PAKE (Password-Authenticated Key Exchange).

A class of cryptographic protocols (SRP, OPAQUE, SPAKE2, CPace) that let two parties derive a strong shared key from a low-entropy password without exposing the password to offline brute-force or to passive eavesdroppers. 它属于网络安全的 密码学 分类。

A class of cryptographic protocols (SRP, OPAQUE, SPAKE2, CPace) that let two parties derive a strong shared key from a low-entropy password without exposing the password to offline brute-force or to passive eavesdroppers.

Password-Authenticated Key Exchange (PAKE) protocols solve a long-standing problem: how to let a user prove possession of a password to a server, and derive an authenticated session key, without ever sending the password (or anything offline-brute-forceable from it) over the wire. The first widely deployed PAKE was SRP-6a (used by Apple iCloud, 1Password, ProtonMail). Modern designs include SPAKE2 (used in CHIP/Matter device commissioning, IETF RFC 9382), CPace (the IETF augmented PAKE recommended in RFC 9380), and OPAQUE (an asymmetric / augmented PAKE that hides the password from the server even during enrolment). PAKE properties matter: a passive attacker on the network learns nothing about the password; an active attacker can only attempt one password per online interaction (no offline grinding); and an attacker who breaches the server's password database cannot impersonate users without further work. The IETF CFRG selected CPace and OPAQUE in 2020 as recommended modern PAKE designs. Adoption is growing: Matter uses SPAKE2 for QR-code device pairing, WPA3 uses Dragonfly (a PAKE-like SAE handshake), and several password managers and identity products now ship OPAQUE.

针对 PAKE (Password-Authenticated Key Exchange) 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: Password-Authenticated Key Exchange, Augmented PAKE。