Transactions on Computational Science XI

Volume 6480 of the series Lecture Notes in Computer Science pp 192-206

J-PAKE: Authenticated Key Exchange without PKI

  • Feng HaoAffiliated withThales E-Security
  • , Peter RyanAffiliated withFaculty Of Science, University of Luxembourg

* Final gross prices may vary according to local VAT.

Get Access


Password Authenticated Key Exchange (PAKE) is one of the important topics in cryptography. It aims to address a practical security problem: how to establish secure communication between two parties solely based on a shared password without requiring a Public Key Infrastructure (PKI). After more than a decade of extensive research in this field, there have been several PAKE protocols available. The EKE and SPEKE schemes are perhaps the two most notable examples. Both techniques are however patented. In this paper, we review these techniques in detail and summarize various theoretical and practical weaknesses. In addition, we present a new PAKE solution called J-PAKE. Our strategy is to depend on well-established primitives such as the Zero-Knowledge Proof (ZKP). So far, almost all of the past solutions have avoided using ZKP for the concern on efficiency. We demonstrate how to effectively integrate the ZKP into the protocol design and meanwhile achieve good efficiency. Our protocol has comparable computational efficiency to the EKE and SPEKE schemes with clear advantages on security.


Password-Authenticated Key Exchange EKE SPEKE key agreement