AMP (Authentication and key agreement via Memorable Passwords)


AMP is a password-based protocol that was designed for authentication and key agreement in a distributed environment. My poor paper first describing AMP was generously accepted to NDSS 2001 symposium [2] and contributed to the standards working group P1363 along with its related schemes including SPEKE, SRP, and PAK for standardization on password-based public key cryptographic techniques [3]. AMP is included in two international standard drafts, IEEE P1363.2 and ISO/IEC JTC 1 / SC 27 WD 11770-4. The recent update of AMP can be found from my on-going document [1] and [2]. Research links are available from David Jablons List [4] with regard to the study on password security.


1.      Taekyoung Kwon, Practical authenticated key agreement using passwords, will be presented at Information Security Conference, Palo Alto, CA, September 2004. [Conference Version] [Full Paper Version]

2.      Taekyoung Kwon, Addendum to Summary of AMP, Draft Document, November 2003.

3.      Taekyoung Kwon, Summary of AMP (Authentication and key agreement via Memorable Passwords), Draft Document, August 2003.

4.      Taekyoung Kwon, Authentication and key agreement via memorable password, ISOC Network and Distributed System Security (NDSS) Symposium, San Diego, CA, February 2001.

5.      Taekyoung Kwon, Ultimate solution to authentication via memorable password, submission to IEEE P1363.2, May 2000.

6.      P1363.2 Submissions,

7.      David Jablons List,