201:
47:
systems where one party wants to prove its identity to a second party using a password but doesn't want the second party or anybody else to learn anything about the password. For example, apps can validate a password without processing it and a payment app can check the balance of an account without
40:(PAKE) protocol that is secure against off-line dictionary attacks. A ZKPP prevents any party from verifying guesses for the password without interacting with a party that knows it and, in the optimal case, provides exactly one guess in each interaction.
64:
and
Michael Merritt in 1992. A considerable number of refinements, alternatives, and variations in the growing class of password-authenticated key agreement methods were developed in subsequent years. Standards for these methods include IETF
238:
37:
262:
101:
257:
32:, without revealing anything other than the fact that it knows the password to the verifier. The term is defined in
231:
91:
96:
86:
57:
28:
that allows one party (the prover) to prove to another party (the verifier) that it knows a value of a
224:
25:
171:"IEEE 1363.2: IEEE Standard Specifications for Password-Based Public-Key Cryptographic Techniques"
61:
128:
66:
208:
44:
251:
120:
170:
154:"Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks"
153:
17:
159:. Proceedings of the IEEE Symposium on Research in Security and Privacy. Oakland.
70:
74:
33:
132:
200:
29:
189:
212:
43:
A common use of a zero-knowledge password proof is in
190:
David Jablon's links for password-based cryptography
56:The first methods to demonstrate a ZKPP were the
36:, in reference to one of the benefits of using a
48:touching or learning anything about the amount.
232:
8:
239:
225:
152:Bellovin, S. M.; Merritt, M. (May 1992).
207:This cryptography-related article is a
112:
7:
197:
195:
38:password-authenticated key exchange
14:
121:"What Are Zero-Knowledge Proofs?"
199:
102:Secure Remote Password protocol
1:
22:zero-knowledge password proof
211:. You can help Knowledge by
60:methods (EKE) described by
279:
194:
263:Password authentication
92:Outline of cryptography
77:, and ISO-IEC 11770-4.
97:Key-agreement protocol
87:Cryptographic protocol
58:encrypted key exchange
26:zero-knowledge proof
24:(ZKPP) is a type of
258:Cryptography stubs
62:Steven M. Bellovin
220:
219:
270:
241:
234:
227:
203:
196:
178:
177:
175:
167:
161:
160:
158:
149:
143:
142:
140:
139:
117:
278:
277:
273:
272:
271:
269:
268:
267:
248:
247:
246:
245:
186:
181:
173:
169:
168:
164:
156:
151:
150:
146:
137:
135:
119:
118:
114:
110:
83:
54:
12:
11:
5:
276:
274:
266:
265:
260:
250:
249:
244:
243:
236:
229:
221:
218:
217:
204:
193:
192:
185:
184:External links
182:
180:
179:
162:
144:
111:
109:
106:
105:
104:
99:
94:
89:
82:
79:
53:
50:
45:authentication
13:
10:
9:
6:
4:
3:
2:
275:
264:
261:
259:
256:
255:
253:
242:
237:
235:
230:
228:
223:
222:
216:
214:
210:
205:
202:
198:
191:
188:
187:
183:
172:
166:
163:
155:
148:
145:
134:
130:
126:
122:
116:
113:
107:
103:
100:
98:
95:
93:
90:
88:
85:
84:
80:
78:
76:
72:
68:
63:
59:
51:
49:
46:
41:
39:
35:
31:
27:
23:
19:
213:expanding it
206:
165:
147:
136:. Retrieved
124:
115:
75:IEEE P1363.2
55:
42:
34:IEEE P1363.2
21:
18:cryptography
15:
252:Categories
138:2020-12-01
108:References
133:1059-1028
81:See also
30:password
176:. IEEE.
52:History
131:
69:
174:(PDF)
157:(PDF)
125:Wired
209:stub
129:ISSN
71:2945
20:, a
67:RFC
16:In
254::
127:.
123:.
73:,
240:e
233:t
226:v
215:.
141:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.