A Comparison of the Password-Authenticated Key Exchange Protocols, SRP-6a and PAKE2+

Sammanfattning: Privacy is a rising concern globally, and more of our personal information is stored online. It is therefore, important to securely authenticate and encrypt all communication between the client and the server. Password authenticated key-exchange (PAKE) protocols are promising schemes for more secure password authentication on the web. This report looks at both the theoretical and practical aspects of the PAKE protocols, SRP-6a and PAKE2+, from a business perspective. Benchmarks were used to determine the overall performance of both the protocols using latency and memory as metrics. The benchmarked implementations are written in JavaScript. Furthermore, availability of protocol implementations and theoretical security aspects such as crypto primitives were also analyzed. Our results indicate that SRP6-a is likely the more viable alternative for businesses today. Measured latencies ranged from 368 to 521 ms for PAKE2+ and 114 to 230 ms for SRP-6a, depending on the browser. SRP-6a is not only significantly faster than PAKE2+, but it has greater market adoption and maturity, which PAKE2+ lacks in comparison. However, PAKE2+ has a stronger theoretical security footprint, which may make it a strong contender in the future.