|
|
|
|
|
|
by tialaramex
807 days ago
|
|
|
Asymmetric PAKEs don't require the server to know your password. You and the server need to have a discussion to establish some parameters that work for your chosen password, without revealing what it is, and then in future you can supply evidence that you indeed know the password (that is, some value which satisfies the agreed parameters), still without revealing what it is. This is not easy to do correctly, whereas it's really easy to get it wrong... https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque/ |
|
|