Is it too late for PAKE?

Details

Event W2SP 2009

Authors

Elaine Shi
Technical Publications
May 21st 2009
Password Authenticated Key Exchange (PAKE) is a class of cryptographic protocols that allow two parties sharing a password to authenticate each other without explicitly revealing the password in the process. PAKE protocols offer a potential improvement over current web authentication practices, e.g., HTML form-based password authentication, but there has been little progress towards integrating PAKE into web browsers and servers. In this paper, we report the results of a systematic investigation of various practical issues and challenges in deploying PAKE for web authentication. We examine three categories of issues: 1) security issues related to UI design; 2) security issues related to the browsers same origin policy; and 3) potential hurdles to deployment. We propose potential solutions for some problems and identify areas for future work.

Citation

Engler, J.; Karlof, C.; Shi, E.; Song, D. PAKE-based web authentication: the good, the bad and the hurdles. IEEE Web 2.0 Security and Privacy Workshop; 2009 May 21; Oakland, CA.

Additional information

Focus Areas

Our work is centered around a series of Focus Areas that we believe are the future of science and technology.

FIND OUT MORE
Licensing & Commercialization Opportunities

We’re continually developing new technologies, many of which are available for¬†Commercialization.

FIND OUT MORE
News

PARC scientists and staffers are active members and contributors to the science and technology communities.

FIND OUT MORE