| # Key Exchange Protocols |
| |
| @inproceedings{cremers2011examining, |
| title={Examining indistinguishability-based security models for key exchange protocols: the case of CK, CK-HMQV, and eCK}, |
| author={Cremers, Cas}, |
| booktitle={Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security}, |
| pages={80--91}, |
| year={2011}, |
| organization={ACM} |
| } |
| |
| @article{needham1978using, |
| title={Using encryption for authentication in large networks of computers}, |
| author={Needham, Roger M and Schroeder, Michael D}, |
| journal={Communications of the ACM}, |
| volume={21}, |
| number={12}, |
| pages={993--999}, |
| year={1978}, |
| publisher={ACM} |
| } |
| |
| @article{dolev1983security, |
| title={On the security of public key protocols}, |
| author={Dolev, Danny and Yao, Andrew}, |
| journal={IEEE Transactions on information theory}, |
| volume={29}, |
| number={2}, |
| pages={198--208}, |
| year={1983}, |
| publisher={IEEE} |
| } |
| |
| @inproceedings{gajek2008universally, |
| title={Universally composable security analysis of TLS}, |
| author={Gajek, Sebastian and Manulis, Mark and Pereira, Olivier and Sadeghi, Ahmad-Reza and Schwenk, J{\"o}rg}, |
| booktitle={International Conference on Provable Security}, |
| pages={313--327}, |
| year={2008}, |
| organization={Springer} |
| } |
| |
| @inproceedings{krawczyk2016unilateral, |
| title={A unilateral-to-mutual authentication compiler for key exchange (with applications to client authentication in tls 1.3)}, |
| author={Krawczyk, Hugo}, |
| booktitle={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, |
| pages={1438--1450}, |
| year={2016}, |
| organization={ACM} |
| } |
| |
| @inproceedings{mitchell1998finite, |
| title={Finite-State Analysis of SSL 3.0.}, |
| author={Mitchell, John C and Shmatikov, Vitaly and Stern, Ulrich}, |
| booktitle={USENIX Security Symposium}, |
| pages={201--216}, |
| year={1998} |
| } |
| |
| @inproceedings{wagner1996analysis, |
| title={Analysis of the SSL 3.0 protocol}, |
| author={Wagner, David and Schneier, Bruce and others}, |
| booktitle={The Second USENIX Workshop on Electronic Commerce Proceedings}, |
| volume={1}, |
| number={1}, |
| pages={29--40}, |
| year={1996} |
| } |
| |
| @article{dowlingcryptographic, |
| title={A Cryptographic Analysis of the WireGuard Protocol}, |
| author={Dowling, Benjamin and Paterson, Kenneth G} |
| } |
| |
| @article{kusters2017framework, |
| title={A Framework for Universally Composable Diffie-Hellman Key Exchange.}, |
| author={K{\"u}sters, Ralf and Rausch, Daniel}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2017}, |
| pages={256}, |
| year={2017} |
| } |
| |
| @inproceedings{boyd2016stateless, |
| title={From stateless to stateful: Generic authentication and authenticated encryption constructions with application to TLS}, |
| author={Boyd, Colin and Hale, Britta and Mj{\o}lsnes, Stig Frode and Stebila, Douglas}, |
| booktitle={Cryptographers’ Track at the RSA Conference}, |
| pages={55--71}, |
| year={2016}, |
| organization={Springer} |
| } |
| |
| @inproceedings{krawczyk2001order, |
| title={The order of encryption and authentication for protecting communications (or: How secure is SSL?)}, |
| author={Krawczyk, Hugo}, |
| booktitle={Advances in Cryptology—CRYPTO 2001}, |
| pages={310--331}, |
| year={2001}, |
| organization={Springer} |
| } |
| |
| @inproceedings{kudla2005modular, |
| title={Modular security proofs for key agreement protocols}, |
| author={Kudla, Caroline and Paterson, Kenneth G}, |
| booktitle={International Conference on the Theory and Application of Cryptology and Information Security}, |
| pages={549--565}, |
| year={2005}, |
| organization={Springer} |
| } |
| |
| @article{brzuska2013less, |
| title={Less is more: Relaxed yet composable security notions for key exchange}, |
| author={Brzuska, Christina and Fischlin, Marc and Smart, Nigel P and Warinschi, Bogdan and Williams, Stephen C}, |
| journal={International Journal of Information Security}, |
| volume={12}, |
| number={4}, |
| pages={267--297}, |
| year={2013}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{boyd2013asics, |
| title={ASICS: Authenticated key exchange security incorporating certification systems}, |
| author={Boyd, Colin and Cremers, Cas and Feltz, Michele and Paterson, Kenneth G and Poettering, Bertram and Stebila, Douglas}, |
| booktitle={European Symposium on Research in Computer Security}, |
| pages={381--399}, |
| year={2013}, |
| organization={Springer} |
| } |
| |
| @phdthesis{brzuska2013foundations, |
| title={On the foundations of key exchange}, |
| author={Brzuska, Christina}, |
| year={2013}, |
| school={Technische Universit{\"a}t} |
| } |
| |
| @inproceedings{bellare1993entity, |
| title={Entity Authentication and Key Distribution.}, |
| author={Bellare, Mihir and Rogaway, Phillip}, |
| booktitle={Crypto}, |
| volume={93}, |
| pages={232--249}, |
| year={1993}, |
| organization={Springer} |
| } |
| |
| @article{cremers2015beyond, |
| title={Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal}, |
| author={Cremers, Cas and Feltz, Michele}, |
| journal={Designs, Codes and Cryptography}, |
| volume={74}, |
| number={1}, |
| pages={183--218}, |
| year={2015}, |
| publisher={Springer} |
| } |
| |
| @article{law2003efficient, |
| title={An efficient protocol for authenticated key agreement}, |
| author={Law, Laurie and Menezes, Alfred and Qu, Minghua and Solinas, Jerry and Vanstone, Scott}, |
| journal={Designs, Codes and Cryptography}, |
| volume={28}, |
| number={2}, |
| pages={119--134}, |
| year={2003}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{bellare1995provably, |
| title={Provably secure session key distribution: the three party case}, |
| author={Bellare, Mihir and Rogaway, Phillip}, |
| booktitle={Proceedings of the twenty-seventh annual ACM symposium on Theory of computing}, |
| pages={57--66}, |
| year={1995}, |
| organization={ACM} |
| } |
| |
| @inproceedings{krawczyk2016optls, |
| title={The OPTLS protocol and TLS 1.3}, |
| author={Krawczyk, Hugo and Wee, Hoeteck}, |
| booktitle={Security and Privacy (EuroS\&P), 2016 IEEE European Symposium on}, |
| pages={81--96}, |
| year={2016}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{cremers2016automated, |
| title={Automated analysis and verification of TLS 1.3: 0-RTT, resumption and delayed authentication}, |
| author={Cremers, Cas and Horvat, Marko and Scott, Sam and van der Merwe, Thyla}, |
| booktitle={Security and Privacy (SP), 2016 IEEE Symposium on}, |
| pages={470--485}, |
| year={2016}, |
| organization={IEEE} |
| } |
| |
| @article{dowling2016cryptographic, |
| title={A Cryptographic Analysis of the TLS 1.3 draft-10 Full and Pre-shared Key Handshake Protocol.}, |
| author={Dowling, Benjamin and Fischlin, Marc and G{\"u}nther, Felix and Stebila, Douglas}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2016}, |
| pages={81}, |
| year={2016} |
| } |
| |
| @inproceedings{zhao2016identity, |
| title={Identity-Concealed Authenticated Encryption and Key Exchange}, |
| author={Zhao, Yunlei}, |
| booktitle={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, |
| pages={1464--1479}, |
| year={2016}, |
| organization={ACM} |
| } |
| |
| @inproceedings{krawczyk2003sigma, |
| title={SIGMA: The ‘SIGn-and-MAc’approach to authenticated Diffie-Hellman and its use in the IKE protocols}, |
| author={Krawczyk, Hugo}, |
| booktitle={Annual International Cryptology Conference}, |
| pages={400--425}, |
| year={2003}, |
| organization={Springer} |
| } |
| |
| @inproceedings{krawczyk2005hmqv, |
| title={HMQV: A high-performance secure Diffie-Hellman protocol}, |
| author={Krawczyk, Hugo}, |
| booktitle={Annual International Cryptology Conference}, |
| pages={546--566}, |
| year={2005}, |
| organization={Springer} |
| } |
| |
| @inproceedings{he2005modular, |
| title={A modular correctness proof of IEEE 802.11 i and TLS}, |
| author={He, Changhua and Sundararajan, Mukund and Datta, Anupam and Derek, Ante and Mitchell, John C}, |
| booktitle={Proceedings of the 12th ACM conference on Computer and communications security}, |
| pages={2--15}, |
| year={2005}, |
| organization={ACM} |
| } |
| |
| @article{aiello2004just, |
| title={Just fast keying: Key agreement in a hostile internet}, |
| author={Aiello, William and Bellovin, Steven M and Blaze, Matt and Canetti, Ran and Ioannidis, John and Keromytis, Angelos D and Reingold, Omer}, |
| journal={ACM Transactions on Information and System Security (TISSEC)}, |
| volume={7}, |
| number={2}, |
| pages={242--273}, |
| year={2004}, |
| publisher={ACM} |
| } |
| |
| @inproceedings{boyd2004key, |
| title={Key agreement using statically keyed authenticators}, |
| author={Boyd, Colin and Mao, Wenbo and Paterson, Kenneth G}, |
| booktitle={International Conference on Applied Cryptography and Network Security}, |
| pages={248--262}, |
| year={2004}, |
| organization={Springer} |
| } |
| |
| @article{menezes2007another, |
| title={Another look at HMQV}, |
| author={Menezes, Alfred}, |
| journal={Mathematical Cryptology JMC}, |
| volume={1}, |
| number={1}, |
| pages={47--64}, |
| year={2007} |
| } |
| |
| @inproceedings{lamacchia2007stronger, |
| title={Stronger security of authenticated key exchange}, |
| author={LaMacchia, Brian and Lauter, Kristin and Mityagin, Anton}, |
| booktitle={International Conference on Provable Security}, |
| pages={1--16}, |
| year={2007}, |
| organization={Springer} |
| } |
| |
| @inproceedings{bos2015post, |
| title={Post-quantum key exchange for the TLS protocol from the ring learning with errors problem}, |
| author={Bos, Joppe W and Costello, Craig and Naehrig, Michael and Stebila, Douglas}, |
| booktitle={Security and Privacy (SP), 2015 IEEE Symposium on}, |
| pages={553--570}, |
| year={2015}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{di2006deniable, |
| title={Deniable authentication and key exchange}, |
| author={Di Raimondo, Mario and Gennaro, Rosario and Krawczyk, Hugo}, |
| booktitle={Proceedings of the 13th ACM conference on Computer and communications security}, |
| pages={400--409}, |
| year={2006}, |
| organization={ACM} |
| } |
| |
| @inproceedings{choo2005session, |
| title={On session key construction in provably-secure key establishment protocols}, |
| author={Choo, Kim-Kwang Raymond and Boyd, Colin and Hitchcock, Yvonne}, |
| booktitle={International Conference on Cryptology in Malaysia}, |
| pages={116--131}, |
| year={2005}, |
| organization={Springer} |
| } |
| |
| @article{goldberg2012anonymity, |
| title={Anonymity and one-way authentication in key exchange protocols}, |
| author={Goldberg, Ian and Stebila, Douglas and Ustaoglu, Berkant}, |
| journal={Designs, Codes and Cryptography}, |
| pages={1--25}, |
| year={2012}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{yao2010deniable, |
| title={Deniable internet key exchange}, |
| author={Yao, Andrew C and Zhao, Yunlei}, |
| booktitle={International Conference on Applied Cryptography and Network Security}, |
| pages={329--348}, |
| year={2010}, |
| organization={Springer} |
| } |
| |
| @article{cremers2011one, |
| title={One-round strongly secure key exchange with perfect forward secrecy and deniability}, |
| author={Cremers, Cas and Feltz, Michele}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2011}, |
| pages={300}, |
| year={2011} |
| } |
| |
| @article{harn2005authenticated, |
| title={Authenticated Diffie--Hellman key agreement protocol using a single cryptographic assumption}, |
| author={Harn, Lein and Hsin, W-J and Mehta, Mohit}, |
| journal={IEE Proceedings-Communications}, |
| volume={152}, |
| number={4}, |
| pages={404--410}, |
| year={2005}, |
| publisher={IET} |
| } |
| |
| @phdthesis{datta2005security, |
| title={Security analysis of network protocols: Compositional reasoning and complexity-theoretic foundations}, |
| author={Datta, Anupam}, |
| year={2005}, |
| school={Citeseer} |
| } |
| |
| @article{menezes2010reusing, |
| title={On reusing ephemeral keys in Diffie-Hellman key agreement protocols}, |
| author={Menezes, Alfred and Ustaoglu, Berkant}, |
| journal={International Journal of Applied Cryptography}, |
| volume={2}, |
| number={2}, |
| pages={154--158}, |
| year={2010}, |
| publisher={Inderscience Publishers} |
| } |
| |
| @inproceedings{yao2013oake, |
| title={OAKE: a new family of implicitly authenticated diffie-hellman protocols}, |
| author={Yao, Andrew Chi-Chih and Zhao, Yunlei}, |
| booktitle={Proceedings of the 2013 ACM SIGSAC conference on Computer \& communications security}, |
| pages={1113--1128}, |
| year={2013}, |
| organization={ACM} |
| } |
| |
| @inproceedings{zhang2015authenticated, |
| title={Authenticated key exchange from ideal lattices}, |
| author={Zhang, Jiang and Zhang, Zhenfeng and Ding, Jintai and Snook, Michael and Dagdelen, {\"O}zg{\"u}r}, |
| booktitle={Annual International Conference on the Theory and Applications of Cryptographic Techniques}, |
| pages={719--751}, |
| year={2015}, |
| organization={Springer} |
| } |
| |
| @inproceedings{jiang2008efficient, |
| title={An efficient deniable key exchange protocol}, |
| author={Jiang, Shaoquan and Safavi-Naini, Reihaneh}, |
| booktitle={International Conference on Financial Cryptography and Data Security}, |
| pages={47--52}, |
| year={2008}, |
| organization={Springer} |
| } |
| |
| @inproceedings{yang2011authenticated, |
| title={Authenticated key exchange under bad randomness}, |
| author={Yang, Guomin and Duan, Shanshan and Wong, Duncan S and Tan, Chik How and Wang, Huaxiong}, |
| booktitle={International Conference on Financial Cryptography and Data Security}, |
| pages={113--126}, |
| year={2011}, |
| organization={Springer} |
| } |
| |
| @article{singh2015practical, |
| title={A Practical Key Exchange for the Internet using Lattice Cryptography.}, |
| author={Singh, Vikram}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2015}, |
| pages={138}, |
| year={2015} |
| } |
| |
| @inproceedings{yi2011three, |
| title={Three-party password-authenticated key exchange without random oracles}, |
| author={Yi, Xun and Tso, Raylin and Okamoto, Eiji}, |
| booktitle={Security and Cryptography (SECRYPT), 2011 Proceedings of the International Conference on}, |
| pages={15--24}, |
| year={2011}, |
| organization={IEEE} |
| } |
| |
| @phdthesis{jost2014constructive, |
| title={A constructive analysis of IPsec}, |
| author={Jost, Daniel}, |
| year={2014}, |
| school={Citeseer} |
| } |
| |
| @inproceedings{chen2016strongly, |
| title={Strongly leakage-resilient authenticated key exchange}, |
| author={Chen, Rongmao and Mu, Yi and Yang, Guomin and Susilo, Willy and Guo, Fuchun}, |
| booktitle={Cryptographers’ Track at the RSA Conference}, |
| pages={19--36}, |
| year={2016}, |
| organization={Springer} |
| } |
| |
| @article{feltz2014limits, |
| title={On the Limits of Authenticated Key Exchange Security with an Application to Bad Randomness.}, |
| author={Feltz, Michele and Cremers, Cas}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2014}, |
| pages={369}, |
| year={2014} |
| } |
| |
| @article{katz2010one, |
| title={One-Round Password-Based Authenticated Key Exchange.}, |
| author={Katz, Jonathan and Vaikuntanathan, Vinod}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2010}, |
| pages={368}, |
| year={2010}, |
| publisher={Citeseer} |
| } |
| |
| @inproceedings{liu2013security, |
| title={Security model and analysis of FHMQV, revisited}, |
| author={Liu, Shengli and Sakurai, Kouichi and Weng, Jian and Zhang, Fangguo and Zhao, Yunlei}, |
| booktitle={International Conference on Information Security and Cryptology}, |
| pages={255--269}, |
| year={2013}, |
| organization={Springer} |
| } |
| |
| @inproceedings{jager2015security, |
| title={On the security of TLS 1.3 and QUIC against weaknesses in PKCS\# 1 v1. 5 encryption}, |
| author={Jager, Tibor and Schwenk, J{\"o}rg and Somorovsky, Juraj}, |
| booktitle={Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security}, |
| pages={1185--1196}, |
| year={2015}, |
| organization={ACM} |
| } |
| |
| @article{lan2017investigating, |
| title={Investigating the Multi-Ciphersuite and Backwards-Compatibility Security of the Upcoming TLS 1.3}, |
| author={Lan, Xiao and Xu, Jing and Zhang, Zhenfeng and Zhu, Wen Tao}, |
| journal={IEEE Transactions on Dependable and Secure Computing}, |
| year={2017}, |
| publisher={IEEE} |
| } |
| |
| @inproceedings{dowling2015modelling, |
| title={Modelling ciphersuite and version negotiation in the TLS protocol}, |
| author={Dowling, Benjamin and Stebila, Douglas}, |
| booktitle={Australasian Conference on Information Security and Privacy}, |
| pages={270--288}, |
| year={2015}, |
| organization={Springer} |
| } |
| |
| @inproceedings{li2016multiple, |
| title={Multiple handshakes security of TLS 1.3 candidates}, |
| author={Li, Xinyu and Xu, Jing and Zhang, Zhenfeng and Feng, Dengguo and Hu, Honggang}, |
| booktitle={Security and Privacy (SP), 2016 IEEE Symposium on}, |
| pages={486--505}, |
| year={2016}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{fischlin2016key, |
| title={Key confirmation in key exchange: a formal treatment and implications for TLS 1.3}, |
| author={Fischlin, Marc and G{\"u}nther, Felix and Schmidt, Benedikt and Warinschi, Bogdan}, |
| booktitle={Security and Privacy (SP), 2016 IEEE Symposium on}, |
| pages={452--469}, |
| year={2016}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{bellare2000authenticated, |
| title={Authenticated key exchange secure against dictionary attacks}, |
| author={Bellare, Mihir and Pointcheval, David and Rogaway, Phillip}, |
| booktitle={Advances in Cryptology—EUROCRYPT 2000}, |
| pages={139--155}, |
| year={2000}, |
| organization={Springer} |
| } |
| |
| @inproceedings{canetti2001analysis, |
| title={Analysis of key-exchange protocols and their use for building secure channels}, |
| author={Canetti, Ran and Krawczyk, Hugo}, |
| booktitle={International Conference on the Theory and Applications of Cryptographic Techniques}, |
| pages={453--474}, |
| year={2001}, |
| organization={Springer} |
| } |
| |
| @article{blake1997key, |
| title={Key agreement protocols and their security analysis}, |
| author={Blake-Wilson, Simon and Johnson, Don and Menezes, Alfred}, |
| journal={Crytography and Coding}, |
| pages={30--45}, |
| year={1997}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{blake1998authenticated, |
| title={Authenticated Diffe-Hellman key agreement protocols}, |
| author={Blake-Wilson, Simon and Menezes, Alfred}, |
| booktitle={International Workshop on Selected Areas in Cryptography}, |
| pages={339--361}, |
| year={1998}, |
| organization={Springer} |
| } |
| |
| @inproceedings{bellare1998modular, |
| title={A modular approach to the design and analysis of authentication and key exchange protocols}, |
| author={Bellare, Mihir and Canetti, Ran and Krawczyk, Hugo}, |
| booktitle={Proceedings of the thirtieth annual ACM symposium on Theory of computing}, |
| pages={419--428}, |
| year={1998}, |
| organization={ACM} |
| } |
| |
| @article{shoup1999formal, |
| title={On formal models for secure key exchange}, |
| author={Shoup, Victor}, |
| year={1999}, |
| publisher={Citeseer} |
| } |
| |
| @inproceedings{canetti2002universally, |
| title={Universally composable notions of key exchange and secure channels}, |
| author={Canetti, Ran and Krawczyk, Hugo}, |
| booktitle={International Conference on the Theory and Applications of Cryptographic Techniques}, |
| pages={337--351}, |
| year={2002}, |
| organization={Springer} |
| } |
| |
| @inproceedings{lincoln1998probabilistic, |
| title={A probabilistic poly-time framework for protocol analysis}, |
| author={Lincoln, Patrick and Mitchell, John and Mitchell, Mark and Scedrov, Andre}, |
| booktitle={Proceedings of the 5th ACM conference on Computer and communications security}, |
| pages={112--121}, |
| year={1998}, |
| organization={ACM} |
| } |
| |
| @inproceedings{choo2005examining, |
| title={Examining indistinguishability-based proof models for key establishment protocols}, |
| author={Choo, Kim-Kwang Raymond and Boyd, Colin and Hitchcock, Yvonne}, |
| booktitle={International Conference on the Theory and Application of Cryptology and Information Security}, |
| pages={585--604}, |
| year={2005}, |
| organization={Springer} |
| } |
| |
| @article{katz2007scalable, |
| title={Scalable protocols for authenticated group key exchange}, |
| author={Katz, Jonathan and Yung, Moti}, |
| journal={Journal of Cryptology}, |
| volume={20}, |
| number={1}, |
| pages={85--113}, |
| year={2007}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{katz2002forward, |
| title={Forward secrecy in password-only key exchange protocols}, |
| author={Katz, Jonathan and Ostrovsky, Rafail and Yung, Moti}, |
| booktitle={International Conference on Security in Communication Networks}, |
| pages={29--44}, |
| year={2002}, |
| organization={Springer} |
| } |
| |
| @article{cheng2005indistinguishability, |
| title={On The Indistinguishability-Based Security Model of Key Agreement Protocols-Simple Cases.}, |
| author={Cheng, Zhaohui and Nistazakis, Manos and Comley, Richard and Vasiu, Luminita}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2005}, |
| pages={129}, |
| year={2005}, |
| publisher={Citeseer} |
| } |
| |
| @inproceedings{morrissey2008modular, |
| title={A modular security analysis of the TLS handshake protocol}, |
| author={Morrissey, Paul and Smart, Nigel P and Warinschi, Bogdan}, |
| booktitle={International Conference on the Theory and Application of Cryptology and Information Security}, |
| pages={55--73}, |
| year={2008}, |
| organization={Springer} |
| } |
| |
| @inproceedings{boyd2003deniable, |
| title={Deniable authenticated key establishment for internet protocols}, |
| author={Boyd, Colin and Mao, Wenbo and Paterson, Kenneth G}, |
| booktitle={International Workshop on Security Protocols}, |
| pages={255--271}, |
| year={2003}, |
| organization={Springer} |
| } |
| |
| @inproceedings{groce2010new, |
| title={A new framework for efficient password-based authenticated key exchange}, |
| author={Groce, Adam and Katz, Jonathan}, |
| booktitle={Proceedings of the 17th ACM conference on Computer and communications security}, |
| pages={516--525}, |
| year={2010}, |
| organization={ACM} |
| } |
| |
| @article{mackenzie2001security, |
| title={On the Security of the SPEKE Password-Authenticated Key Exchange Protocol.}, |
| author={MacKenzie, Philip}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2001}, |
| pages={57}, |
| year={2001} |
| } |
| |
| @inproceedings{sarr2010new, |
| title={A new security model for authenticated key agreement}, |
| author={Sarr, Augustin P and Elbaz-Vincent, Philippe and Bajard, Jean-Claude}, |
| booktitle={International Conference on Security and Cryptography for Networks}, |
| pages={219--234}, |
| year={2010}, |
| organization={Springer} |
| } |
| |
| @phdthesis{katz2002efficient, |
| title={Efficient Cryptographic Protocols Preventing “Man-in-the-Middle” Attacks}, |
| author={Katz, Jonathan}, |
| year={2002}, |
| school={COLUMBIA UNIVERSITY} |
| } |
| |
| @article{goldreich2006session, |
| title={Session-key generation using human passwords only}, |
| author={Goldreich, Oded and Lindell, Yehuda}, |
| journal={Journal of Cryptology}, |
| volume={19}, |
| number={3}, |
| pages={241--340}, |
| year={2006}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{choo2005security, |
| title={Security requirements for key establishment proof models: revisiting Bellare--Rogaway and Jeong--Katz--Lee protocols}, |
| author={Choo, Kim-Kwang Raymond and Hitchcock, Yvonne}, |
| booktitle={Australasian Conference on Information Security and Privacy}, |
| pages={429--442}, |
| year={2005}, |
| organization={Springer} |
| } |
| |
| @inproceedings{kusters2011composition, |
| title={Composition theorems without pre-established session identifiers}, |
| author={K{\"u}sters, Ralf and Tuengerthal, Max}, |
| booktitle={Proceedings of the 18th ACM conference on Computer and communications security}, |
| pages={41--50}, |
| year={2011}, |
| organization={ACM} |
| } |
| |
| @inproceedings{bresson2007security, |
| title={On security models and compilers for group key exchange protocols}, |
| author={Bresson, Emmanuel and Manulis, Mark and Schwenk, J{\"o}rg}, |
| booktitle={International Workshop on Security}, |
| pages={292--307}, |
| year={2007}, |
| organization={Springer} |
| } |
| |
| @article{morrissey2010tls, |
| title={The TLS handshake protocol: A modular analysis}, |
| author={Morrissey, Paul and Smart, Nigel P and Warinschi, Bogdan}, |
| journal={Journal of Cryptology}, |
| volume={23}, |
| number={2}, |
| pages={187--223}, |
| year={2010}, |
| publisher={Springer} |
| } |
| |
| @inproceedings{brzuska2011composability, |
| title={Composability of Bellare-Rogaway key exchange protocols}, |
| author={Brzuska, Christina and Fischlin, Marc and Warinschi, Bogdan and Williams, Stephen C}, |
| booktitle={Proceedings of the 18th ACM conference on Computer and communications security}, |
| pages={51--62}, |
| year={2011}, |
| organization={ACM} |
| } |
| |
| @inproceedings{tin2003provably, |
| title={Provably secure mobile key exchange: Applying the Canetti-Krawczyk approach}, |
| author={Tin, Yiu Shing Terry and Boyd, Colin and Nieto, Juan Manuel Gonz{\'a}lez}, |
| booktitle={Australasian Conference on Information Security and Privacy}, |
| pages={166--179}, |
| year={2003}, |
| organization={Springer} |
| } |
| |
| @phdthesis{choo2006key, |
| title={Key Establishment: Proofs and Refutations}, |
| author={Choo, Kim-Kwang Raymond}, |
| year={2006}, |
| school={Queensland University of Technology} |
| } |
| |
| @inproceedings{zhang2010deniable, |
| title={A deniable group key establishment protocol in the standard model}, |
| author={Zhang, Yazhe and Wang, Kunpeng and Li, Bao}, |
| booktitle={International Conference on Information Security Practice and Experience}, |
| pages={308--323}, |
| year={2010}, |
| organization={Springer} |
| } |
| |
| @article{hitchcock2006modular, |
| title={Modular proofs for key exchange: rigorous optimizations in the Canetti--Krawczyk model}, |
| author={Hitchcock, Yvonne and Boyd, Colin and Gonz{\'a}lez Nieto, Juan Manuel}, |
| journal={Applicable Algebra in Engineering, Communication and Computing}, |
| volume={16}, |
| number={6}, |
| pages={405--438}, |
| year={2006}, |
| publisher={Springer} |
| } |
| |
| @article{jager2011standard, |
| title={A Standard-Model Security Analysis of TLS-DHE.}, |
| author={Jager, Tibor and Kohlar, Florian and Sch{\"a}ge, Sven and Schwenk, J{\"o}rg}, |
| journal={IACR Cryptology ePrint Archive}, |
| volume={2011}, |
| number={219}, |
| year={2011} |
| } |
| |
| @incollection{jager2012security, |
| title={On the security of TLS-DHE in the standard model}, |
| author={Jager, Tibor and Kohlar, Florian and Sch{\"a}ge, Sven and Schwenk, J{\"o}rg}, |
| booktitle={Advances in Cryptology--CRYPTO 2012}, |
| pages={273--293}, |
| year={2012}, |
| publisher={Springer} |
| } |
| |
| ### INCOMPLETE, financial crypto 2017 |
| @article{dodisunilaterally, |
| title={Unilaterally-Authenticated Key Exchange}, |
| author={Dodis, Yevgeniy and Fiore, Dario} |
| } |
| |
| @inproceedings{bhargavan2017content, |
| title={Content Delivery over TLS: A Cryptographic Analysis of Keyless SSL}, |
| author={Bhargavan, Karthikeyan and Boureanu, IC and Fouque, Pierre-Alain and Onete, Cristina and Richard, Benjamin}, |
| booktitle={Proceedings of the 2nd IEEE European Symposium on Security and Privacy}, |
| year={2017} |
| } |
| |
| @inproceedings{gunther20170, |
| title={0-RTT Key Exchange with Full Forward Secrecy}, |
| author={G{\"u}nther, Felix and Hale, Britta and Jager, Tibor and Lauer, Sebastian}, |
| booktitle={Annual International Conference on the Theory and Applications of Cryptographic Techniques}, |
| pages={519--548}, |
| year={2017}, |
| organization={Springer} |
| } |
| |
| # Attacks and Real-World Protocols |
| |
| @inproceedings{lauter2006security, |
| title={Security analysis of KEA authenticated key exchange protocol}, |
| author={Lauter, Kristin and Mityagin, Anton}, |
| booktitle={Public Key Cryptography}, |
| volume={3958}, |
| pages={378--394}, |
| year={2006}, |
| organization={Springer} |
| } |
| |
| @inproceedings{jager2015practical, |
| title={Practical invalid curve attacks on TLS-ECDH}, |
| author={Jager, Tibor and Schwenk, J{\"o}rg and Somorovsky, Juraj}, |
| booktitle={European Symposium on Research in Computer Security}, |
| pages={407--425}, |
| year={2015}, |
| organization={Springer} |
| } |
| |
| @inproceedings{bhargavan2016transcript, |
| title={Transcript collision attacks: Breaking authentication in TLS, IKE, and SSH}, |
| author={Bhargavan, Karthikeyan and Leurent, Ga{\"e}tan}, |
| booktitle={Network and Distributed System Security Symposium--NDSS 2016}, |
| year={2016} |
| } |
| |
| @inproceedings{bhargavan2016downgrade, |
| title={Downgrade resilience in key-exchange protocols}, |
| author={Bhargavan, Karthikeyan and Brzuska, Christina and Fournet, C{\'e}dric and Green, Matthew and Kohlweiss, Markulf and Zanella-B{\'e}guelin, Santiago}, |
| booktitle={Security and Privacy (SP), 2016 IEEE Symposium on}, |
| pages={506--525}, |
| year={2016}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{aviram2016drown, |
| title={DROWN: breaking TLS using SSLv2}, |
| author={Aviram, Nimrod and Schinzel, Sebastian and Somorovsky, Juraj and Heninger, Nadia and Dankel, Maik and Steube, Jens and Valenta, Luke and Adrian, David and Halderman, J Alex and Dukhovni, Viktor and others}, |
| booktitle={25th USENIX Security Symposium (USENIX Security 16)(Aug. 2016)}, |
| year={2016} |
| } |
| |
| @inproceedings{meyer2014revisiting, |
| title={Revisiting SSL/TLS Implementations: New Bleichenbacher Side Channels and Attacks.}, |
| author={Meyer, Christopher and Somorovsky, Juraj and Weiss, Eugen and Schwenk, J{\"o}rg and Schinzel, Sebastian and Tews, Erik}, |
| booktitle={USENIX Security}, |
| volume={14}, |
| pages={733--748}, |
| year={2014} |
| } |
| |
| @inproceedings{albrecht2016lucky, |
| title={Lucky Microseconds: A timing attack on amazon’s s2n implementation of TLS}, |
| author={Albrecht, Martin R and Paterson, Kenneth G}, |
| booktitle={Annual International Conference on the Theory and Applications of Cryptographic Techniques}, |
| pages={622--643}, |
| year={2016}, |
| organization={Springer} |
| } |
| |
| @inproceedings{garman2015attacks, |
| title={Attacks Only Get Better: Password Recovery Attacks Against RC4 in TLS.}, |
| author={Garman, Christina and Paterson, Kenneth G and Van der Merwe, Thyla}, |
| booktitle={USENIX Security}, |
| pages={113--128}, |
| year={2015} |
| } |
| |
| @article{kaliski2001unknown, |
| title={An unknown key-share attack on the MQV key agreement protocol}, |
| author={Kaliski Jr, Burton S}, |
| journal={ACM Transactions on Information and System Security (TISSEC)}, |
| volume={4}, |
| number={3}, |
| pages={275--288}, |
| year={2001}, |
| publisher={ACM} |
| } |
| |
| @inproceedings{giesen2013security, |
| title={On the security of TLS renegotiation}, |
| author={Giesen, Florian and Kohlar, Florian and Stebila, Douglas}, |
| booktitle={Proceedings of the 2013 ACM SIGSAC conference on Computer \& communications security}, |
| pages={387--398}, |
| year={2013}, |
| organization={ACM} |
| } |
| |
| @incollection{krawczyk2013security, |
| title={On the security of the TLS protocol: A systematic analysis}, |
| author={Krawczyk, Hugo and Paterson, Kenneth G and Wee, Hoeteck}, |
| booktitle={Advances in Cryptology--CRYPTO 2013}, |
| pages={429--448}, |
| year={2013}, |
| publisher={Springer} |
| } |
| |
| # Verified Implementations |
| |
| @article{bhargavan2016mitls, |
| title={miTLS: Verifying Protocol Implementations against Real-World Attacks}, |
| author={Bhargavan, Karthikeyan and Fournet, Cedric and Kohlweiss, Markulf}, |
| journal={IEEE Security \& Privacy}, |
| volume={14}, |
| number={6}, |
| pages={18--25}, |
| year={2016}, |
| publisher={IEEE} |
| } |
| |
| @inproceedings{kusters2009using, |
| title={Using ProVerif to analyze protocols with Diffie-Hellman exponentiation}, |
| author={K{\"u}sters, Ralf and Truderung, Tomasz}, |
| booktitle={Computer Security Foundations Symposium, 2009. CSF'09. 22nd IEEE}, |
| pages={157--171}, |
| year={2009}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{barthe2015mind, |
| title={Mind the gap: Modular machine-checked proofs of one-round key exchange protocols}, |
| author={Barthe, Gilles and Crespo, Juan Manuel and Lakhnech, Yassine and Schmidt, Benedikt}, |
| booktitle={Annual International Conference on the Theory and Applications of Cryptographic Techniques}, |
| pages={689--718}, |
| year={2015}, |
| organization={Springer} |
| } |
| |
| @article{delignattowards, |
| title={Towards a Provably Secure Implementation of TLS 1.3}, |
| author={Delignat, Benjamin Beurdouche Karthikeyan Bhargavan Antoine and Ishtiaq, Lavaud C{\'e}dric Fournet Samin and Swamy, Markulf Kohlweiss Jonathan Protzenko Nikhil and Zinzindohou{\'e}, Santiago Zanella-B{\'e}guelin Jean Karim} |
| } |
| |
| @article{bhargavan2016implementing, |
| title={Implementing and Proving the TLS 1.3 Record Layer}, |
| author={Bhargavan, Karthikeyan and Delignat-Lavaud, Antoine and Fournet, Cédric and Kohlweiss, Markulf and Pan, Jianyang and Protzenko, Jonathan and Rastogi, Aseem and Swamy, Nikhil and Zanella-Béguelin, Santiago and Zinzindohoué, Jean Karim}, |
| year={2016} |
| } |
| |
| @inproceedings{bhargavan2016proscript, |
| title={ProScript TLS: Building a TLS 1.3 Implementation with a Verifiable Protocol Model}, |
| author={Bhargavan, Karthikeyan and Kobeissi, Nadim and Blanchet, Bruno}, |
| booktitle={TRON Workshop-TLS 1.3, Ready Or Not}, |
| year={2016} |
| } |
| |
| @inproceedings{beurdouche2015messy, |
| title={A messy state of the union: Taming the composite state machines of TLS}, |
| author={Beurdouche, Benjamin and Bhargavan, Karthikeyan and Delignat-Lavaud, Antoine and Fournet, C{\'e}dric and Kohlweiss, Markulf and Pironti, Alfredo and Strub, Pierre-Yves and Zinzindohoue, Jean Karim}, |
| booktitle={Security and Privacy (SP), 2015 IEEE Symposium on}, |
| pages={535--552}, |
| year={2015}, |
| organization={IEEE} |
| } |
| |
| @inproceedings{somorovsky2016systematic, |
| title={Systematic fuzzing and testing of TLS libraries}, |
| author={Somorovsky, Juraj}, |
| booktitle={Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security}, |
| pages={1492--1504}, |
| year={2016}, |
| organization={ACM} |
| } |
| |
| @book{cremers2006scyther, |
| title={Scyther: Semantics and verification of security protocols}, |
| author={Cremers, Casimier Joseph Franciscus}, |
| year={2006}, |
| publisher={Eindhoven University of Technology Eindhoven, Netherlands} |
| } |
| |
| @article{goubault2000method, |
| title={A method for automatic cryptographic protocol verification}, |
| author={Goubault-Larrecq, Jean}, |
| journal={Parallel and Distributed Processing}, |
| pages={977--984}, |
| year={2000}, |
| publisher={Springer} |
| } |
| |
| @techreport{bella2000inductive, |
| title={Inductive verification of cryptographic protocols}, |
| author={Bella, Giampaolo}, |
| year={2000}, |
| institution={University of Cambridge, Computer Laboratory} |
| } |
| |
| # Standards |
| |
| @techreport{kaufman2014internet, |
| title={Internet key exchange protocol version 2 (IKEv2)}, |
| author={Kaufman, Charlie and Hoffman, Paul and Nir, Yoav and Eronen, Parsi and Kivinen, T}, |
| year={2014} |
| } |
| |
| @incollection{paterson2016reactive, |
| title={Reactive and Proactive Standardisation of TLS}, |
| author={Paterson, Kenneth G and van der Merwe, Thyla}, |
| booktitle={Security Standardisation Research}, |
| pages={160--186}, |
| year={2016}, |
| publisher={Springer} |
| } |
| |
| # General, Measurement, etc. |
| |
| ### INCOMPLETE, financial crypto 2017 |
| @article{samarasinghe2017short, |
| title={Short Paper: TLS Ecosystems in Networked Devices vs. Web Servers}, |
| author={Samarasinghe, Nayanamana and Mannan, Mohammad}, |
| year={2017} |
| } |
| |
| ### INCOMPLETE, financial crypto 2017 |
| @article{chothiabanker, |
| title={Why Banker Bob (still) Can’t Get TLS Right: A Security Analysis of TLS in Leading UK Banking Apps}, |
| author={Chothia, Tom and Garcia, Flavio D and Heppel, Chris and Stone, Chris McMahon} |
| } |
| |
| @phdthesis{levillain2016study, |
| title={A study of the TLS ecosystem}, |
| author={Levillain, Olivier}, |
| year={2016}, |
| school={Institut National des T{\'e}l{\'e}communications} |
| } |
| |
| @inproceedings{springall2016measuring, |
| title={Measuring the Security Harm of TLS Crypto Shortcuts}, |
| author={Springall, Drew and Durumeric, Zakir and Halderman, J Alex}, |
| booktitle={Proceedings of the 2016 ACM on Internet Measurement Conference}, |
| pages={33--47}, |
| year={2016}, |
| organization={ACM} |
| } |
