A Survey on Three-Party Password-Based Authenticated Key Exchange (3-PAKE) Protocols

Cryptographic protocols for key exchange have an aim of secure exchange of secret keys over the public network. Password based authenticated key exchange (PAKE) protocols are popularly used for communication purposes due to their convenience. As the name suggests, it involves sharing of a human-memorable password by each entity with a trusted third party. Three party PAKE (3-PAKE) protocols allow two parties to authenticate each other via the trusted third party and establish a session key between them for further communication. Various 3-PAKE protocols have been proposed over the years, each having its own weaknesses and strengths. This paper presents a review of few such 3-PAKE protocols and gives suggestions for future enhancements.