Is it too late for PAKE?

Details

Event W2SP 2009

Authors

Elaine Shi
Technical Publications
May 21st 2009
Password Authenticated Key Exchange (PAKE) is a class of cryptographic protocols that allow two parties sharing a password to authenticate each other without explicitly revealing the password in the process. PAKE protocols offer a potential improvement over current web authentication practices, e.g., HTML form-based password authentication, but there has been little progress towards integrating PAKE into web browsers and servers. In this paper, we report the results of a systematic investigation of various practical issues and challenges in deploying PAKE for web authentication. We examine three categories of issues: 1) security issues related to UI design; 2) security issues related to the browsers same origin policy; and 3) potential hurdles to deployment. We propose potential solutions for some problems and identify areas for future work.

Citation

Engler, J.; Karlof, C.; Shi, E.; Song, D. PAKE-based web authentication: the good, the bad and the hurdles. IEEE Web 2.0 Security and Privacy Workshop; 2009 May 21; Oakland, CA.

Additional information

Focus Areas

Our work is centered around a series of Focus Areas that we believe are the future of science and technology.

FIND OUT MORE
Licensing & Commercialization Opportunities

We’re continually developing new technologies, many of which are available for Commercialization.

FIND OUT MORE
News

Our scientists and staffers are active members and contributors to the science and technology communities.

FIND OUT MORE