAKE-like SAE handshake), and several password managers and identity products now ship OPAQUE.

PAKE (Password-Authenticated Key Exchange) に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

一般的な別名: Password-Authenticated Key Exchange, Augmented PAKE。