--- /dev/null
+@node enSESPAKE
+@section Security Evaluated Standardized Password-Authenticated Key Exchange
+
+@table @asis
+@item Algorithm type
+ Password-Authenticated balanced Key Agreement protocol (PAKE)
+@item RFC
+ @url{https://tools.ietf.org/html/rfc8133.html, 8133}
+@end table
+
+@strong{Features}:
+@itemize
+@item Password can be weak (strong PAKE), offline dictionary attacks are not dangerous
+@item PBKDF2 password strengthening
+@item There is key confirmation step
+@item GOST R 34.10 elliptic can could be used
+@end itemize