docs/1.1_PAKE_Extension.0-bet.0/html/intro.html - mirror/mbed-crypto - TrustedFirmware Git Browser


 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

 <html xmlns="http://www.w3.org/1999/xhtml">
   <head>
     <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
     <title>1. Introduction &#8212; PSA Crypto API PAKE Extension 1.1 PAKE Extension.0-bet.0 documentation</title>
     <link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
     <link rel="stylesheet" href="_static/pygments.css" type="text/css" />
     <script type="text/javascript">
       var DOCUMENTATION_OPTIONS = {
         URL_ROOT:    './',
         VERSION:     '1.1 PAKE Extension.0-bet.0',
         COLLAPSE_INDEX: false,
         FILE_SUFFIX: '.html',
         HAS_SOURCE:  false,
         SOURCELINK_SUFFIX: '.txt'
       };
     </script>
     <script type="text/javascript" src="_static/jquery.js"></script>
     <script type="text/javascript" src="_static/underscore.js"></script>
     <script type="text/javascript" src="_static/doctools.js"></script>
     <link rel="author" title="About these documents" href="about.html" />
     <link rel="index" title="Index" href="genindex.html" />
     <link rel="search" title="Search" href="search.html" />
     <link rel="next" title="2. Password-authenticated key exchange (PAKE)" href="pake.html" />
     <link rel="prev" title="About this document" href="about.html" />

   <link rel="stylesheet" href="_static/custom.css" type="text/css" />

   <meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />

   </head>
   <body>


     <div class="document">
       <div class="documentwrapper">
         <div class="bodywrapper">
           <div class="body" role="main">

   <div class="section" id="introduction">
 <h1>1. Introduction</h1>
 <p>This document introduces an extension to the <span><em>PSA Cryptography API</em> <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite">[PSA-CRYPT]</span></a></span> specification, to provide support for <a class="reference internal" href="about.html#term-password-authenticated-key-exchange"><span class="term">Password-authenticated key exchange</span></a> (PAKE) algorithms, and specifically for the J-PAKE algorithm.</p>
 <p>When the proposed extension is sufficiently stable to be classed as Final, it will be integrated into a future version of <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite psa_c psa_c-cite">[PSA-CRYPT]</span></a>.</p>
 <p>This specification must be read and implemented in conjunction with <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite psa_c psa_c-cite">[PSA-CRYPT]</span></a>. All of the conventions, design considerations, and implementation considerations that are described in <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite psa_c psa_c-cite">[PSA-CRYPT]</span></a> apply to this specification.</p>
 <div class="admonition note">
 <p class="first admonition-title">Note</p>
 <p class="last">This extension has been developed in conjunction with the <span><em>Mbed TLS</em> <a class="reference internal" href="about.html#citation-mbed-tls"><span class="cite">[MBED-TLS]</span></a></span> project, which is developing an implementation of the PSA Cryptography API.</p>
 </div>
 <div class="rationale admonition docutils container">
 <p class="admonition-title"><strong>Note</strong></p>
 <p>This version of the document includes <em>Rationale</em> commentary that provides background information relating to the design decisions that led to the current proposal. This enables the reader to understand the wider context and alternative approaches that have been considered.</p>
 <p>The rationale is presented in green boxes, as this note is.</p>
 </div>
 <div class="section" id="objectives-for-the-pake-extension">
 <h2>1.1. Objectives for the PAKE Extension</h2>
 <div class="section" id="scheme-review">
 <h3>1.1.1. Scheme review</h3>
 <p>There are a number of PAKE protocols in circulation, but none of them are used widely in practice, and they are very different in scope and mechanics.
 The API proposed for the PSA Cryptography API focuses on schemes that are most likely to be needed by users. A number of factors are used to identify important PAKE algorithms.</p>
 <div class="section" id="wide-deployment">
 <h4>Wide deployment</h4>
 <p>Considering PAKE schemes with already wide deployment allows users with existing applications to migrate to PSA.
 Currently there is only one scheme with non-negligible success in the industry: Secure Remote Password (SRP).</p>
 </div>
 <div class="section" id="requests">
 <h4>Requests</h4>
 <p>Some PAKE schemes have been requested by the community and need to be supported.
 Currently, these are SPAKE2+ and J-PAKE (in particular the Elliptic Curve based variant, sometimes known as ECJPAKE)</p>
 </div>
 <div class="section" id="standardization">
 <h4>Standardization</h4>
 <p>There are PAKE schemes that are being standardized and will be recommended for use in future protocols.
 To ensure that the API is future proof, we need to consider these.
 The CFRG recommends CPace and OPAQUE for use in IETF protocols.
 These are also recommended for use in TLS and IKE in the future.</p>
 </div>
 <div class="section" id="applications">
 <h4>Applications</h4>
 <p>Some of these schemes are used in popular protocols. This information confirms the choices already made and can help to extend the list in future:</p>
 <table border="1" class="colwidths-auto docutils align-left">
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">PAKE scheme</th>
 <th class="head">Protocols</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>J-PAKE</td>
 <td>TLS, THREAD v1</td>
 </tr>
 <tr class="row-odd"><td>SPAKE2+</td>
 <td>CHIP</td>
 </tr>
 <tr class="row-even"><td>SRP</td>
 <td>TLS</td>
 </tr>
 <tr class="row-odd"><td>OPAQUE</td>
 <td>TLS, IKE</td>
 </tr>
 <tr class="row-even"><td>CPace</td>
 <td>TLS, IKE</td>
 </tr>
 <tr class="row-odd"><td>Dragonfly</td>
 <td>WPA3 (Before including the Dragonblood attack should be considered as well.)</td>
 </tr>
 <tr class="row-even"><td>SPAKE</td>
 <td>Kerberos 5 v1.17</td>
 </tr>
 <tr class="row-odd"><td>PACE</td>
 <td>IKEv2</td>
 </tr>
 <tr class="row-even"><td>AugPAKE</td>
 <td>IKEv2</td>
 </tr>
 </tbody>
 </table>
 </div>
 </div>
 <div class="section" id="scope-of-the-pake-extension">
 <h3>1.1.2. Scope of the PAKE Extension</h3>
 <p>The following PAKE schemes are considered in the PSA Crypto API design:</p>
 <table border="1" class="colwidths-auto docutils align-left">
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">Balanced</th>
 <th class="head">Augmented</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td><p class="first">J-PAKE</p>
 <p>SPAKE2</p>
 <p class="last">CPace</p>
 </td>
 <td><p class="first">SRP</p>
 <p>SPAKE2+</p>
 <p class="last">OPAQUE</p>
 </td>
 </tr>
 </tbody>
 </table>
 <div class="section" id="scope-of-this-specification">
 <h4>Scope of this specification</h4>
 <p>The current API proposal provides the general interface for PAKE algorithms, and the specific interface for J-PAKE.</p>
 </div>
 <div class="section" id="out-of-scope">
 <h4>Out of scope</h4>
 <p>PAKE protocols that do not fit into any of the above categories are not taken into consideration in the proposed API.
 Some schemes like that are:</p>
 <table border="1" class="colwidths-auto docutils align-left">
 <thead valign="bottom">
 <tr class="row-odd"><th class="head">PAKE scheme</th>
 <th class="head">Specification</th>
 </tr>
 </thead>
 <tbody valign="top">
 <tr class="row-even"><td>AMP</td>
 <td>IEEE 1363.2, ISO/IEC 11770-4</td>
 </tr>
 <tr class="row-odd"><td>BSPEKE2</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-even"><td>PAKZ</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-odd"><td>PPK</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-even"><td>SPEKE</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-odd"><td>WSPEKE</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-even"><td>SPEKE</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-odd"><td>PAK</td>
 <td>IEEE 1363.2, X.1035, RFC 5683</td>
 </tr>
 <tr class="row-even"><td>EAP-PWD</td>
 <td>RFC 5931</td>
 </tr>
 <tr class="row-odd"><td>EAP-EKE</td>
 <td>RFC 6124</td>
 </tr>
 <tr class="row-even"><td>IKE-PSK</td>
 <td>RFC 6617</td>
 </tr>
 <tr class="row-odd"><td>PACE for IKEv2</td>
 <td>RFC 6631</td>
 </tr>
 <tr class="row-even"><td>AugPAKE for IKEv2</td>
 <td>RFC 6628</td>
 </tr>
 <tr class="row-odd"><td>PAR</td>
 <td>IEEE 1363.2</td>
 </tr>
 <tr class="row-even"><td>SESPAKE</td>
 <td>RFC 8133</td>
 </tr>
 <tr class="row-odd"><td>ITU-T</td>
 <td>X.1035</td>
 </tr>
 <tr class="row-even"><td>SPAKE1</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-odd"><td>Dragonfly</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-even"><td>B-SPEKE</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-odd"><td>PKEX</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-even"><td>EKE</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-odd"><td>Augmented-EKE</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-even"><td>PAK-X</td>
 <td>&#160;</td>
 </tr>
 <tr class="row-odd"><td>PAKE</td>
 <td>&#160;</td>
 </tr>
 </tbody>
 </table>
 <p>The exception is SPAKE2, because of it is related to SPAKE2+.</p>
 </div>
 </div>
 </div>
 </div>


           </div>
         </div>
       </div>
       <div class="sphinxsidebar" role="navigation" aria-label="main navigation">
         <div class="sphinxsidebarwrapper"><h3><a href="index.html"><b>PSA Crypto API PAKE Extension</b></a></h3>
 AES 0058<br/>
 Non-confidential<br/>
 Version 1.1 PAKE Extension.0-bet.0
 <span style="color: red; font-weight: bold;"></span>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a></li>
 </ul>
 <ul class="current">
 <li class="toctree-l1 current"><a class="current reference internal" href="#">1. Introduction</a><ul>
 <li class="toctree-l2"><a class="reference internal" href="#objectives-for-the-pake-extension">1.1. Objectives for the PAKE Extension</a><ul>
 <li class="toctree-l3"><a class="reference internal" href="#scheme-review">1.1.1. Scheme review</a></li>
 <li class="toctree-l3"><a class="reference internal" href="#scope-of-the-pake-extension">1.1.2. Scope of the PAKE Extension</a></li>
 </ul>
 </li>
 </ul>
 </li>
 <li class="toctree-l1"><a class="reference internal" href="pake.html">2. Password-authenticated key exchange (PAKE)</a></li>
 </ul>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
 <li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
 </ul>
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="psa_c-identifiers.html">Index of API elements</a></li>
 </ul>
 <div id="searchbox" style="display: none" role="search">
   <h3>Quick search</h3>
     <form class="search" action="search.html" method="get">
       <div><input type="text" name="q" /></div>
       <div><input type="submit" value="Go" /></div>
       <input type="hidden" name="check_keywords" value="yes" />
       <input type="hidden" name="area" value="default" />
     </form>
 </div>
 <script type="text/javascript">$('#searchbox').show(0);</script>
         </div>
       </div>
       <div class="clearer"></div>
     </div>
     <div class="footer">
       &copy; 2022, Arm Limited or its affiliates. All rights reserved.

       |
       Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
       &amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>

     </div>


   </body>
 </html>

	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
	"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

	<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<title>1. Introduction — PSA Crypto API PAKE Extension 1.1 PAKE Extension.0-bet.0 documentation</title>
	<link rel="stylesheet" href="_static/alabaster.css" type="text/css" />
	<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
	<script type="text/javascript">
	var DOCUMENTATION_OPTIONS = {
	URL_ROOT: './',
	VERSION: '1.1 PAKE Extension.0-bet.0',
	COLLAPSE_INDEX: false,
	FILE_SUFFIX: '.html',
	HAS_SOURCE: false,
	SOURCELINK_SUFFIX: '.txt'
	};
	</script>
	<script type="text/javascript" src="_static/jquery.js"></script>
	<script type="text/javascript" src="_static/underscore.js"></script>
	<script type="text/javascript" src="_static/doctools.js"></script>
	<link rel="author" title="About these documents" href="about.html" />
	<link rel="index" title="Index" href="genindex.html" />
	<link rel="search" title="Search" href="search.html" />
	<link rel="next" title="2. Password-authenticated key exchange (PAKE)" href="pake.html" />
	<link rel="prev" title="About this document" href="about.html" />

	<link rel="stylesheet" href="_static/custom.css" type="text/css" />

	<meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />

	</head>
	<body>


	<div class="document">
	<div class="documentwrapper">
	<div class="bodywrapper">
	<div class="body" role="main">

	<div class="section" id="introduction">
	<h1>1. Introduction</h1>
	<p>This document introduces an extension to the <span><em>PSA Cryptography API</em> <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite">[PSA-CRYPT]</span></a></span> specification, to provide support for <a class="reference internal" href="about.html#term-password-authenticated-key-exchange"><span class="term">Password-authenticated key exchange</span></a> (PAKE) algorithms, and specifically for the J-PAKE algorithm.</p>
	<p>When the proposed extension is sufficiently stable to be classed as Final, it will be integrated into a future version of <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite psa_c psa_c-cite">[PSA-CRYPT]</span></a>.</p>
	<p>This specification must be read and implemented in conjunction with <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite psa_c psa_c-cite">[PSA-CRYPT]</span></a>. All of the conventions, design considerations, and implementation considerations that are described in <a class="reference internal" href="about.html#citation-psa-crypt"><span class="cite psa_c psa_c-cite">[PSA-CRYPT]</span></a> apply to this specification.</p>
	<div class="admonition note">
	<p class="first admonition-title">Note</p>
	<p class="last">This extension has been developed in conjunction with the <span><em>Mbed TLS</em> <a class="reference internal" href="about.html#citation-mbed-tls"><span class="cite">[MBED-TLS]</span></a></span> project, which is developing an implementation of the PSA Cryptography API.</p>
	</div>
	<div class="rationale admonition docutils container">
	<p class="admonition-title"><strong>Note</strong></p>
	<p>This version of the document includes <em>Rationale</em> commentary that provides background information relating to the design decisions that led to the current proposal. This enables the reader to understand the wider context and alternative approaches that have been considered.</p>
	<p>The rationale is presented in green boxes, as this note is.</p>
	</div>
	<div class="section" id="objectives-for-the-pake-extension">
	<h2>1.1. Objectives for the PAKE Extension</h2>
	<div class="section" id="scheme-review">
	<h3>1.1.1. Scheme review</h3>
	<p>There are a number of PAKE protocols in circulation, but none of them are used widely in practice, and they are very different in scope and mechanics.
	The API proposed for the PSA Cryptography API focuses on schemes that are most likely to be needed by users. A number of factors are used to identify important PAKE algorithms.</p>
	<div class="section" id="wide-deployment">
	<h4>Wide deployment</h4>
	<p>Considering PAKE schemes with already wide deployment allows users with existing applications to migrate to PSA.
	Currently there is only one scheme with non-negligible success in the industry: Secure Remote Password (SRP).</p>
	</div>
	<div class="section" id="requests">
	<h4>Requests</h4>
	<p>Some PAKE schemes have been requested by the community and need to be supported.
	Currently, these are SPAKE2+ and J-PAKE (in particular the Elliptic Curve based variant, sometimes known as ECJPAKE)</p>
	</div>
	<div class="section" id="standardization">
	<h4>Standardization</h4>
	<p>There are PAKE schemes that are being standardized and will be recommended for use in future protocols.
	To ensure that the API is future proof, we need to consider these.
	The CFRG recommends CPace and OPAQUE for use in IETF protocols.
	These are also recommended for use in TLS and IKE in the future.</p>
	</div>
	<div class="section" id="applications">
	<h4>Applications</h4>
	<p>Some of these schemes are used in popular protocols. This information confirms the choices already made and can help to extend the list in future:</p>
	<table border="1" class="colwidths-auto docutils align-left">
	<thead valign="bottom">
	<tr class="row-odd"><th class="head">PAKE scheme</th>
	<th class="head">Protocols</th>
	</tr>
	</thead>
	<tbody valign="top">
	<tr class="row-even"><td>J-PAKE</td>
	<td>TLS, THREAD v1</td>
	</tr>
	<tr class="row-odd"><td>SPAKE2+</td>
	<td>CHIP</td>
	</tr>
	<tr class="row-even"><td>SRP</td>
	<td>TLS</td>
	</tr>
	<tr class="row-odd"><td>OPAQUE</td>
	<td>TLS, IKE</td>
	</tr>
	<tr class="row-even"><td>CPace</td>
	<td>TLS, IKE</td>
	</tr>
	<tr class="row-odd"><td>Dragonfly</td>
	<td>WPA3 (Before including the Dragonblood attack should be considered as well.)</td>
	</tr>
	<tr class="row-even"><td>SPAKE</td>
	<td>Kerberos 5 v1.17</td>
	</tr>
	<tr class="row-odd"><td>PACE</td>
	<td>IKEv2</td>
	</tr>
	<tr class="row-even"><td>AugPAKE</td>
	<td>IKEv2</td>
	</tr>
	</tbody>
	</table>
	</div>
	</div>
	<div class="section" id="scope-of-the-pake-extension">
	<h3>1.1.2. Scope of the PAKE Extension</h3>
	<p>The following PAKE schemes are considered in the PSA Crypto API design:</p>
	<table border="1" class="colwidths-auto docutils align-left">
	<thead valign="bottom">
	<tr class="row-odd"><th class="head">Balanced</th>
	<th class="head">Augmented</th>
	</tr>
	</thead>
	<tbody valign="top">
	<tr class="row-even"><td><p class="first">J-PAKE</p>
	<p>SPAKE2</p>
	<p class="last">CPace</p>
	</td>
	<td><p class="first">SRP</p>
	<p>SPAKE2+</p>
	<p class="last">OPAQUE</p>
	</td>
	</tr>
	</tbody>
	</table>
	<div class="section" id="scope-of-this-specification">
	<h4>Scope of this specification</h4>
	<p>The current API proposal provides the general interface for PAKE algorithms, and the specific interface for J-PAKE.</p>
	</div>
	<div class="section" id="out-of-scope">
	<h4>Out of scope</h4>
	<p>PAKE protocols that do not fit into any of the above categories are not taken into consideration in the proposed API.
	Some schemes like that are:</p>
	<table border="1" class="colwidths-auto docutils align-left">
	<thead valign="bottom">
	<tr class="row-odd"><th class="head">PAKE scheme</th>
	<th class="head">Specification</th>
	</tr>
	</thead>
	<tbody valign="top">
	<tr class="row-even"><td>AMP</td>
	<td>IEEE 1363.2, ISO/IEC 11770-4</td>
	</tr>
	<tr class="row-odd"><td>BSPEKE2</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-even"><td>PAKZ</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-odd"><td>PPK</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-even"><td>SPEKE</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-odd"><td>WSPEKE</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-even"><td>SPEKE</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-odd"><td>PAK</td>
	<td>IEEE 1363.2, X.1035, RFC 5683</td>
	</tr>
	<tr class="row-even"><td>EAP-PWD</td>
	<td>RFC 5931</td>
	</tr>
	<tr class="row-odd"><td>EAP-EKE</td>
	<td>RFC 6124</td>
	</tr>
	<tr class="row-even"><td>IKE-PSK</td>
	<td>RFC 6617</td>
	</tr>
	<tr class="row-odd"><td>PACE for IKEv2</td>
	<td>RFC 6631</td>
	</tr>
	<tr class="row-even"><td>AugPAKE for IKEv2</td>
	<td>RFC 6628</td>
	</tr>
	<tr class="row-odd"><td>PAR</td>
	<td>IEEE 1363.2</td>
	</tr>
	<tr class="row-even"><td>SESPAKE</td>
	<td>RFC 8133</td>
	</tr>
	<tr class="row-odd"><td>ITU-T</td>
	<td>X.1035</td>
	</tr>
	<tr class="row-even"><td>SPAKE1</td>
	<td> </td>
	</tr>
	<tr class="row-odd"><td>Dragonfly</td>
	<td> </td>
	</tr>
	<tr class="row-even"><td>B-SPEKE</td>
	<td> </td>
	</tr>
	<tr class="row-odd"><td>PKEX</td>
	<td> </td>
	</tr>
	<tr class="row-even"><td>EKE</td>
	<td> </td>
	</tr>
	<tr class="row-odd"><td>Augmented-EKE</td>
	<td> </td>
	</tr>
	<tr class="row-even"><td>PAK-X</td>
	<td> </td>
	</tr>
	<tr class="row-odd"><td>PAKE</td>
	<td> </td>
	</tr>
	</tbody>
	</table>
	<p>The exception is SPAKE2, because of it is related to SPAKE2+.</p>
	</div>
	</div>
	</div>
	</div>


	</div>
	</div>
	</div>
	<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
	<div class="sphinxsidebarwrapper"><h3><a href="index.html"><b>PSA Crypto API PAKE Extension</b></a></h3>
	AES 0058<br/>
	Non-confidential<br/>
	Version 1.1 PAKE Extension.0-bet.0
	<span style="color: red; font-weight: bold;"></span>
	<ul>
	<li class="toctree-l1"><a class="reference internal" href="about.html">About this document</a></li>
	</ul>
	<ul class="current">
	<li class="toctree-l1 current"><a class="current reference internal" href="#">1. Introduction</a><ul>
	<li class="toctree-l2"><a class="reference internal" href="#objectives-for-the-pake-extension">1.1. Objectives for the PAKE Extension</a><ul>
	<li class="toctree-l3"><a class="reference internal" href="#scheme-review">1.1.1. Scheme review</a></li>
	<li class="toctree-l3"><a class="reference internal" href="#scope-of-the-pake-extension">1.1.2. Scope of the PAKE Extension</a></li>
	</ul>
	</li>
	</ul>
	</li>
	<li class="toctree-l1"><a class="reference internal" href="pake.html">2. Password-authenticated key exchange (PAKE)</a></li>
	</ul>
	<ul>
	<li class="toctree-l1"><a class="reference internal" href="example_header.html">Example header file</a></li>
	<li class="toctree-l1"><a class="reference internal" href="specdef_values.html">Example macro implementations</a></li>
	</ul>
	<ul>
	<li class="toctree-l1"><a class="reference internal" href="psa_c-identifiers.html">Index of API elements</a></li>
	</ul>
	<div id="searchbox" style="display: none" role="search">
	<h3>Quick search</h3>
	<form class="search" action="search.html" method="get">
	<div><input type="text" name="q" /></div>
	<div><input type="submit" value="Go" /></div>
	<input type="hidden" name="check_keywords" value="yes" />
	<input type="hidden" name="area" value="default" />
	</form>
	</div>
	<script type="text/javascript">$('#searchbox').show(0);</script>
	</div>
	</div>
	<div class="clearer"></div>
	</div>
	<div class="footer">
	© 2022, Arm Limited or its affiliates. All rights reserved.

	\|
	Powered by <a href="http://sphinx-doc.org/">Sphinx 1.6.7</a>
	& <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.8</a>

	</div>




	</body>
	</html>