Zero-knowledge password proof
From Wikipedia, the free encyclopedia
In cryptography, a zero-knowledge password proof (ZKPP) is an interactive method for one party (the prover) to prove to another party (the verifier) that it knows a value of a password, without revealing anything other than the fact that it knows that password to the verifier. A ZKPP prevents any party from verifying guesses for the password without interacting with a party that knows it and, in the optimal case, provides exactly one guess in each interaction.
A common use of a zero-knowledge password proof is in authentication systems where one party wants to prove its identity to a second party using a password but doesn't want the second party or anybody else to learn anything about the password.
A zero-knowledge password proof is a special kind of zero-knowledge proof that works even when the password (the statement to be proven) is small or insufficiently random to be useful in more conventional systems for zero-knowledge proof.
Contents |
[edit] History
The first methods to demonstrate a ZKPP were the Encrypted Key Exchange methods (EKE) described by Steven M. Bellovin and Michael Merritt in 1992. Although some of the first methods were flawed, the surviving and enhanced forms of EKE effectively amplify a shared password into a shared key, where the shared key may subsequently be used to provide a ZKPP or other functions. A considerable number of refinements, alternatives, and variations in the growing class of password-authenticated key agreement methods were developed in subsequent years. Current standardization efforts for these methods include IETF RFC 2945, IEEE P1363.2, and ISO-IEC Draft 11770-4.
[edit] References
- S. M. Bellovin and M. Merritt. Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks. Proceedings of the IEEE Symposium on Research in Security and Privacy, Oakland, May 1992.
- IEEE P1363.2: Proposed Standard for Password-Based Public-Key Cryptography.
[edit] See also
- Cryptographic protocol
- Topics in cryptography
- Password-authenticated key agreement
- Zero-knowledge proof