X.1035
Encyclopedia
ITU-T
Recommendation X.1035 specifies a password-authenticated key agreement
protocol that ensures mutual authentication of two parties by using a Diffie–Hellman key exchange to establish a symmetric cryptographic key. The use of Diffie-Hellman exchange ensures perfect forward secrecy—a property of a key establishment protocol that guarantees that compromise of a session key or long-term private key after a given session does not cause the compromise of any earlier session.
In X.1035, the exchange is protected from the man-in-the-middle attack
. The authentication relies on a pre-shared secret (e.g., password), which is protected (i.e., remains unrevealed) to an eavesdropper preventing an off-line dictionary attack.
The protocol can be used in a wide variety of applications including those with pre-shared secrets based on possibly weak passwords.
X.1035 was approved on 13 February 2007 by ITU-T Study Group 17.
, an ITU-T
standard that specifies high-speed (up to 1 Gbit/s) local area network
ing over existing home wires (power lines, phone lines and coaxial cables), uses X.1035 for authentication and key exchange.
ITU-T
The ITU Telecommunication Standardization Sector is one of the three sectors of the International Telecommunication Union ; it coordinates standards for telecommunications....
Recommendation X.1035 specifies a password-authenticated key agreement
Password-authenticated key agreement
In cryptography, a password-authenticated key agreement method is an interactive method for two or more parties to establish cryptographic keys based on one or more party's knowledge of a password.-Types:...
protocol that ensures mutual authentication of two parties by using a Diffie–Hellman key exchange to establish a symmetric cryptographic key. The use of Diffie-Hellman exchange ensures perfect forward secrecy—a property of a key establishment protocol that guarantees that compromise of a session key or long-term private key after a given session does not cause the compromise of any earlier session.
In X.1035, the exchange is protected from the man-in-the-middle attack
Man-in-the-middle attack
In cryptography, the man-in-the-middle attack , bucket-brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other...
. The authentication relies on a pre-shared secret (e.g., password), which is protected (i.e., remains unrevealed) to an eavesdropper preventing an off-line dictionary attack.
The protocol can be used in a wide variety of applications including those with pre-shared secrets based on possibly weak passwords.
X.1035 was approved on 13 February 2007 by ITU-T Study Group 17.
Applications
G.hnG.hn
G.hn is the common name for a home network technology family of standards developed under the International Telecommunication Union's Standardization arm and promoted by the HomeGrid Forum...
, an ITU-T
ITU-T
The ITU Telecommunication Standardization Sector is one of the three sectors of the International Telecommunication Union ; it coordinates standards for telecommunications....
standard that specifies high-speed (up to 1 Gbit/s) local area network
Local area network
A local area network is a computer network that interconnects computers in a limited area such as a home, school, computer laboratory, or office building...
ing over existing home wires (power lines, phone lines and coaxial cables), uses X.1035 for authentication and key exchange.