{"draft":"draft-irtf-cfrg-opaque-18","doc_id":"RFC9807","title":"The OPAQUE Augmented Password-Authenticated Key Exchange (aPAKE) Protocol","authors":["D. Bourdrez","H. Krawczyk","K. Lewi","C. A. Wood"],"format":["HTML","TEXT","PDF","XML"],"page_count":"73","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Crypto Forum Research Group","abstract":"This document describes the OPAQUE protocol, an Augmented (or\r\nAsymmetric) Password-Authenticated Key Exchange (aPAKE) protocol that\r\nsupports mutual authentication in a client-server setting without\r\nreliance on PKI and with security against pre-computation attacks\r\nupon server compromise. In addition, the protocol provides forward\r\nsecrecy and the ability to hide the password from the server, even\r\nduring password registration. This document specifies the core OPAQUE\r\nprotocol and one instantiation based on 3DH. This document is a\r\nproduct of the Crypto Forum Research Group (CFRG) in the IRTF.","pub_date":"July 2025","keywords":[],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9807","errata_url":null}