all InfoSec news
Password-Authenticated TLS via OPAQUE and Post-Handshake Authentication
Feb. 20, 2023, 4:30 p.m. |
IACR News www.iacr.org
ePrint Report: Password-Authenticated TLS via OPAQUE and Post-Handshake Authentication
Julia Hesse, Stanislaw Jarecki, Hugo Krawczyk, Christopher Wood
OPAQUE is an Asymmetric Password-Authenticated Key Exchange (aPAKE) protocol being standardized by the IETF (Internet Engineering Task Force) as a more secure alternative to the traditional ``password-over-TLS'' mechanism prevalent in current practice. OPAQUE defends against a variety of vulnerabilities of password-over-TLS by dispensing with reliance on PKI and TLS security, and ensuring that the password is never visible to servers or anyone other …
authentication current engineering eprint report exchange handshake internet key opaque password pki practice protocol report security task task force tls vulnerabilities wood
More from www.iacr.org / IACR News
AFT '24: Advances in Financial Technologies
1 day, 11 hours ago |
www.iacr.org
UbiSec 2024: The 4th International Conference on Ubiquitous Security
1 day, 11 hours ago |
www.iacr.org
Jobs in InfoSec / Cybersecurity
Technical Support Engineer - Cyber Security
@ Microsoft | Taipei, Taipei City, Taiwan
Senior Security Engineer
@ Workato | Barcelona, Spain
Regional Cybersecurity Specialist
@ Bayer | Singapore, Singapore, SG
Cyber Security Network Engineer
@ Nine | North Sydney, Australia
Professional, IAM Security
@ Ingram Micro | Manila Shared Services Center
Principal Windows Threat & Detection Security Researcher (Cortex)
@ Palo Alto Networks | Tel Aviv-Yafo, Israel