Abstract. In this talk, I will present the OPAQUE password protocol and some of its applications. OPAQUE is an asymmetric password-authenticated key exchange protocol (aPAKE) that supports mutual authentication in a client-server setting without relying on PKI and with security against pre-computation attacks upon server compromise. The protocol provides forward secrecy and the ability to hide the password from the server even during password registration. OPAQUE also acts as a secret retrieval protocol as required for backing up full-entropy secrets with applications to cryptocurrency wallets and end-to-end security. In particular, OPAQUE is implemented in WhatsApp and Facebook messenger for their chat-history backup protocol and it is standardized by the IETF as the winner of its 2022 aPAKE competition.
This represents joint work with Stas Jarecki and Jiayu Xu (paper co-authors) and Daniel Bourdrez, Kevin Lewi and Chris Wood (Internet-draft co-editors).
Suggested readings: ia.cr/2018/163 (OPAQUE paper), https://datatracker.ietf.org/doc/draft-irtf-cfrg-opaque (OPAQUE internet draft)
Security and Privacy: cryptography