Paper 2025/119

SoK: PQC PAKEs - Cryptographic Primitives, Design and Security

Nouri Alnahawi, Darmstadt University of Applied Sciences
David Haas, TU Darmstadt
Erik Mauß, Darmstadt University of Applied Sciences
Alexander Wiesmaier, Darmstadt University of Applied Sciences
Abstract

Password Authenticated Key Exchange (PAKE) establishes secure communication channels using relatively short, often human memorable, passwords for authentication. The currently standardized PAKEs however rely on classical asymmetric (public key) cryptography. Thus, these classical PAKEs may become insecure, should the expected quantum threat become a reality. Despite the growing interest in realizing quantum-safe PAKEs, they did not receive much attention from the ongoing Post-Quantum Cryptography (PQC) integration efforts. Thus, there is a significant gap in awareness compared to PQC primitives subject to the official governmental and institutional standardization processes. In this work, we provide a comprehensive overview of the existing PQC PAKEs focusing on their design rationales, authentication methods and asymmetric key agreement primitives. Further, we classify PQC PAKEs w.r.t. their properties and security assurances. Finally, we address PAKE designs that are still unexplored in the PQC realm and discuss the possibility of their adaptation. Thus, we offer a detailed reference for future work on PQC PAKEs.

Note: Updated author affiliations. Major Revision into Long Paper.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Systematization of KnowledgePassword Authenticated Key ExchangePost-Quantum CryptographyPublic-Key Cryptography
Contact author(s)
nouri alnahawi @ h-da de
david haas1 @ stud tu-darmstadt de
erik mauss @ stud h-da de
alexander wiesmaier @ h-da de
History
2025-04-17: last of 5 revisions
2025-01-26: received
See all versions
Short URL
https://ia.cr/2025/119
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/119,
      author = {Nouri Alnahawi and David Haas and Erik Mauß and Alexander Wiesmaier},
      title = {{SoK}: {PQC} {PAKEs} - Cryptographic Primitives, Design and Security},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/119},
      year = {2025},
      url = {https://eprint.iacr.org/2025/119}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.