diff --git a/include/psa/crypto_types.h b/include/psa/crypto_types.h
index cd8ac4b1cf..1c40f5bf7c 100644
--- a/include/psa/crypto_types.h
+++ b/include/psa/crypto_types.h
@@ -390,5 +390,27 @@ typedef uint16_t psa_pake_side_t;
 /** \brief Encoding of the type of input/output for PAKE */
 typedef uint16_t psa_pake_data_t;
 
+/** Encoding of the type of the PAKE's primitive.
+ *
+ * Values defined by this standard will never be in the range 0x80-0xff.
+ * Vendors who define additional types must use an encoding in this range.
+ */
+typedef uint8_t psa_pake_primitive_type_t;
+
+/** Encoding of the bitsize for the PAKE's primitive.
+ *
+ * The type and family is not enough to identify the primitive to use in the
+ * PAKE, the implementation needs to know the bitsize too.
+ */
+typedef uint16_t psa_pake_bits_t;
+
+/** Encoding of the PAKE's primitive.
+ *
+ * In most of the PAKEs the primitives are prime order groups, but some of
+ * them might need the ring structure or just are using completely different
+ * algebraic structures (eg. SRP or PQC schemes).
+ */
+typedef uint32_t psa_pake_primitive_t;
+
 /**@}*/
 #endif /* PSA_CRYPTO_TYPES_H */
diff --git a/include/psa/crypto_values.h b/include/psa/crypto_values.h
index 3c2b7bec2c..afdcaa9f6f 100644
--- a/include/psa/crypto_values.h
+++ b/include/psa/crypto_values.h
@@ -2414,5 +2414,42 @@ static inline int mbedtls_svc_key_id_is_null( mbedtls_svc_key_id_t key )
  * Augmented PAKE protocols need to differentiate between client and server.
  */
 #define PSA_PAKE_SIDE_SERVER                ((psa_pake_side_t)0x0102)
+
+/** The pake uses finite fields.
+ *
+ * The corresponding family type is ::psa_dh_family_t. In determining a
+ * specific curve in the family ::psa_pake_bits_t values are interpreted in the
+ * exact same way as ::psa_key_bits_t would.
+ */
+#define PSA_PAKE_PRIMITIVE_TYPE_FIELD       ((psa_pake_primitive_type_t)0x01)
+
+/** The pake uses elliptic curves.
+ *
+ * The corresponding family type is ::psa_ecc_family_t. in determining a
+ * specific curve in the family ::psa_pake_bits_t values are interpreted in the
+ * exact same way as ::psa_key_bits_t would.
+ */
+#define PSA_PAKE_PRIMITIVE_TYPE_CURVE       ((psa_pake_primitive_type_t)0x02)
+
+/** Construct a PAKE primitive from type, family and bitsize.
+ *
+ * \param type          The type of the primitive
+ *                      (value of type ::psa_pake_primitive_type_t).
+ * \param family        The family of the primitive
+ *                      (the type and interpretation of this parameter depends
+ *                      on \p type, for more information consult the
+ *                      documentation of individual ::psa_pake_primitive_type_t
+ *                      constants).
+ * \param bits          The bitwise of the primitive
+ *                      (Value of type ::psa_pake_bits_t. The interpretation
+ *                      of this parameter depends on \p family, for more
+ *                      information consult the documentation of individual
+ *                      ::psa_pake_primitive_type_t constants).
+ *
+ * \return The constructed primitive value.
+ */
+#define PSA_PAKE_PRIMITIVE(type, family, bits) \
+    ((psa_pake_primitive_t) (((type) << 24 | (persistence) << 16) | (bits)))
+
 /**@}*/
 #endif /* PSA_CRYPTO_VALUES_H */