[BOOK][B] Protocols for authentication and key establishment
The first edition of this book was published in 2003. Inevitably, certain parts of the book
became outdated quickly. At the same time new developments have continued apace …
became outdated quickly. At the same time new developments have continued apace …
SoK: Computer-aided cryptography
Computer-aided cryptography is an active area of research that develops and applies
formal, machine-checkable approaches to the design, analysis, and implementation of …
formal, machine-checkable approaches to the design, analysis, and implementation of …
A messy state of the union: Taming the composite state machines of TLS
The Transport Layer Security (TLS) protocol supports various authentication modes, key
exchange methods, and protocol extensions. Confusingly, each combination may prescribe …
exchange methods, and protocol extensions. Confusingly, each combination may prescribe …
A cryptographic analysis of the TLS 1.3 handshake protocol
We analyze the handshake protocol of the Transport Layer Security (TLS) protocol, version
1.3. We address both the full TLS 1.3 handshake (the one round-trip time mode, with …
1.3. We address both the full TLS 1.3 handshake (the one round-trip time mode, with …
The applied pi calculus: Mobile values, new names, and secure communication
We study the interaction of the programming construct “new,” which generates statically
scoped names, with communication via messages on channels. This interaction is crucial in …
scoped names, with communication via messages on channels. This interaction is crucial in …
Automated analysis and verification of TLS 1.3: 0-RTT, resumption and delayed authentication
After a development process of many months, the TLS 1.3 specification is nearly complete.
To prevent past mistakes, this crucial security protocol must be thoroughly scrutinised prior …
To prevent past mistakes, this crucial security protocol must be thoroughly scrutinised prior …
A cryptographic analysis of the TLS 1.3 handshake protocol candidates
The Internet Engineering Task Force (IETF) is currently develo** the next version of the
Transport Layer Security (TLS) protocol, version 1.3. The transparency of this …
Transport Layer Security (TLS) protocol, version 1.3. The transparency of this …
Verified low-level programming embedded in F
We present Low*, a language for low-level programming and verification, and its application
to high-assurance optimized cryptographic libraries. Low* is a shallow embedding of a …
to high-assurance optimized cryptographic libraries. Low* is a shallow embedding of a …
Owl: Compositional verification of security protocols via an information-flow type system
J Gancher, S Gibson, P Singh… - … IEEE Symposium on …, 2023 - ieeexplore.ieee.org
Computationally sound protocol verification tools promise to deliver full-strength
cryptographic proofs for security protocols. Unfortunately, current tools lack either modularity …
cryptographic proofs for security protocols. Unfortunately, current tools lack either modularity …
The OPTLS protocol and TLS 1.3
We present the OPTLS key-exchange protocol, its design, rationale and cryptographic
analysis. OPTLS design has been motivated by the ongoing work in the TLS working group …
analysis. OPTLS design has been motivated by the ongoing work in the TLS working group …