{"draft":"draft-harkins-salted-eap-pwd-08","doc_id":"RFC8146","title":"Adding Support for Salted Password Databases to EAP-pwd","authors":["D. Harkins"],"format":["ASCII","HTML"],"page_count":"11","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"IETF - NON WORKING GROUP","abstract":"EAP-pwd is an Extensible Authentication Protocol (EAP) method that\r\nutilizes a shared password for authentication using a technique that\r\nis resistant to dictionary attacks.  It includes support for raw keys\r\nand double hashing of a password in the style of Microsoft Challenge\r\nHandshake Authentication Protocol version 2 (MSCHAPv2), but it does\r\nnot include support for salted passwords.  There are many existing\r\ndatabases of salted passwords, and it is desirable to allow their use\r\nwith EAP-pwd.","pub_date":"April 2017","keywords":["Password-Authenticated Key Exchange","PAKE","Dictionary Attack","Authentication EAP"],"obsoletes":[],"obsoleted_by":[],"updates":["RFC5931"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8146","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc8146"}