{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T14:36:27Z","timestamp":1765031787420,"version":"3.46.0"},"reference-count":168,"publisher":"Association for Computing Machinery (ACM)","issue":"6","funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"crossref","award":["62222208"],"award-info":[{"award-number":["62222208"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"crossref"}]},{"name":"Natural Science Foundation of Tianjin, China","award":["25JCJQJC00230"],"award-info":[{"award-number":["25JCJQJC00230"]}]},{"name":"CCF-ANT Research Fund","award":["CCF-AFSGRF20250203"],"award-info":[{"award-number":["CCF-AFSGRF20250203"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2026,4,30]]},"abstract":"<jats:p>Password-authenticated key exchange (PAKE) protocols tackle the important problem of how to enable two parties, who share a low-entropy password, to establish a cryptographically strong session key for secure data communication. Although considerable research efforts have been devoted to designing hundreds of PAKE protocols, to the best of our knowledge, there have been few systematic reviews. In this work, we provide a comprehensive overview of PAKE research. We first propose a list of 13 desirable properties of PAKE protocols in terms of security and usability, enabling PAKE protocols to be systematically rated across a common spectrum. We then provide a taxonomy for PAKE protocols, and classify them into seven types according to their underlying design strategies. For each type, we investigate the inner working mechanisms of various representative protocols, and identify their pros, and cons. We further classify existing PAKE protocols from five other key perspectives (i.e., symmetry, number of participants, hardness assumptions, security goals, and round complexity) and review their development history under each classification, aiming at providing an in-depth and thorough understanding of the status quo of PAKE research. Based on 13 properties and six perspectives, we conduct a large-scale comparative evaluation of 71 representative PAKE protocols in a systematic manner. Finally, we highlight a few potential directions for the future design of PAKE protocols.<\/jats:p>","DOI":"10.1145\/3774642","type":"journal-article","created":{"date-parts":[[2025,11,3]],"date-time":"2025-11-03T11:38:13Z","timestamp":1762169893000},"page":"1-37","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Password-Authenticated Key Exchange Protocols: A Survey"],"prefix":"10.1145","volume":"58","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-1667-2237","authenticated-orcid":false,"given":"Ding","family":"Wang","sequence":"first","affiliation":[{"name":"College of Cryptology and Cyber Science, Nankai University","place":["Tianjin, China"]}]},{"ORCID":"https:\/\/orcid.org\/0009-0007-7090-1970","authenticated-orcid":false,"given":"Guanling","family":"Li","sequence":"additional","affiliation":[{"name":"College of Cryptology and Cyber Science, Nankai University","place":["Tianjin, China"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8014-8643","authenticated-orcid":false,"given":"Jingwei","family":"Jiang","sequence":"additional","affiliation":[{"name":"College of Cryptology and Cyber Science, Nankai University","place":["Tianjin, China"]}]}],"member":"320","published-online":{"date-parts":[[2025,12,6]]},"reference":[{"key":"e_1_3_1_2_2","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2003.819611"},{"key":"e_1_3_1_3_2","first-page":"553","volume-title":"Proceedings of the IEEE S&P 2012","author":"Bonneau Joseph","unstructured":"Joseph Bonneau, Cormac Herley, Paul C. van Oorschot, and Frank Stajano. The quest to replace passwords: A framework for comparative evaluation of web authentication schemes. In Proceedings of the IEEE S&P 2012. 553\u2013567."},{"key":"e_1_3_1_4_2","doi-asserted-by":"publisher","DOI":"10.1145\/2699390"},{"key":"e_1_3_1_5_2","volume-title":"From the Quest to Replace Passwords towards Support- ing Secure and Usable Password Creation","author":"Zimmermann V.","year":"2021","unstructured":"V. Zimmermann. 2021. From the Quest to Replace Passwords towards Support- ing Secure and Usable Password Creation. Ph.D. Dissertation. Technical University of Darmstadt, Germany."},{"key":"e_1_3_1_6_2","volume-title":"Why the Password Isn\u2019t Dead Quite Yet","author":"Newman Lily Hay","year":"2021","unstructured":"Lily Hay Newman. 2021. Why the Password Isn\u2019t Dead Quite Yet. Retrieved 9 July 2023 from https:\/\/bit.ly\/46xY886"},{"volume-title":"The Password Isn\u2019t Dead Yet. You Need a Hardware Key","year":"2022","key":"e_1_3_1_7_2","unstructured":"2022. The Password Isn\u2019t Dead Yet. You Need a Hardware Key. Retrieved 9 July 2023 from https:\/\/bit.ly\/43bXo5K"},{"key":"e_1_3_1_8_2","first-page":"456","volume-title":"Proceedings of the EUROCRYPT 2018","author":"Jarecki Stanislaw","unstructured":"Stanislaw Jarecki, Hugo Krawczyk, and Jiayu Xu. OPAQUE: An asymmetric pake protocol secure against pre-computation attacks. In Proceedings of the EUROCRYPT 2018. 456\u2013486."},{"key":"e_1_3_1_9_2","first-page":"127","volume-title":"Proceedings of the EUROCRYPT 2022","author":"Santos Bruno Freitas Dos","unstructured":"Bruno Freitas Dos Santos, Yanqi Gu, Stanislaw Jarecki, and Hugo Krawczyk. Asymmetric PAKE with low computation and communication. In Proceedings of the EUROCRYPT 2022. 127\u2013156."},{"key":"e_1_3_1_10_2","first-page":"485","volume-title":"Proceedings of the SCN 2018","author":"Hwang Jung Yeon","unstructured":"Jung Yeon Hwang, Stanislaw Jarecki, Taekyoung Kwon, Joohee Lee, Ji Sun Shin, and Jiayu Xu. Round-reduced modular construction of asymmetric password-authenticated key exchange. In Proceedings of the SCN 2018. 485\u2013504."},{"key":"e_1_3_1_11_2","first-page":"97","volume-title":"Proceedings of the NDSS 1998","author":"Wu Thomas D.","unstructured":"Thomas D. Wu. The secure remote password protocol. In Proceedings of the NDSS 1998. 97\u2013111."},{"volume-title":"Proceedings of the CRYPTO 2021","author":"Gu Yanqi","key":"e_1_3_1_12_2","unstructured":"Yanqi Gu, Stanislaw Jarecki, and Hugo Krawczyk. KHAPE: Asymmetric PAKE from key-hiding key exchange. In Proceedings of the CRYPTO 2021."},{"key":"e_1_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1093\/comjnl\/bxaa178"},{"key":"e_1_3_1_14_2","first-page":"72","volume-title":"Proceedings of the IEEE S&P 1992","author":"Bellovin Steven M.","unstructured":"Steven M. Bellovin and Michael Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In Proceedings of the IEEE S&P 1992. 72\u201384."},{"key":"e_1_3_1_15_2","first-page":"366","volume-title":"Proceedings of the ProvSec 2018","author":"Becerra Jos\u00e9","unstructured":"Jos\u00e9 Becerra, Dimiter Ostrev, and Marjan Skrobot. Forward secrecy of SPAKE2. In Proceedings of the ProvSec 2018. 366\u2013384."},{"key":"e_1_3_1_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/242896.242897"},{"key":"e_1_3_1_17_2","first-page":"159","volume-title":"Proceedings of the SPW 2008","author":"Hao Feng","unstructured":"Feng Hao and Peter Y. A. Ryan. Password Authenticated Key Exchange by Juggling. In Proceedings of the SPW 2008. 159\u2013171."},{"key":"e_1_3_1_18_2","volume-title":"Secure Remote Password (SRP): How 1Password uses it","author":"Fillion Rick","year":"2018","unstructured":"Rick Fillion. 2018. Secure Remote Password (SRP): How 1Password uses it. Retrieved 5 July 2023 from https:\/\/bit.ly\/3roH1FW"},{"volume-title":"HomeKitADK","year":"2021","key":"e_1_3_1_19_2","unstructured":"Apple. 2021. HomeKitADK. Retrieved 5 July 2023 from https:\/\/github.com\/apple\/HomeKitADK"},{"volume-title":"Firefox Sync","year":"2023","key":"e_1_3_1_20_2","unstructured":"2023. Firefox Sync. Retrieved 5 July 2023 fromhttps:\/\/www.mozilla.org\/en-US\/firefox\/sync\/"},{"key":"e_1_3_1_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2832984"},{"key":"e_1_3_1_22_2","article-title":"SRP-6: Improvements and refinements to the secure remote password protocol","author":"Wu Thomas D.","year":"2002","unstructured":"Thomas D. Wu. 2002. SRP-6: Improvements and refinements to the secure remote password protocol. Submission to IEEE P1363.2.","journal-title":"Submission to IEEE P1363.2"},{"key":"e_1_3_1_23_2","first-page":"697","volume-title":"Proceedings of the AsiaCCS 2022","author":"Hao Feng","unstructured":"Feng Hao and Paul C. van Oorschot. SoK: Password-authenticated key exchange - theory, practice, standardization and real-world lessons. In Proceedings of the AsiaCCS 2022. 697\u2013711."},{"key":"e_1_3_1_24_2","first-page":"236","volume-title":"Proceedings of the IEEE S&P 1997","author":"Patel Sarvar","unstructured":"Sarvar Patel. Number theoretic attacks on secure password schemes. In Proceedings of the IEEE S&P 1997. 236\u2013247."},{"key":"e_1_3_1_25_2","first-page":"65","volume-title":"Proceedings of the PKC 2005","author":"Abdalla Michel","unstructured":"Michel Abdalla, Pierre-Alain Fouque, and David Pointcheval. Password-based authenticated key exchange in the three-party setting. In Proceedings of the PKC 2005. 65\u201384."},{"key":"e_1_3_1_26_2","first-page":"1","volume-title":"Proceedings of the ACNS 2005","author":"Katz Jonathan","unstructured":"Jonathan Katz, Philip D. MacKenzie, Gelareh Taban, and Virgil D. Gligor. Two-server password-only authenticated key exchange. In Proceedings of the ACNS 2005. 1\u201316."},{"issue":"3","key":"e_1_3_1_27_2","first-page":"1336","article-title":"A key for john doe: Modeling and designing anonymous password-authenticated key exchange protocols","volume":"18","author":"Vasco Maria Isabel Gonzalez","year":"2021","unstructured":"Maria Isabel Gonzalez Vasco, Angel L. P\u00e9rez del Pozo, and Claudio Soriente. 2021. A key for john doe: Modeling and designing anonymous password-authenticated key exchange protocols. IEEE Trans. Dependable Secur. Comput. 18, 3 (2021), 1336\u20131353.","journal-title":"IEEE Trans. Dependable Secur. Comput."},{"key":"e_1_3_1_28_2","first-page":"1179","volume-title":"Proceedings of the ACM CCS 2016","author":"Zhang Zhenfeng","unstructured":"Zhenfeng Zhang, Kang Yang, Xuexian Hu, and Yuchen Wang. Practical Anonymous Password Authentication and TLS with Anonymous Client Authentication. In Proceedings of the ACM CCS 2016. 1179\u20131191."},{"key":"e_1_3_1_29_2","first-page":"396","volume-title":"Proceedings of the PKC 2020","author":"Jiang Shaoquan","unstructured":"Shaoquan Jiang, Guang Gong, Jingnan He, Khoa Nguyen, and Huaxiong Wang. PAKEs: New framework, new techniques and more efficient lattice-based constructions in the standard model. In Proceedings of the PKC 2020. 396\u2013427."},{"key":"e_1_3_1_30_2","first-page":"137","volume-title":"Proceedings of the ICISC 2021","author":"Ren Peixin","unstructured":"Peixin Ren and Xiaozhuo Gu. Practical post-quantum password-authenticated key exchange based-on module-lattice. In Proceedings of the ICISC 2021. 137\u2013156."},{"key":"e_1_3_1_31_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2023.3331000"},{"volume-title":"Proceedings of the TCC 2011","author":"Katz Jonathan","key":"e_1_3_1_32_2","unstructured":"Jonathan Katz and Vinod Vaikuntanathan. Round-optimal password-based authenticated key exchange. In Proceedings of the TCC 2011."},{"volume-title":"Proceedings of the ASIACRYPT 2017","author":"Zhang Jiang","key":"e_1_3_1_33_2","unstructured":"Jiang Zhang and Yu Yu. Two-round PAKE from approximate SPH and instantiations from lattices. In Proceedings of the ASIACRYPT 2017."},{"key":"e_1_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2020.3040776"},{"key":"e_1_3_1_35_2","first-page":"31","volume-title":"Proceedings of the ICICS 2007","author":"Wan Zhiguo","unstructured":"Zhiguo Wan, Robert H. Deng, Feng Bao, and Bart Preneel. n PAKE \\({}^{\\mbox{ + }}\\) : A hierarchical group password-authenticated key exchange protocol using different passwords. In Proceedings of the ICICS 2007. 31\u201343."},{"key":"e_1_3_1_36_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45539-6_12"},{"volume-title":"Proceedings of the ASIACRYPT 2004","author":"Zhang Muxiang","key":"e_1_3_1_37_2","unstructured":"Muxiang Zhang. New approaches to password authenticated key exchange based on RSA. In Proceedings of the ASIACRYPT 2004."},{"volume-title":"Proceedings of the CT-RSA 2005","author":"Abdalla Michel","key":"e_1_3_1_38_2","unstructured":"Michel Abdalla and David Pointcheval. Simple password-based encrypted key exchange protocols. In Proceedings of the CT-RSA 2005."},{"key":"e_1_3_1_39_2","first-page":"244","volume-title":"Proceedings of the ACM CCS 1993","author":"Bellovin Steven M.","unstructured":"Steven M. Bellovin and Michael Merritt. Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise. In Proceedings of the ACM CCS 1993. 244\u2013250."},{"key":"e_1_3_1_40_2","first-page":"1","volume-title":"Proceedings of the NDSS 2001","author":"Kwon Taekyoung","unstructured":"Taekyoung Kwon. Authentication and key agreement via memorable passwords. In Proceedings of the NDSS 2001. 1\u201321."},{"key":"e_1_3_1_41_2","first-page":"546","volume-title":"Proceedings of the CRYPTO 2005","author":"Krawczyk Hugo","unstructured":"Hugo Krawczyk. HMQV: A high-performance secure diffie-hellman protocol. In Proceedings of the CRYPTO 2005. 546\u2013566."},{"volume-title":"Proceedings of the EUROCRYPT 2003","author":"Gennaro Rosario","key":"e_1_3_1_42_2","unstructured":"Rosario Gennaro and Yehuda Lindell. A framework for password-based authenticated key exchange. In Proceedings of the EUROCRYPT 2003."},{"volume-title":"Proceedings of the ACSAC 2009","author":"Yang Yanjiang","key":"e_1_3_1_43_2","unstructured":"Yanjiang Yang, Jianying Zhou, Jian Weng, and Feng Bao. A New Approach for Anonymous Password Authentication. In Proceedings of the ACSAC 2009."},{"volume-title":"Proceedings of the ACSAC 2010","author":"Yang Yanjiang","key":"e_1_3_1_44_2","unstructured":"Yanjiang Yang, Jianying Zhou, Jun Wen Wong, and Feng Bao. Towards practical anonymous password authentication. In Proceedings of the ACSAC 2010."},{"key":"e_1_3_1_45_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45539-6_11"},{"key":"e_1_3_1_46_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2016.2605087"},{"key":"e_1_3_1_47_2","first-page":"111","volume-title":"Proceedings of the ESORICS 2016","author":"Wang D.","unstructured":"D. Wang and P. Wang. On the implications of zipf\u2019s law in passwords. In Proceedings of the ESORICS 2016. 111\u2013131."},{"key":"e_1_3_1_48_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2014.2355850"},{"volume-title":"Proceedings of the ACM CCS 16","author":"Wang D.","key":"e_1_3_1_49_2","unstructured":"D. Wang, Z.J. Zhang, and P. Wang. Targeted online password guessing: An underestimated threat. In Proceedings of the ACM CCS 16."},{"key":"e_1_3_1_50_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2017.2721359"},{"key":"e_1_3_1_51_2","first-page":"301","volume-title":"Proceedings of the AsiaCCS 2017","author":"Pointcheval David","unstructured":"David Pointcheval and Guilin Wang. VTBPEKE: Verifier-based two-basis password exponential key exchange. In Proceedings of the AsiaCCS 2017. 301\u2013312."},{"key":"e_1_3_1_52_2","first-page":"449","volume-title":"Proceedings of the PKC 2012","author":"Canetti Ran","unstructured":"Ran Canetti, Dana Dachman-Soled, Vinod Vaikuntanathan, and Hoeteck Wee. Efficient password authenticated key exchange via oblivious transfer. In Proceedings of the PKC 2012. 449\u2013466."},{"key":"e_1_3_1_53_2","first-page":"207","article-title":"Supplemental access control (PACE v2): security analysis of PACE integrated mapping","author":"Coron Jean-S\u00e9bastien","year":"2012","unstructured":"Jean-S\u00e9bastien Coron, Aline Gouget, Thomas Icart, and Pascal Paillier. 2012. Supplemental access control (PACE v2): security analysis of PACE integrated mapping. Cryptography and Security (2012), 207\u2013232.","journal-title":"Cryptography and Security"},{"key":"e_1_3_1_54_2","first-page":"538","volume-title":"Proceedings of the IEEE S&P 2012","author":"Bonneau Joseph","unstructured":"Joseph Bonneau. The science of guessing: Analyzing an anonymized corpus of 70 million passwords. In Proceedings of the IEEE S&P 2012. 538\u2013552."},{"issue":"2","key":"e_1_3_1_55_2","first-page":"111","article-title":"Traceback technology for anonymous network","volume":"49","author":"Chen Z.","year":"2012","unstructured":"Z. Chen, S. Pu, and S. Zhu. 2012. Traceback technology for anonymous network. Journal of Computer Research and Development 49, S2 (2012), 111\u2013117.","journal-title":"Journal of Computer Research and Development"},{"key":"e_1_3_1_56_2","first-page":"1","volume-title":"Proceedings of the CHI 2019","author":"Mayer Peter","unstructured":"Peter Mayer, Nina Gerber, Benjamin Reinheimer, Philipp Rack, Kristoffer Braun, and Melanie Volkamer. I (don\u2019t) see what you typed there! shoulder-surfing resistant password entry on gamepads. In Proceedings of the CHI 2019. 1\u201312."},{"key":"e_1_3_1_57_2","first-page":"516","volume-title":"Proceedings of the ACM CCS 2010","author":"Groce Adam","unstructured":"Adam Groce and Jonathan Katz. A new framework for efficient password-based authenticated key exchange. In Proceedings of the ACM CCS 2010. 516\u2013525."},{"volume-title":"Proceedings of the SCN 2002","author":"Katz Jonathan","key":"e_1_3_1_58_2","unstructured":"Jonathan Katz, Rafail Ostrovsky, and Moti Yung. Forward secrecy in password-only key exchange protocols. In Proceedings of the SCN 2002."},{"key":"e_1_3_1_59_2","first-page":"798","volume-title":"Proceedings of the CRYPTO 2019","author":"Bradley Tatiana","unstructured":"Tatiana Bradley, Stanislaw Jarecki, and Jiayu Xu. Strong asymmetric PAKE based on trapdoor CKEM. In Proceedings of the CRYPTO 2019. 798\u2013825."},{"key":"e_1_3_1_60_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.ipl.2008.06.002"},{"key":"e_1_3_1_61_2","doi-asserted-by":"publisher","DOI":"10.22331\/q-2018-08-06-79"},{"key":"e_1_3_1_62_2","first-page":"124","volume-title":"Proceedings of the FOCS 1994","author":"Shor Peter W","unstructured":"Peter W Shor. Algorithms for quantum computation: discrete logarithms and factoring. In Proceedings of the FOCS 1994. 124\u2013134."},{"key":"e_1_3_1_63_2","first-page":"212","volume-title":"Proceedings of the STOC 1996","author":"Grover Lov K","unstructured":"Lov K Grover. A fast quantum mechanical algorithm for database search. In Proceedings of the STOC 1996. 212\u2013219."},{"volume-title":"Proceedings of the PKC 2004","author":"Bresson Emmanuel","key":"e_1_3_1_64_2","unstructured":"Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. New security results on encrypted key exchange. In Proceedings of the PKC 2004."},{"key":"e_1_3_1_65_2","first-page":"177","volume-title":"Proceedings of the AsiaCCS 2016","author":"Jarecki Stanislaw","unstructured":"Stanislaw Jarecki, Hugo Krawczyk, Maliheh Shirvanian, and Nitesh Saxena. Device-enhanced password protocols with optimal online-offline protection. In Proceedings of the AsiaCCS 2016. 177\u2013188."},{"key":"e_1_3_1_66_2","first-page":"361","volume-title":"Proceedings of the CT-RSA 2001","author":"MacKenzie Philip D.","unstructured":"Philip D. MacKenzie. More efficient password-authenticated key exchange. In Proceedings of the CT-RSA 2001. 361\u2013377."},{"key":"e_1_3_1_67_2","article-title":"The PAK suite: Protocols for password-authenticated key exchange","author":"MacKenzie Philip","year":"2002","unstructured":"Philip MacKenzie. 2002. The PAK suite: Protocols for password-authenticated key exchange. Contribution to IEEE P1363.","journal-title":"Contribution to IEEE P1363"},{"key":"e_1_3_1_68_2","first-page":"636","volume-title":"Proceedings of the ASIACRYPT 2009","author":"Katz Jonathan","unstructured":"Jonathan Katz and Vinod Vaikuntanathan. Smooth projective hashing and password-based authenticated key exchange from lattices. In Proceedings of the ASIACRYPT 2009. 636\u2013652."},{"key":"e_1_3_1_69_2","first-page":"761","volume-title":"Proceedings of the ASIACRYPT 2020","author":"Erwig Andreas","unstructured":"Andreas Erwig, Julia Hesse, Maximilian Orlt, and Siavash Riahi. Fuzzy asymmetric password-authenticated key exchange. In Proceedings of the ASIACRYPT 2020. 761\u2013784."},{"key":"e_1_3_1_70_2","first-page":"393","volume-title":"Proceedings of the EUROCRYPT 2018","author":"Dupont Pierre-Alain","unstructured":"Pierre-Alain Dupont, Julia Hesse, David Pointcheval, Leonid Reyzin, and Sophia Yakoubov. Fuzzy password-authenticated key exchange. In Proceedings of the EUROCRYPT 2018. 393\u2013424."},{"key":"e_1_3_1_71_2","first-page":"668","volume-title":"Proceedings of the CRYPTO 2022","author":"Cremers Cas","unstructured":"Cas Cremers, Moni Naor, Shahar Paz, and Eyal Ronen. CHIP and CRISP: Protecting all parties against compromise through identity-binding PAKEs. In Proceedings of the CRYPTO 2022. 668\u2013698."},{"key":"e_1_3_1_72_2","article-title":"The AuthA protocol for password-based authenticated key exchange","author":"Bellare M.","year":"2000","unstructured":"M. Bellare and P. Rogaway. 2000. The AuthA protocol for password-based authenticated key exchange. Contribution to IEEE P1363.","journal-title":"Contribution to IEEE P1363"},{"volume-title":"Proceedings of the SPW 1997","author":"Lucks Stefan","key":"e_1_3_1_73_2","unstructured":"Stefan Lucks. Open key exchange: How to defeat dictionary attacks without encrypting public keys. In Proceedings of the SPW 1997."},{"key":"e_1_3_1_74_2","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44448-3_46"},{"key":"e_1_3_1_75_2","unstructured":"2009. IEEE Standard specification for password-based public-key cryptographic techniques. Retrieved 29 October 2025 fromhttps:\/\/standards.ieee.org\/standard\/1363_2-2008.html"},{"key":"e_1_3_1_76_2","doi-asserted-by":"publisher","DOI":"10.1145\/206826.206834"},{"key":"e_1_3_1_77_2","first-page":"241","volume-title":"Proceedings of the ACM CCS 2003","author":"Bresson Emmanuel","unstructured":"Emmanuel Bresson, Olivier Chevassut, and David Pointcheval. Security proofs for an efficient password-based key exchange. In Proceedings of the ACM CCS 2003. 241\u2013250."},{"key":"e_1_3_1_78_2","unstructured":"German Federal Offer for Information Security. 2012. Advanced security mechanisms for machine readable travel documents part 1 \u2013 eMRTDs with BAC\/PACEv2 and EACv1. Retrieved 17 June 2023 from https:\/\/bit.ly\/46BSUbx"},{"key":"e_1_3_1_79_2","first-page":"142","volume-title":"Proceedings of the CRYPTO 2000","author":"Gentry Craig","unstructured":"Craig Gentry, Philip D. MacKenzie, and Zulfikar Ramzan. A method for making password-based key exchange resilient to server compromise. In Proceedings of the CRYPTO 2000. 142\u2013159."},{"key":"e_1_3_1_80_2","first-page":"183","volume-title":"Proceedings of the CRYPTO 2024","author":"Barbosa Manuel","unstructured":"Manuel Barbosa, Kai Gellert, Julia Hesse, and Stanislaw Jarecki. Bare pake: Universally composable key exchange from just passwords. In Proceedings of the CRYPTO 2024. 183\u2013217."},{"key":"e_1_3_1_81_2","first-page":"1017","volume-title":"Proceedings of the AsiaCCS 2024","author":"Arriaga Afonso","unstructured":"Afonso Arriaga, Peter YA Ryan, and Marjan Skrobot. SweetPAKE: Key exchange with decoy passwords. In Proceedings of the AsiaCCS 2024. 1017\u20131033."},{"key":"e_1_3_1_82_2","first-page":"110","volume-title":"Proceedings of the ASIACRYPT 2023","author":"Bootle Jonathan","unstructured":"Jonathan Bootle, Sebastian Faller, Julia Hesse, Kristina Host\u00e1kov\u00e1, and Johannes Ottenhues. Generalized fuzzy password-authenticated key exchange from error correcting codes. In Proceedings of the ASIACRYPT 2023. 110\u2013142."},{"key":"e_1_3_1_83_2","first-page":"33","volume-title":"Proceedings of the ISC 2009","author":"Bender Jens","unstructured":"Jens Bender, Marc Fischlin, and Dennis K\u00fcgler. Security analysis of the PACE key-agreement protocol. In Proceedings of the ISC 2009. 33\u201348."},{"key":"e_1_3_1_84_2","doi-asserted-by":"publisher","DOI":"10.3724\/SP.J.1016.2011.00038"},{"issue":"1","key":"e_1_3_1_85_2","first-page":"176","article-title":"Cryptanalysis and improvement of gateway-oriented password-authenticated key exchange based on RSA","volume":"43","author":"Wang D.","year":"2015","unstructured":"D. Wang, P. Wang, and M. Li. 2015. Cryptanalysis and improvement of gateway-oriented password-authenticated key exchange based on RSA. Acta Electronica Sinica. 43, 1 (2015), 176\u2013184.","journal-title":"Acta Electronica Sinica."},{"key":"e_1_3_1_86_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1976.1055638"},{"volume-title":"Proceedings of the WETICE 1997","author":"Jablon David P.","key":"e_1_3_1_87_2","unstructured":"David P. Jablon. Extended password key exchange protocols immune to dictionary attacks. In Proceedings of the WETICE 1997."},{"key":"e_1_3_1_88_2","first-page":"26","volume-title":"Proceedings of the SSR 2014","author":"Hao Feng","unstructured":"Feng Hao and Siamak Fayyaz Shahandashti. The SPEKE protocol revisited. In Proceedings of the SSR 2014. 26\u201338."},{"volume-title":"Information Technology \u2013 Security Techniques \u2013 Key Management \u2013 Part 4: Mechanisms based on Weak Secrets","year":"2017","key":"e_1_3_1_89_2","unstructured":"2017. Information Technology \u2013 Security Techniques \u2013 Key Management \u2013 Part 4: Mechanisms based on Weak Secrets. Retrieved fromhttps:\/\/www.iso.org\/standard\/67933.html"},{"key":"e_1_3_1_90_2","doi-asserted-by":"publisher","DOI":"10.46586\/tches.v2019.i2.1-48"},{"key":"e_1_3_1_91_2","first-page":"475","volume-title":"Proceedings of the EUROCRYPT 2001","author":"Katz Jonathan","unstructured":"Jonathan Katz, Rafail Ostrovsky, and Moti Yung. Efficient password-authenticated key exchange using human-memorable passwords. In Proceedings of the EUROCRYPT 2001. 475\u2013494."},{"issue":"10","key":"e_1_3_1_92_2","first-page":"2229","article-title":"Pretty-simple password-authenticated key-exchange protocol proven to be secure in the standard model","volume":"85","author":"Kobara Kazukuni","year":"2002","unstructured":"Kazukuni Kobara and Hideki Imai. 2002. Pretty-simple password-authenticated key-exchange protocol proven to be secure in the standard model. IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences 85-A, 10 (2002), 2229\u20132237.","journal-title":"IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences"},{"key":"e_1_3_1_93_2","first-page":"267","volume-title":"Proceedings of the SAC 2004","author":"Jiang Shaoquan","unstructured":"Shaoquan Jiang and Guang Gong. Password based key exchange with mutual authentication. In Proceedings of the SAC 2004. 267\u2013279."},{"key":"e_1_3_1_94_2","first-page":"127","volume-title":"Proceedings of the EUROCRYPT 2008","author":"Cash David","unstructured":"David Cash, Eike Kiltz, and Victor Shoup. The twin diffie-hellman problem and applications. In Proceedings of the EUROCRYPT 2008. 127\u2013145."},{"key":"e_1_3_1_95_2","first-page":"31","volume-title":"Proceedings of the TCC 2020","author":"Shoup Victor","unstructured":"Victor Shoup. Security analysis of itSPAKE2+. In Proceedings of the TCC 2020. 31\u201360."},{"key":"e_1_3_1_96_2","first-page":"1","article-title":"The security evaluated standardized password-authenticated key exchange (SESPAKE) protocol","volume":"8133","author":"Smyshlyaev Stanislav","year":"2017","unstructured":"Stanislav Smyshlyaev, Evgeny K. Alekseev, Igor B. Oshkin, and Vladimir Popov. 2017. The security evaluated standardized password-authenticated key exchange (SESPAKE) protocol. RFC 8133 (2017), 1\u201351.","journal-title":"RFC"},{"key":"e_1_3_1_97_2","article-title":"PAK-Z+","author":"Gentry Craig","year":"2005","unstructured":"Craig Gentry, Philip MacKenzie, and Zulfikar Ramzan. 2005. PAK-Z+. Submission to IEEE P1363.2.","journal-title":"Submission to IEEE P1363.2"},{"key":"e_1_3_1_98_2","first-page":"839","volume-title":"Proceedings of the SensorComm 2008","author":"Harkins Dan","unstructured":"Dan Harkins. Simultaneous authentication of equals: A secure, password-based key exchange for mesh networks. In Proceedings of the SensorComm 2008. 839\u2013844."},{"key":"e_1_3_1_99_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3372799"},{"key":"e_1_3_1_100_2","first-page":"425","volume-title":"Proceedings of the ACM CCS 2020","author":"McQuoid Ian","unstructured":"Ian McQuoid, Mike Rosulek, and Lawrence Roy. Minimal symmetric PAKE and 1-out-of-N OT from programmable-once public functions. In Proceedings of the ACM CCS 2020. 425\u2013442."},{"key":"e_1_3_1_101_2","article-title":"Efficient augmented password-only authentication and key exchange for IKEv2","volume":"6628","author":"Shin SeongHan","year":"2012","unstructured":"SeongHan Shin and Kazukuni Kobara. 2012. Efficient augmented password-only authentication and key exchange for IKEv2. RFC 6628.","journal-title":"RFC"},{"key":"e_1_3_1_102_2","first-page":"1","article-title":"J-PAKE: Password-authenticated key exchange by juggling","volume":"8236","author":"Hao Feng","year":"2017","unstructured":"Feng Hao. 2017. J-PAKE: Password-authenticated key exchange by juggling. RFC 8236 (2017), 1\u201315.","journal-title":"RFC"},{"volume-title":"OpenSSL Project","year":"2023","key":"e_1_3_1_103_2","unstructured":"2023. OpenSSL Project. Retrieved 30 July 2023 fromhttps:\/\/www.openssl.org"},{"volume-title":"Pale Moon Sync","year":"2023","key":"e_1_3_1_104_2","unstructured":"2023. Pale Moon Sync. Retrieved 30 July 2023 fromhttps:\/\/www.palemoon.org\/sync\/"},{"key":"e_1_3_1_105_2","first-page":"404","volume-title":"Proceedings of the EUROCRYPT 2005","author":"Canetti Ran","unstructured":"Ran Canetti, Shai Halevi, Jonathan Katz, Yehuda Lindell, and Philip D. MacKenzie. Universally composable password-based key exchange. In Proceedings of the EUROCRYPT 2005. 404\u2013421."},{"key":"e_1_3_1_106_2","first-page":"332","volume-title":"Proceedings of the ASIACRYPT 2006","author":"Abdalla Michel","unstructured":"Michel Abdalla and David Pointcheval. A scalable password-based group key exchange protocol in the standard model. In Proceedings of the ASIACRYPT 2006. 332\u2013347."},{"volume-title":"Proceedings of the EUROCRYPT 2012","author":"Micciancio Daniele","key":"e_1_3_1_107_2","unstructured":"Daniele Micciancio and Chris Peikert. Trapdoors for lattices: Simpler, tighter, faster, smaller. In Proceedings of the EUROCRYPT 2012."},{"key":"e_1_3_1_108_2","first-page":"45","volume-title":"Proceedings of the EUROCRYPT 2002","author":"Cramer Ronald","unstructured":"Ronald Cramer and Victor Shoup. Universal hash proofs and a paradigm for adaptive chosen ciphertext secure public-key encryption. In Proceedings of the EUROCRYPT 2002. 45\u201364."},{"key":"e_1_3_1_109_2","first-page":"197","volume-title":"Proceedings of the PQCrypto 2014","author":"Peikert Chris","unstructured":"Chris Peikert. Lattice cryptography for the internet. In Proceedings of the PQCrypto 2014. 197\u2013219."},{"volume-title":"Proceedings of the ACM STOC 1989","author":"Naor Moni","key":"e_1_3_1_110_2","unstructured":"Moni Naor and Moti Yung. Universal one-way hash functions and their cryptographic applications. In Proceedings of the ACM STOC 1989."},{"key":"e_1_3_1_111_2","first-page":"426","volume-title":"Proceedings of the CRYPTO 2004","author":"Kurosawa Kaoru","unstructured":"Kaoru Kurosawa and Yvo Desmedt. A new paradigm of hybrid encryption scheme. In Proceedings of the CRYPTO 2004. 426\u2013442."},{"key":"e_1_3_1_112_2","first-page":"112","article-title":"A proposal for an ISO standard for public key encryption","author":"Shoup Victor","year":"2001","unstructured":"Victor Shoup. 2001. A proposal for an ISO standard for public key encryption. IACR Cryptol. ePrint Arch., 112.","journal-title":"IACR Cryptol. ePrint Arch."},{"volume-title":"Proceedings of the SCN 2020","author":"Hesse Julia","key":"e_1_3_1_113_2","unstructured":"Julia Hesse. Separating symmetric and asymmetric password-authenticated key exchange. In Proceedings of the SCN 2020."},{"key":"e_1_3_1_114_2","first-page":"571","volume-title":"Proceedings of the IEEE S&P 2015","author":"Abdalla Michel","unstructured":"Michel Abdalla, Fabrice Benhamouda, and Philip MacKenzie. Security of the J-PAKE password-authenticated key exchange protocol. In Proceedings of the IEEE S&P 2015. 571\u2013587."},{"key":"e_1_3_1_115_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2006.08.005"},{"key":"e_1_3_1_116_2","doi-asserted-by":"publisher","DOI":"10.5555\/1568537.1568538"},{"key":"e_1_3_1_117_2","doi-asserted-by":"publisher","DOI":"10.1002\/dac.1168"},{"key":"e_1_3_1_118_2","doi-asserted-by":"crossref","unstructured":"Shirisha Tallapally. 2012. Security enhancement on Simple Three Party PAKE Protocol. Information Technology and Control 41 1 (2012) 15\u201322.","DOI":"10.5755\/j01.itc.41.1.842"},{"key":"e_1_3_1_119_2","doi-asserted-by":"publisher","DOI":"10.5755\/j01.itc.43.2.3790"},{"key":"e_1_3_1_120_2","doi-asserted-by":"publisher","DOI":"10.5755\/j01.itc.44.4.9729"},{"key":"e_1_3_1_121_2","doi-asserted-by":"publisher","DOI":"10.1007\/s12652-018-1029-3"},{"issue":"3","key":"e_1_3_1_122_2","first-page":"57:1\u201357:32","article-title":"A survey of group key agreement protocols with constant rounds","volume":"52","author":"Xiong Hu","year":"2019","unstructured":"Hu Xiong, Yan Wu, and Zhenyu Lu. 2019. A survey of group key agreement protocols with constant rounds. ACM Computing Surveys 52, 3 (2019), 57:1\u201357:32.","journal-title":"ACM Computing Surveys"},{"key":"e_1_3_1_123_2","first-page":"417","volume-title":"Proceedings of the CRYPTO 1985","author":"Miller Victor S.","unstructured":"Victor S. Miller. Use of elliptic curves in cryptography. In Proceedings of the CRYPTO 1985. 417\u2013426."},{"key":"e_1_3_1_124_2","doi-asserted-by":"publisher","DOI":"10.1090\/S0025-5718-1987-0866109-5"},{"key":"e_1_3_1_125_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1985.1057074"},{"key":"e_1_3_1_126_2","volume-title":"NIST special publication 800-57 part 1 revision 5","author":"Barker E.","year":"2020","unstructured":"E. Barker. 2020. NIST special publication 800-57 part 1 revision 5. DOI:https:\/\/doi.org\/10.6028\/NIST.SP.800-57pt1r5"},{"key":"e_1_3_1_127_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-46588-1_29"},{"key":"e_1_3_1_128_2","doi-asserted-by":"publisher","DOI":"10.1145\/359340.359342"},{"key":"e_1_3_1_129_2","first-page":"84","volume-title":"Proceedings of the STOC 2005","author":"Regev Oded","unstructured":"Oded Regev. On lattices, learning with errors, random linear codes, and cryptography. In Proceedings of the STOC 2005. 84\u201393."},{"key":"e_1_3_1_130_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2024.3372804"},{"key":"e_1_3_1_131_2","first-page":"1","volume-title":"Proceedings of the NDSS 2020","author":"Sikeridis Dimitrios","unstructured":"Dimitrios Sikeridis, Panos Kampanakis, and Michael Devetsikiotis. Post-quantum authentication in TLS 1.3: A performance study. In Proceedings of the NDSS 2020. 1\u201316."},{"key":"e_1_3_1_132_2","doi-asserted-by":"publisher","DOI":"10.1007\/BF00124891"},{"key":"e_1_3_1_133_2","doi-asserted-by":"publisher","DOI":"10.1002\/dac.2468"},{"key":"e_1_3_1_134_2","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8446"},{"key":"e_1_3_1_135_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2018.2834351"},{"key":"e_1_3_1_136_2","first-page":"103","volume-title":"Proceedings of the Logic, Language, and Security 2020","author":"Sherman Alan T.","unstructured":"Alan T. Sherman, Erin Lanus, Moses Liskov, Edward Zieglar, Richard Chang, Enis Golaszewski, Ryan Wnuk-Fink, Cyrus J. Bonyadi, Mario Yaksetig, and Ian Blumenfeld. Formal methods analysis of the secure remote password protocol. In Proceedings of the Logic, Language, and Security 2020. 103\u2013126."},{"key":"e_1_3_1_137_2","first-page":"381","article-title":"A survey on public key mechanism in wireless sensor networks","author":"He Y.","unstructured":"Y. He, F. Sun, Q. Li, J. He, and L. Wang. A survey on public key mechanism in wireless sensor networks. Chinese Journal of Computers, 381\u2013408.","journal-title":"Chinese Journal of Computers"},{"key":"e_1_3_1_138_2","first-page":"356","volume-title":"Proceedings of the CRYPTO 2019","author":"Don Jelle","unstructured":"Jelle Don, Serge Fehr, Christian Majenz, and Christian Schaffner. Security of the Fiat-Shamir Transformation in the Quantum Random-Oracle Model. In Proceedings of the CRYPTO 2019. 356\u2013383."},{"key":"e_1_3_1_139_2","first-page":"788","volume-title":"Proceedings of the EUROCRYPT 2020","author":"Alagic Gorjan","unstructured":"Gorjan Alagic, Christian Majenz, Alexander Russell, and Fang Song. Quantum-access-secure message authentication via blind-unforgeability. In Proceedings of the EUROCRYPT 2020. 788\u2013817."},{"key":"e_1_3_1_140_2","first-page":"1","volume-title":"Proceedings of the CRYPTO 2008","author":"Coron Jean-S\u00e9bastien","unstructured":"Jean-S\u00e9bastien Coron, Jacques Patarin, and Yannick Seurin. The random oracle model and the ideal cipher model are equivalent. In Proceedings of the CRYPTO 2008. 1\u201320."},{"volume-title":"Proc. FOCS 2001","author":"Canetti Ran","key":"e_1_3_1_141_2","unstructured":"Ran Canetti. Universally composable security: A new paradigm for cryptographic protocols. In Proc. FOCS 2001."},{"key":"e_1_3_1_142_2","first-page":"278","volume-title":"Proceedings of the CRYPTO 2020","author":"Abdalla Michel","unstructured":"Michel Abdalla, Manuel Barbosa, Tatiana Bradley, Stanis\u0142aw Jarecki, Jonathan Katz, and Jiayu Xu. Universally composable relaxed password authenticated key exchange. In Proceedings of the CRYPTO 2020. 278\u2013307."},{"key":"e_1_3_1_143_2","first-page":"149","volume-title":"Proceedings of the AAECC 2009","author":"Shin SeongHan","unstructured":"SeongHan Shin, Kazukuni Kobara, and Hideki Imai. Very-efficient anonymous password-authenticated key exchange and its extensions. In Proceedings of the AAECC 2009. 149\u2013158."},{"key":"e_1_3_1_144_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-016-5522-z"},{"issue":"3","key":"e_1_3_1_145_2","first-page":"230","article-title":"Public-key cryptography and password protocols","volume":"2","author":"Halevi Shai","year":"1999","unstructured":"Shai Halevi and Hugo Krawczyk. 1999. Public-key cryptography and password protocols. ACM Transactions on Privacy and Security 2, 3 (1999), 230\u2013268.","journal-title":"ACM Transactions on Privacy and Security"},{"key":"e_1_3_1_146_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2014.07.010"},{"key":"e_1_3_1_147_2","first-page":"34","volume-title":"Proceedings of the ASIACRYPT 2025","author":"Lyu You","unstructured":"You Lyu, Shengli Liu, and Shuai Han. Efficient asymmetric PAKE compiler from KEM and AE. In Proceedings of the ASIACRYPT 2025. 34\u201365."},{"key":"e_1_3_1_148_2","first-page":"120","volume-title":"Proceedings of the EUROCRYPT 2024","author":"Lyu You","unstructured":"You Lyu, Shengli Liu, and Shuai Han. Universal composable password authenticated key exchange for the post-quantum world. In Proceedings of the EUROCRYPT 2024. 120\u2013150."},{"key":"e_1_3_1_149_2","unstructured":"A. Menezes M. Qu and S. Vanstone. 1995. Some new key agreement protocols providing mutual implicit authentication. (1995)."},{"key":"e_1_3_1_150_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSMC.2019.2905253"},{"key":"e_1_3_1_151_2","doi-asserted-by":"publisher","DOI":"10.1109\/TCYB.2019.2903817"},{"key":"e_1_3_1_152_2","first-page":"333","volume-title":"Proceedings of the STOC 2009","author":"Peikert Chris","unstructured":"Chris Peikert. Public-key cryptosystems from the worst-case shortest vector problem: Extended abstract. In Proceedings of the STOC 2009. 333\u2013342."},{"key":"e_1_3_1_153_2","first-page":"554","volume-title":"Proceedings of the CRYPTO 2008","author":"Peikert Chris","unstructured":"Chris Peikert, Vinod Vaikuntanathan, and Brent Waters. A framework for efficient and composable oblivious transfer. In Proceedings of the CRYPTO 2008. 554\u2013571."},{"key":"e_1_3_1_154_2","doi-asserted-by":"publisher","DOI":"10.1145\/1613676.1613679"},{"key":"e_1_3_1_155_2","first-page":"233","volume-title":"Proceedings of the ASIACRYPT 2014","author":"Jarecki Stanislaw","unstructured":"Stanislaw Jarecki, Aggelos Kiayias, and Hugo Krawczyk. Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In Proceedings of the ASIACRYPT 2014. 233\u2013253."},{"key":"e_1_3_1_156_2","volume-title":"Twitter Advising All 330 Million Users to Change Passwords After Bug Exposed them in Plain Text","author":"Gartenberg Chaim","year":"2018","unstructured":"Chaim Gartenberg. 2018. Twitter Advising All 330 Million Users to Change Passwords After Bug Exposed them in Plain Text. Retrieved from https:\/\/bit.ly\/3O8wHuE"},{"issue":"5","key":"e_1_3_1_157_2","first-page":"88:1\u201388:48","article-title":"Dynamic malware analysis in the modern era - A state of the art survey","volume":"52","author":"Or-Meir Ori","year":"2019","unstructured":"Ori Or-Meir, Nir Nissim, Yuval Elovici, and Lior Rokach. 2019. Dynamic malware analysis in the modern era - A state of the art survey. ACM Computing Surveys 52, 5 (2019), 88:1\u201388:48.","journal-title":"ACM Computing Surveys"},{"volume-title":"2025 Data Breach Investigations Report","year":"2025","key":"e_1_3_1_158_2","unstructured":"Verizon. 2025. 2025 Data Breach Investigations Report. Retrieved 29 October 2025. fromhttps:\/\/www.verizon.com\/business\/resources\/reports\/2025-dbir-data-breach-investigations-report.pdf"},{"key":"e_1_3_1_159_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2020.2979856"},{"key":"e_1_3_1_160_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2023.3287394"},{"key":"e_1_3_1_161_2","first-page":"1281","volume-title":"Proceedings of the IEEE S&P 2022","author":"Esgin Muhammed F.","unstructured":"Muhammed F. Esgin, Ron Steinfeld, and Raymond K. Zhao. MatRiCT \\({}^{\\mbox{+}}\\) : More efficient post-quantum private blockchain payments. In Proceedings of the IEEE S&P 2022. 1281\u20131298."},{"key":"e_1_3_1_162_2","first-page":"106","volume-title":"Proceedings of the IEEE S&P 2019","author":"Dziembowski Stefan","unstructured":"Stefan Dziembowski, Lisa Eckey, Sebastian Faust, and Daniel Malinowski. Perun: Virtual payment hubs over cryptocurrencies. In Proceedings of the IEEE S&P 2019. 106\u2013123."},{"issue":"5","key":"e_1_3_1_163_2","first-page":"1859","article-title":"Distributed authentication method of internet of things based on public blockchain","volume":"51","author":"Yuan G.","year":"2021","unstructured":"G. Yuan, S. Wen, Q. Tang, Y. Ma, and S. Feng. 2021. Distributed authentication method of internet of things based on public blockchain. Computer Engineering and Design 51, 5 (2021), 1859\u20131866.","journal-title":"Computer Engineering and Design"},{"key":"e_1_3_1_164_2","first-page":"278","volume-title":"Proceedings of the SPW 2017","author":"Roscoe A. W.","unstructured":"A. W. Roscoe and Peter Y. A. Ryan. Auditable PAKEs: Approaching fair exchange without a TTP. In Proceedings of the SPW 2017. 278\u2013297."},{"key":"e_1_3_1_165_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3116429"},{"volume-title":"Proceedings of the Cryptology ePrint Archive, Paper 2025\/119","author":"Alnahawi Nouri","key":"e_1_3_1_166_2","unstructured":"Nouri Alnahawi, David Haas, Erik Mau\u00df, and Alexander Wiesmaier. SoK: PQC PAKEs - cryptographic primitives, design and security. In Proceedings of the Cryptology ePrint Archive, Paper 2025\/119, Retrieved fromhttps:\/\/eprint.iacr.org\/2025\/119"},{"key":"e_1_3_1_167_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3129512"},{"volume-title":"Post-Quantum Cryptography: Selected Algorithms","year":"2025","key":"e_1_3_1_168_2","unstructured":"NIST. 2025. Post-Quantum Cryptography: Selected Algorithms. Retrieved 29 October 2025 fromhttps:\/\/csrc.nist.gov\/Projects\/post-quantum-cryptography\/selected-algorithms"},{"key":"e_1_3_1_169_2","doi-asserted-by":"crossref","unstructured":"Taekyoung Kwon. 2004. Practical authenticated key agreement using passwords. In International Conference on Information Security. 1\u201312.","DOI":"10.1007\/978-3-540-30144-8_1"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3774642","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T14:31:28Z","timestamp":1765031488000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3774642"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,6]]},"references-count":168,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2026,4,30]]}},"alternative-id":["10.1145\/3774642"],"URL":"https:\/\/doi.org\/10.1145\/3774642","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"type":"print","value":"0360-0300"},{"type":"electronic","value":"1557-7341"}],"subject":[],"published":{"date-parts":[[2025,12,6]]},"assertion":[{"value":"2023-07-10","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-10-13","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-12-06","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}