This paper introduces a novel protocol called Encrypted Key Exchange (EKE) that allows two parties sharing a common password to securely exchange authenticated and confidential information over an insecure network. The protocol uses a combination of asymmetric (public-key) and symmetric (secret-key) cryptography to protect the password from off-line "dictionary" attacks. EKE is secure against active attacks and ensures that the password remains protected even if it is weak or chosen by naive users. The protocol works by having each party generate a random public key, encrypt it with the shared password, and then use the public key to encrypt a random secret key. This secret key is then used to encrypt messages between the parties, ensuring confidentiality and authentication. The protocol includes challenges and responses to prevent replay attacks and ensure that both parties have the correct secret key. EKE can be implemented with various asymmetric cryptosystems, including RSA and ElGamal. The paper discusses the implementation details of EKE with RSA and ElGamal, highlighting the challenges involved in securely encrypting public keys and ensuring that the password is not vulnerable to dictionary attacks. It also addresses security considerations, such as partition attacks and the need for non-associative cryptosystems. The paper also discusses the applications of EKE, including secure public telephones and cellular phones, where EKE can be used to protect against fraud and ensure privacy. Additionally, EKE can be used to strengthen weak symmetric and asymmetric systems when used together. The authors conclude that EKE provides a robust solution for protecting users with weak passwords and is essential for securing networked systems. The protocol is designed to be secure against password-guessing attacks and is particularly effective when used with exponential key exchange. The paper also highlights the importance of choosing appropriate parameters for the cryptosystems used, such as large prime numbers and primitive roots, to ensure security.This paper introduces a novel protocol called Encrypted Key Exchange (EKE) that allows two parties sharing a common password to securely exchange authenticated and confidential information over an insecure network. The protocol uses a combination of asymmetric (public-key) and symmetric (secret-key) cryptography to protect the password from off-line "dictionary" attacks. EKE is secure against active attacks and ensures that the password remains protected even if it is weak or chosen by naive users. The protocol works by having each party generate a random public key, encrypt it with the shared password, and then use the public key to encrypt a random secret key. This secret key is then used to encrypt messages between the parties, ensuring confidentiality and authentication. The protocol includes challenges and responses to prevent replay attacks and ensure that both parties have the correct secret key. EKE can be implemented with various asymmetric cryptosystems, including RSA and ElGamal. The paper discusses the implementation details of EKE with RSA and ElGamal, highlighting the challenges involved in securely encrypting public keys and ensuring that the password is not vulnerable to dictionary attacks. It also addresses security considerations, such as partition attacks and the need for non-associative cryptosystems. The paper also discusses the applications of EKE, including secure public telephones and cellular phones, where EKE can be used to protect against fraud and ensure privacy. Additionally, EKE can be used to strengthen weak symmetric and asymmetric systems when used together. The authors conclude that EKE provides a robust solution for protecting users with weak passwords and is essential for securing networked systems. The protocol is designed to be secure against password-guessing attacks and is particularly effective when used with exponential key exchange. The paper also highlights the importance of choosing appropriate parameters for the cryptosystems used, such as large prime numbers and primitive roots, to ensure security.