A method for anonymous authentication and key establishment based on passwords (APAKE), includes instantiating, by the server, an OPRF scheme and a symmetric encryption scheme; engaging in, by the client and the server, an OPRFEvaluate protocol so that the client learns a decryption key associated with its password while the server learns nothing; securely transferring, by the server, a nonce and a symmetric encryption key to the client if the client holds a valid password; sending, by the client, its nonce encrypted under the symmetric encryption key; using, by the server, the symmetric encryption key to decipher ciphertext received by virtue of the sending, by the client, its nonce encrypted under the symmetric encryption key and to recover the client's nonce; and computing, by the server and the client, a compute key based on the client's nonce and the server's nonce.
展开▼
