Add classification of PAKE algorithms (#29)

PAKE algorithms have a long and unfortunate history. The task is simple - exchange keys with a password or shared secret mixed in. There are many requirements, and even more algorithms designed. But most of them have their drawbacks, weak points, or are vulnerable to particular attacks. This is still an area that requires research, and this paper captures it. So, I think it's a worthwhile addition as it raises awareness and interest in such studies. Co-authored-by: Pavlo Farb <pavlo@cossacklabs.com>
2022-10-06 15:03:59 +03:00 · 2022-10-06 15:03:59 +03:00 · 638723595e
parent 7b9be66e85
commit 638723595e
1 changed files with 1 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -107,6 +107,7 @@ It will be extended gradually as I find something of "must-have" value. Pull req
 * [Twenty Years of Attacks on the RSA Cryptosystem](http://crypto.stanford.edu/~dabo/pubs/papers/RSA-survey.pdf) - Great inquiry into attacking RSA and it's internals, by Dan Boneh. 
 * [Remote timing attacks are practical](http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf) - An example in attacking practical crypto implementationby D. Boneh, D. Brumley.
 * [The Equivalence Between the DHP and DLP for Elliptic Curves Used in Practical Applications, Revisited](https://eprint.iacr.org/2005/307.pdf) - by K. Bentahar.
+* [SoK: Password-Authenticated Key Exchange – Theory, Practice, Standardization and Real-World Lessons](https://eprint.iacr.org/2021/1492.pdf) - History and classification of the PAKE algorithms.
 * [RSA, DH and DSA in the Wild](https://eprint.iacr.org/2022/048.pdf) - Collection of implementation mistakes which lead to exploits of assymetric cryptography.

 #### Public key cryptography: Elliptic-curve crypto