fbpx
Wikipedia

Password-authenticated key agreement

July 20, 2023

In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password.

An important property is that an eavesdropper or man-in-the-middle cannot obtain enough information to be able to brute-force guess a password without further interactions with the parties for each (few) guesses. This means that strong security can be obtained using weak passwords.

Types

Password-authenticated key agreement generally encompasses methods such as:

  • Balanced password-authenticated key exchange
  • Augmented password-authenticated key exchange
  • Password-authenticated key retrieval
  • Multi-server methods
  • Multi-party methods

In the most stringent password-only security models, there is no requirement for the user of the method to remember any secret or public data other than the password.

Password-authenticated key exchange (PAKE) is a method in which two or more parties, based only on their knowledge of a shared password,[1] establish a cryptographic key using an exchange of messages, such that an unauthorized party (one who controls the communication channel but does not possess the password) cannot participate in the method and is constrained as much as possible from brute-force guessing the password. (The optimal case yields exactly one guess per run exchange.) Two forms of PAKE are balanced and augmented methods.[1]

Balanced PAKE

Balanced PAKE assumes the two parties in either a client-client or client-server situation use the same secret password to negotiate and authenticate a shared key.[1] Examples of these are:

  • Encrypted Key Exchange (EKE)
  • PAK and PPK[2]
  • SPEKE (Simple password exponential key exchange)
  • Elliptic Curve based Secure Remote Password protocol (EC-SRP or SRP5)[3] There is a free Java card implementation.[4]
  • Dragonfly – IEEE Std 802.11-2012, RFC 5931, RFC 6617
  • CPace[5]
  • SPAKE1 and SPAKE2[6][7]
  • SESPAKE – RFC 8133
  • J-PAKE (Password Authenticated Key Exchange by Juggling) – ISO/IEC 11770-4 (2017), RFC 8236
  • ITU-T Recommendation X.1035
  • "Advanced modular handshake for key agreement and optional authentication"[8]

Augmented PAKE

Augmented PAKE is a variation applicable to client/server scenarios, in which the server does not store password-equivalent data. This means that an attacker that stole the server data still cannot masquerade as the client unless they first perform a brute force search for the password. Some augmented PAKE systems use an oblivious pseudorandom function to mix the user's secret password with the server's secret salt value, so that the user never learns the server's secret salt value and the server never learns the user's password (or password-equivalent value) or the final key.[9]

Examples include:

Key retrieval

Password-authenticated key retrieval is a process in which a client obtains a static key in a password-based negotiation with a server that knows data associated with the password, such as the Ford and Kaliski methods. In the most stringent setting, one party uses only a password in conjunction with N (two or more) servers to retrieve a static key. This is completed in a way that protects the password (and key) even if N − 1 of the servers are completely compromised.

Brief history

The first successful password-authenticated key agreement methods were Encrypted Key Exchange methods described by Steven M. Bellovin and Michael Merritt in 1992. Although several of the first methods were flawed, the surviving and enhanced forms of EKE effectively amplify a shared password into a shared key, which can then be used for encryption and/or message authentication. The first provably-secure PAKE protocols were given in work by M. Bellare, D. Pointcheval, and P. Rogaway (Eurocrypt 2000) and V. Boyko, P. MacKenzie, and S. Patel (Eurocrypt 2000). These protocols were proven secure in the so-called random oracle model (or even stronger variants), and the first protocols proven secure under standard assumptions were those of O. Goldreich and Y. Lindell (Crypto 2001) which serves as a plausibility proof but is not efficient, and J. Katz, R. Ostrovsky, and M. Yung (Eurocrypt 2001) which is practical.

The first password-authenticated key retrieval methods were described by Ford and Kaliski in 2000.

A considerable number of alternative, secure PAKE protocols were given in work by M. Bellare, D. Pointcheval, and P. Rogaway, variations, and security proofs have been proposed in this growing class of password-authenticated key agreement methods. Current standards for these methods include IETF RFC 2945, RFC 5054, RFC 5931, RFC 5998, RFC 6124, RFC 6617, RFC 6628 and RFC 6631, IEEE Std 1363.2-2008, ITU-T X.1035 and ISO-IEC 11770-4:2006.

PAKE selection process for use in internet protocols

On request of the internet engineering task force IETF, a PAKE selection process has been carried out in 2018 and 2019 by the IRTF crypto forum research group (CFRG). The selection process has been carried out in several rounds.[17] In the final round in 2019 four finalists AuCPace, OPAQUE (augmented cases) and CPace, SPAKE2 (balanced PAKE) prevailed. As a result of the CFRG selection process, two winner protocols were declared as "recommended by the CFRG for usage in IETF protocols": CPace and OPAQUE. [18]

See also

References

  1. ^ Designed to be not encumbered by patents.[10]
  1. ^ a b c Hao, Feng; Ryan, Peter Y. A. (2011). Christianson, Bruce; Malcolm, James A.; Matyas, Vashek; Roe, Michael (eds.). "Password Authenticated Key Exchange by Juggling". Security Protocols XVI. Lecture Notes in Computer Science. Berlin, Heidelberg: Springer. 6615: 159–171. doi:10.1007/978-3-642-22137-8_23. ISBN 978-3-642-22137-8.
  2. ^ a b Boyko, V.; P. MacKenzie; S. Patel (2000). "Provably Secure Password-Authenticated Key Exchange Using Diffie-Hellman". Advances in Cryptology — EUROCRYPT 2000. Lecture Notes in Computer Science. Vol. 1807. Springer-Verlag. pp. 156–171. doi:10.1007/3-540-45539-6_12. ISBN 978-3-540-67517-4.
  3. ^ Wang, Yongge (2006). "Security Analysis of a Password-Based Authentication Protocol Proposed to IEEE 1363" (PDF). Theoretical Computer Science. 352 (1–3): 280–287. arXiv:1207.5442. doi:10.1016/j.tcs.2005.11.038. S2CID 11618269.
  4. ^ "EC-SRP Java Card Applet". GitHub. March 2020.
  5. ^ Haase, Björn; Hesse, Julia; Abdalla, Michel (2021). "OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-computation Attacks" (PDF). Advances in Cryptology – EUROCRYPT 2018. Lecture Notes in Computer Science. Vol. 10822. pp. 456–486. doi:10.1007/978-3-319-78372-7_15. ISBN 978-3-319-78371-0. S2CID 4046378.
  6. ^ Abdalla, M.; D. Pointcheval (2005). Simple Password-Based Encrypted Key Exchange Protocols (PDF). Topics in Cryptology – CT-RSA 2005. Lecture Notes in Computer Science. Vol. 3376. Springer Berlin Heidelberg. pp. 191–208. CiteSeerX 10.1.1.59.8930. doi:10.1007/978-3-540-30574-3_14. ISBN 978-3-540-24399-1.
  7. ^ Ladd, Watson (8 February 2022). Kaduk, Benjamin (ed.). "SPAKE2, a PAKE (Draft)". IETF.
  8. ^ a b US11025421B2, Fay, Bjorn, "Advanced modular handshake for key agreement and optional authentication", issued 2021-06-01 
  9. ^ Matthew Green. "Let's talk about PAKE". 2018.
  10. ^ "What is SRP?". Stanford University.
  11. ^ Shin, SeongHan; Kobara, Kazukuni (June 2012). "Efficient Augmented Password-Only Authentication and Key Exchange for IKEv2". Internet Engineering Task Force. Archived from the original on 12 May 2021.
  12. ^ Krawczyk, Hugo; Lewi, Kevin; Wood, Christopher. "The OPAQUE Asymmetric PAKE Protocol (Draft)". Internet Engineering Task Force.
  13. ^ Tatiana Bradley (2020-12-08). "OPAQUE: The Best Passwords Never Leave your Device". The Cloudflare Blog.
  14. ^ Bourdrez, Daniel; Krawczyk, Hugo; Lewi, Kevin; Wood, Christopher A. (2022-07-06). "The OPAQUE Asymmetric PAKE Protocol (Internet Draft)". IETF.
  15. ^ Haase, Björn; Labrique, Benoît (August 2010). "AuCPace: Efficient verifier-based PAKE protocol tailored for the IIoT" (PDF). TCHES: 1–48. doi:10.13154/tches.v2019.i2.1-48. S2CID 4603454.
  16. ^ Taubert, T.; Wood, C. (5 May 2022). "SPAKE2+, an Augmented PAKE (Draft)". IETF.
  17. ^ Repository for the CFRG Pake selection process
  18. ^ Results of the CFRG PAKE selection process

Further reading

  • Bellare, M.; D. Pointcheval; P. Rogaway (2000). "Authenticated Key Exchange Secure against Dictionary Attacks". Advances in Cryptology — EUROCRYPT 2000. Lecture Notes in Computer Science. Vol. 1807. Springer-Verlag. pp. 139–155. doi:10.1007/3-540-45539-6_11. ISBN 978-3-540-67517-4.
  • Bellovin, S. M.; M. Merritt (May 1992). Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. Proceedings of the I.E.E.E. Symposium on Research in Security and Privacy. Oakland. p. 72. doi:10.1109/RISP.1992.213269. ISBN 978-0-8186-2825-2. S2CID 16063466.
  • Ford, W.; B. Kaliski (14–16 June 2000). Server-Assisted Generation of a Strong Secret from a Password. Proceedings of the IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises. Gaithersburg MD: NIST. p. 176. CiteSeerX 10.1.1.17.9502. doi:10.1109/ENABL.2000.883724. ISBN 978-0-7695-0798-9. S2CID 1977743.
  • Goldreich, O.; Y. Lindell (2001). "Session-Key Generation Using Human Passwords Only". Advances in Cryptology — CRYPTO 2001. Lecture Notes in Computer Science. Vol. 2139. Springer-Verlag. pp. 408–432. doi:10.1007/3-540-44647-8_24. ISBN 978-3-540-42456-7.
  • IEEE Std 1363.2-2008: IEEE Standard Specifications for Password-Based Public-Key Cryptographic Techniques. IEEE. 2009. ISBN 978-0-7381-5806-8. OCLC 319883358.
  • Katz, J.; R. Ostrovsky; M. Yung (2001). "Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords" (PDF). International Association for Cryptologic Research. Springer-Vergal.
  • Wu, T. (September 2000). "The SRP Authentication and Key Exchange System". RFC Editor. doi:10.17487/rfc2945. RFC 2945.
  • Taylor, D.; Wu, T.; Mavrogiannopoulos, N.; Perrin, T. (November 2007). "Using the Secure Remote Password (SRP) Protocol for TLS Authentication". RFC Editor. doi:10.17487/rfc5054. RFC 5054.
  • Harkins, D.; Zorn, G. (August 2010). "Extensible Authentication Protocol (EAP) Authentication Using Only a Password". RFC Editor. doi:10.17487/rfc5931. RFC 5931.
  • Sheffer, Y.; Zorn, G.; Tschofenig, H.; Fluhrer, S. (February 2011). "An EAP Authentication Method Based on the Encrypted Key Exchange (EKE) Protocol". RFC Editor. doi:10.17487/rfc6124. RFC 6124.
  • Harkins, D. (June 2012). "Secure Pre-Shared Key (PSK) Authentication for the Internet Key Exchange Protocol (IKE)". RFC Editor. doi:10.17487/rfc6617. RFC 6617.
  • ISO/IEC 11770-4:2006 Information technology—Security techniques—Key management—Part 4: Mechanisms based on weak secrets.
  • IEEE Std 802.11-2012: IEEE Standard for Information Technology – Part 11 Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specification. IEEE. 2012. ISBN 978-0-7381-8469-2. OCLC 1017978449.
  • Jarecki, Stanislaw; Krawczyk, Hugo; Xu, Jiayu (2018). "OPAQUE: An Asymmetric PAKE Protocol Secure Against Pre-computation Attacks". Advances in Cryptology – EUROCRYPT 2018 (PDF). Lecture Notes in Computer Science. Vol. 10822. pp. 456–486. doi:10.1007/978-3-319-78372-7_15. ISBN 978-3-319-78371-0. S2CID 4046378.
  • Smyshlyaev, Stanislav; Oshkin, Igor; Alekseev, Evgeniy; Ahmetzyanova, Liliya (2015). "On the Security of One Password Authenticated Key Exchange Protocol" (PDF). Cryptology ePrint Archive (Report 2015/1237).

External links

  • IEEE Std 1363.2-2008: IEEE Standard Specifications for Password-Based Public-Key Cryptographic Techniques
  • David Jablon's links for password-based cryptography
  • Simple Password-Based Encrypted Key Exchange Protocols Abdalla et al 2005

July 20, 2023
password, authenticated, agreement, cryptography, password, authenticated, agreement, method, interactive, method, more, parties, establish, cryptographic, keys, based, more, party, knowledge, password, important, property, that, eavesdropper, middle, cannot, . In cryptography a password authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party s knowledge of a password An important property is that an eavesdropper or man in the middle cannot obtain enough information to be able to brute force guess a password without further interactions with the parties for each few guesses This means that strong security can be obtained using weak passwords Contents 1 Types 1 1 Balanced PAKE 1 2 Augmented PAKE 1 3 Key retrieval 2 Brief history 3 PAKE selection process for use in internet protocols 4 See also 5 References 6 Further reading 7 External linksTypes EditPassword authenticated key agreement generally encompasses methods such as Balanced password authenticated key exchange Augmented password authenticated key exchange Password authenticated key retrieval Multi server methods Multi party methodsIn the most stringent password only security models there is no requirement for the user of the method to remember any secret or public data other than the password Password authenticated key exchange PAKE is a method in which two or more parties based only on their knowledge of a shared password 1 establish a cryptographic key using an exchange of messages such that an unauthorized party one who controls the communication channel but does not possess the password cannot participate in the method and is constrained as much as possible from brute force guessing the password The optimal case yields exactly one guess per run exchange Two forms of PAKE are balanced and augmented methods 1 Balanced PAKE Edit Balanced PAKE assumes the two parties in either a client client or client server situation use the same secret password to negotiate and authenticate a shared key 1 Examples of these are Encrypted Key Exchange EKE PAK and PPK 2 SPEKE Simple password exponential key exchange Elliptic Curve based Secure Remote Password protocol EC SRP or SRP5 3 There is a free Java card implementation 4 Dragonfly IEEE Std 802 11 2012 RFC 5931 RFC 6617 CPace 5 SPAKE1 and SPAKE2 6 7 SESPAKE RFC 8133 J PAKE Password Authenticated Key Exchange by Juggling ISO IEC 11770 4 2017 RFC 8236 ITU T Recommendation X 1035 Advanced modular handshake for key agreement and optional authentication 8 Augmented PAKE Edit Augmented PAKE is a variation applicable to client server scenarios in which the server does not store password equivalent data This means that an attacker that stole the server data still cannot masquerade as the client unless they first perform a brute force search for the password Some augmented PAKE systems use an oblivious pseudorandom function to mix the user s secret password with the server s secret salt value so that the user never learns the server s secret salt value and the server never learns the user s password or password equivalent value or the final key 9 Examples include AMP Augmented EKE B SPEKE PAK X 2 SRP a AugPAKE 11 OPAQUE 12 13 14 AuCPace 15 SPAKE2 16 Advanced modular handshake for key agreement and optional authentication 8 Key retrieval Edit Password authenticated key retrieval is a process in which a client obtains a static key in a password based negotiation with a server that knows data associated with the password such as the Ford and Kaliski methods In the most stringent setting one party uses only a password in conjunction with N two or more servers to retrieve a static key This is completed in a way that protects the password and key even if N 1 of the servers are completely compromised Brief history EditThe first successful password authenticated key agreement methods were Encrypted Key Exchange methods described by Steven M Bellovin and Michael Merritt in 1992 Although several of the first methods were flawed the surviving and enhanced forms of EKE effectively amplify a shared password into a shared key which can then be used for encryption and or message authentication The first provably secure PAKE protocols were given in work by M Bellare D Pointcheval and P Rogaway Eurocrypt 2000 and V Boyko P MacKenzie and S Patel Eurocrypt 2000 These protocols were proven secure in the so called random oracle model or even stronger variants and the first protocols proven secure under standard assumptions were those of O Goldreich and Y Lindell Crypto 2001 which serves as a plausibility proof but is not efficient and J Katz R Ostrovsky and M Yung Eurocrypt 2001 which is practical The first password authenticated key retrieval methods were described by Ford and Kaliski in 2000 A considerable number of alternative secure PAKE protocols were given in work by M Bellare D Pointcheval and P Rogaway variations and security proofs have been proposed in this growing class of password authenticated key agreement methods Current standards for these methods include IETF RFC 2945 RFC 5054 RFC 5931 RFC 5998 RFC 6124 RFC 6617 RFC 6628 and RFC 6631 IEEE Std 1363 2 2008 ITU T X 1035 and ISO IEC 11770 4 2006 PAKE selection process for use in internet protocols EditOn request of the internet engineering task force IETF a PAKE selection process has been carried out in 2018 and 2019 by the IRTF crypto forum research group CFRG The selection process has been carried out in several rounds 17 In the final round in 2019 four finalists AuCPace OPAQUE augmented cases and CPace SPAKE2 balanced PAKE prevailed As a result of the CFRG selection process two winner protocols were declared as recommended by the CFRG for usage in IETF protocols CPace and OPAQUE 18 See also EditCryptographic protocol IEEE P1363 Simultaneous Authentication of Equals Outline of cryptography Zero knowledge password proofReferences Edit Designed to be not encumbered by patents 10 a b c Hao Feng Ryan Peter Y A 2011 Christianson Bruce Malcolm James A Matyas Vashek Roe Michael eds Password Authenticated Key Exchange by Juggling Security Protocols XVI Lecture Notes in Computer Science Berlin Heidelberg Springer 6615 159 171 doi 10 1007 978 3 642 22137 8 23 ISBN 978 3 642 22137 8 a b Boyko V P MacKenzie S Patel 2000 Provably Secure Password Authenticated Key Exchange Using Diffie Hellman Advances in Cryptology EUROCRYPT 2000 Lecture Notes in Computer Science Vol 1807 Springer Verlag pp 156 171 doi 10 1007 3 540 45539 6 12 ISBN 978 3 540 67517 4 Wang Yongge 2006 Security Analysis of a Password Based Authentication Protocol Proposed to IEEE 1363 PDF Theoretical Computer Science 352 1 3 280 287 arXiv 1207 5442 doi 10 1016 j tcs 2005 11 038 S2CID 11618269 EC SRP Java Card Applet GitHub March 2020 Haase Bjorn Hesse Julia Abdalla Michel 2021 OPAQUE An Asymmetric PAKE Protocol Secure Against Pre computation Attacks PDF Advances in Cryptology EUROCRYPT 2018 Lecture Notes in Computer Science Vol 10822 pp 456 486 doi 10 1007 978 3 319 78372 7 15 ISBN 978 3 319 78371 0 S2CID 4046378 Abdalla M D Pointcheval 2005 Simple Password Based Encrypted Key Exchange Protocols PDF Topics in Cryptology CT RSA 2005 Lecture Notes in Computer Science Vol 3376 Springer Berlin Heidelberg pp 191 208 CiteSeerX 10 1 1 59 8930 doi 10 1007 978 3 540 30574 3 14 ISBN 978 3 540 24399 1 Ladd Watson 8 February 2022 Kaduk Benjamin ed SPAKE2 a PAKE Draft IETF a b US11025421B2 Fay Bjorn Advanced modular handshake for key agreement and optional authentication issued 2021 06 01 Matthew Green Let s talk about PAKE 2018 What is SRP Stanford University Shin SeongHan Kobara Kazukuni June 2012 Efficient Augmented Password Only Authentication and Key Exchange for IKEv2 Internet Engineering Task Force Archived from the original on 12 May 2021 Krawczyk Hugo Lewi Kevin Wood Christopher The OPAQUE Asymmetric PAKE Protocol Draft Internet Engineering Task Force Tatiana Bradley 2020 12 08 OPAQUE The Best Passwords Never Leave your Device The Cloudflare Blog Bourdrez Daniel Krawczyk Hugo Lewi Kevin Wood Christopher A 2022 07 06 The OPAQUE Asymmetric PAKE Protocol Internet Draft IETF Haase Bjorn Labrique Benoit August 2010 AuCPace Efficient verifier based PAKE protocol tailored for the IIoT PDF TCHES 1 48 doi 10 13154 tches v2019 i2 1 48 S2CID 4603454 Taubert T Wood C 5 May 2022 SPAKE2 an Augmented PAKE Draft IETF Repository for the CFRG Pake selection process Results of the CFRG PAKE selection processFurther reading EditBellare M D Pointcheval P Rogaway 2000 Authenticated Key Exchange Secure against Dictionary Attacks Advances in Cryptology EUROCRYPT 2000 Lecture Notes in Computer Science Vol 1807 Springer Verlag pp 139 155 doi 10 1007 3 540 45539 6 11 ISBN 978 3 540 67517 4 Bellovin S M M Merritt May 1992 Encrypted Key Exchange Password Based Protocols Secure Against Dictionary Attacks Proceedings of the I E E E Symposium on Research in Security and Privacy Oakland p 72 doi 10 1109 RISP 1992 213269 ISBN 978 0 8186 2825 2 S2CID 16063466 Ford W B Kaliski 14 16 June 2000 Server Assisted Generation of a Strong Secret from a Password Proceedings of the IEEE 9th International Workshops on Enabling Technologies Infrastructure for Collaborative Enterprises Gaithersburg MD NIST p 176 CiteSeerX 10 1 1 17 9502 doi 10 1109 ENABL 2000 883724 ISBN 978 0 7695 0798 9 S2CID 1977743 Goldreich O Y Lindell 2001 Session Key Generation Using Human Passwords Only Advances in Cryptology CRYPTO 2001 Lecture Notes in Computer Science Vol 2139 Springer Verlag pp 408 432 doi 10 1007 3 540 44647 8 24 ISBN 978 3 540 42456 7 IEEE Std 1363 2 2008 IEEE Standard Specifications for Password Based Public Key Cryptographic Techniques IEEE 2009 ISBN 978 0 7381 5806 8 OCLC 319883358 Katz J R Ostrovsky M Yung 2001 Efficient Password Authenticated Key Exchange Using Human Memorable Passwords PDF International Association for Cryptologic Research Springer Vergal Wu T September 2000 The SRP Authentication and Key Exchange System RFC Editor doi 10 17487 rfc2945 RFC 2945 Taylor D Wu T Mavrogiannopoulos N Perrin T November 2007 Using the Secure Remote Password SRP Protocol for TLS Authentication RFC Editor doi 10 17487 rfc5054 RFC 5054 Harkins D Zorn G August 2010 Extensible Authentication Protocol EAP Authentication Using Only a Password RFC Editor doi 10 17487 rfc5931 RFC 5931 Sheffer Y Zorn G Tschofenig H Fluhrer S February 2011 An EAP Authentication Method Based on the Encrypted Key Exchange EKE Protocol RFC Editor doi 10 17487 rfc6124 RFC 6124 Harkins D June 2012 Secure Pre Shared Key PSK Authentication for the Internet Key Exchange Protocol IKE RFC Editor doi 10 17487 rfc6617 RFC 6617 ISO IEC 11770 4 2006 Information technology Security techniques Key management Part 4 Mechanisms based on weak secrets IEEE Std 802 11 2012 IEEE Standard for Information Technology Part 11 Wireless LAN Medium Access Control MAC and Physical Layer PHY Specification IEEE 2012 ISBN 978 0 7381 8469 2 OCLC 1017978449 Jarecki Stanislaw Krawczyk Hugo Xu Jiayu 2018 OPAQUE An Asymmetric PAKE Protocol Secure Against Pre computation Attacks Advances in Cryptology EUROCRYPT 2018 PDF Lecture Notes in Computer Science Vol 10822 pp 456 486 doi 10 1007 978 3 319 78372 7 15 ISBN 978 3 319 78371 0 S2CID 4046378 Smyshlyaev Stanislav Oshkin Igor Alekseev Evgeniy Ahmetzyanova Liliya 2015 On the Security of One Password Authenticated Key Exchange Protocol PDF Cryptology ePrint Archive Report 2015 1237 External links EditIEEE P1363 Working Group IEEE Std 1363 2 2008 IEEE Standard Specifications for Password Based Public Key Cryptographic Techniques David Jablon s links for password based cryptography Simple Password Based Encrypted Key Exchange Protocols Abdalla et al 2005 Retrieved from https en wikipedia org w index php title Password authenticated key agreement amp oldid 1163851180, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.