Bare PAKE: universally composable key exchange from just passwords
-
Name:
Bare PAKE: universally composable key exchange from just passwords
-
Venue:
252 / BBB
-
Date:
2026-06-30
- Speaker:
-
Time:
15:45
-
In order to rely on UC security proofs applications of PAKE protocols must provide unique session and participant identifiers. If such identifiers are not readily available, they must be agreed upon at the cost of additional communication flows, a fact which has been met with incomprehension among practitioners, and which hindered the adoption of provably secure password authentication in practice. In this paper, the authors resolve this issue by proposing a new paradigm for password-only yet securely composable PAKE, called bare PAKE.
In the talk we will discuss the role of session identifiers, the (standard) UC PAKE functionality and the new bare-PAKE functionality as well as the applications of the new bare-PAKE model.