New IEEE Standard - Inactive-Reserved.
This standard covers specifications of public-key cryptographic techniques for password-based authentication and key establishment, supplemental to the techniques described in IEEE Std 1363-2000 and IEEE Std 1363a-2004. It is intended as a companion standard to IEEE Std 1363-2000 and IEEE Std 1363a-2004. It includes specifications of primitives and schemes designed to utilize passwords and other low-grade secrets as a basis for securing electronic transactions, including schemes for password-authenticated key agreement and password-authenticated key retrieval.
This standard covers specifications of common public-key cryptographic techniques for performing password-based authentication and key establishment, supplemental to the techniques described in IEEE Std 1363-2000 and IEEE Std 1363a-2004. It includes specifications of primitives and schemes designed to utilize passwords and other low-grade secrets as a basis for securing electronic transactions, including schemes for password-authenticated key agreement and password-authenticated key retrieval.
Ensuring privacy and authenticity in personal electronic transactions is a process that necessarily involves human beings. Memorized secrets are an important factor in human authentication. Many common cryptographic methods for authentication require large, random high-grade secret keys; yet, the secrets that human beings can conveniently memorize and reliably reproduce tend to be low-grade secrets. Passwords are widely used low-grade secrets that are typically not-so-random and relatively small, and introduce risks of brute-force attack when inappropriately used as cryptographic keys.
SDO | IEEE: Institute of Electrical and Electronics Engineers |
Document Number | 1363.2 |
Publication Date | Jan. 29, 2009 |
Language | en - English |
Page Count | 140 |
Revision Level | |
Supercedes | |
Committee | Microprocessor Standards Committee |