+ year = 2006,
+ editor = "Serge Vaudenay",
+ volume = 4004,
+ series = "Lecture Notes in Computer Science",
+ pages = "409--426",
+ publisher = "Springer",
+ note = "Proceedings version of
+ \cite{bellare-rogaway-2004:triple-enc-eprint}",
+ bibdate = "2006-07-05",
+ bibsource = "DBLP, http://dblp.uni-trier.de/db/conf/eurocrypt/eurocrypt2006.html#BellareR06",
+ isbn = "3-540-34546-9"
+}
+
+@InProceedings{bernstein-2005:poly1305,
+ author = "Daniel J. Bernstein",
+ title = "The Poly1305-AES Message-Authentication Code",
+ booktitle = "Fast Software Encryption: 12th International Workshop,
+ {FSE} 2005, Paris, France, February 21-23, 2005, Revised
+ Selected Papers",
+ year = 2005,
+ pages = "32--49",
+ crossref = "DBLP:conf/fse/2005",
+ url = "https://doi.org/10.1007/11502760_3",
+ doi = "10.1007/11502760_3",
+ timestamp = "Tue, 30 May 2017 16:36:53 +0200",
+ biburl = "http://dblp.uni-trier.de/rec/bib/conf/fse/Bernstein05",
+ bibsource = "dblp computer science bibliography, http://dblp.org"
+}
+
+@Misc{bernstein-2005:salsa20,
+ author = "Daniel J. Bernstein",
+ title = "{Salsa20} Specification",
+ howpublished = "Submission to the ECRYPT Stream Cipher project (eSTREAM)",
+ month = apr,
+ year = 2005,
+ url = "https://cr.yp.to/snuffle/spec.pdf"
+}
+
+@InProceedings{bernstein-2006:curve25519,
+ author = "Daniel J. Bernstein",
+ title = "Curve25519: New Diffie-Hellman Speed Records",
+ booktitle = "Public Key Cryptography - {PKC} 2006, 9th International
+ Conference on Theory and Practice of Public-Key
+ Cryptography, New York, NY, USA, April 24-26, 2006,
+ Proceedings",
+ year = 2006,
+ pages = "207--228",
+ crossref = "DBLP:conf/pkc/2006",
+ url = "https://cr.yp.to/papers.html#curve25519",
+ doi = "10.1007/11745853_14",
+ timestamp = "Tue, 30 May 2017 16:36:52 +0200",
+ biburl = "http://dblp.uni-trier.de/rec/bib/conf/pkc/Bernstein06",
+ bibsource = "dblp computer science bibliography, http://dblp.org"
+}
+
+@Article{blake-wilson-1997:key-agreement,
+ author = "S. Blake-Wilson and D. Johnson and A. Menezes",
+ title = "Key Agreement Protocols and Their Security Analysis",
+ journal = "Lecture Notes in Computer Science",
+ year = 1997,
+ volume = 1355,
+ pages = "30--??",
+ issn = "0302-9743 (print), 1611-3349 (electronic)"
+}
+
+@Article{blake-wilson-menezes-1998:asymm-key-transport,
+ author = "S. Blake-Wilson and A. Menezes",
+ title = "Entity Authentication and Authenticated Key Transport
+ Protocols Employing Asymmetric Techniques",
+ journal = "Lecture Notes in Computer Science",
+ year = 1998,
+ volume = 1361,
+ pages = "137--??",
+ issn = "0302-9743 (print), 1611-3349 (electronic)"
+}
+
+@Article{boneh-1998:ddh,
+ author = "D. Boneh",
+ title = "The Decision {Diffie--Hellman} Problem",
+ journal = "Lecture Notes in Computer Science",
+ year = 1998,
+ volume = 1423,
+ pages = "48--63",
+ issn = "0302-9743 (print), 1611-3349 (electronic)",
+ url = "http://theory.stanford.edu/~dabo/papers/DDH.ps.gz"
+}
+
+@Article{boneh-franklin-2003:ibe-weil-pairing,
+ author = "Dan Boneh and Matthew Franklin",
+ title = "Identity-Based Encryption from the {Weil} Pairing",
+ journal = "SIAM Journal on Computing",
+ year = 2003,
+ volume = 32,
+ number = 3,
+ pages = "586--615",
+ month = jun,
+ doi = "https://doi.org/10.1137/S0097539701398521",
+ issn = "0097-5397 (print), 1095-7111 (electronic)",
+ url = "http://epubs.siam.org/sam-bin/dbq/article/39852"
+}
+
+@InProceedings{borisov-2004:off-the-record,
+ author = "Nikita Borisov and Ian Goldberg and Eric A. Brewer",
+ title = "Off-the-record communication, or, why not to use PGP",
+ booktitle = "WPES",
+ year = 2004,
+ pages = "77--84",
+ ee = "http://doi.acm.org/10.1145/1029179.1029200",
+ url = "http://www.cypherpunks.ca/otr/otr-wpes.pdf",
+ crossref = "DBLP:conf/wpes/2004",
+ bibsource = "DBLP, http://dblp.uni-trier.de"
+}
+
+@InProceedings{brassard-crepeau-1989:sorting-zero-knowledge,
+ author = "Gilles Brassard and Claude Crepeau",
+ title = "Sorting out Zero-Knowledge",
+ booktitle = "Theory and Application of Cryptographic Techniques",
+ year = 1989,
+ pages = "181--191",
+ url = "http://citeseer.nj.nec.com/brassard90sorting.html"
+}
+
+@TechReport{burrows-1989:logic-authn,
+ author = "Michael Burrows and Martin Abadi and Roger Needham",
+ title = "A Logic of Authentication",
+ institution = "Digital Equipment Corporation, Systems Research Centre",
+ year = 1989,
+ number = 39,
+ month = feb,
+ pages = 48,
+ abstract = "Questions of belief are essential in analyzing protocols
+ for authentication in distributed computing systems. In
+ this paper we motivate, set out, and exemplify a logic
+ specifically designed for this analysis; we show how
+ various protocols differ subtly with respect to the
+ required initial assumptions of the participants and their
+ final beliefs. Our formalism has enabled us to isolate and
+ express these differences with a precision that was not
+ previously possible. It has drawn attention to features of
+ protocols of which we and their authors were previously
+ unaware, and allowed us to suggest improvements to the
+ protocols. The reasoning about some protocols has been
+ mechanically verified. This paper starts with an informal
+ account of the problem, goes on to explain the formalism
+ to be used, and gives examples of its application to
+ protocols from the literature, both with conventional
+ shared-key cryptography and with public-key
+ cryptography. Some of the examples are chosen because of
+ their practical importance, while others serve to
+ illustrate subtle points of the logic and to explain how
+ we use it. We discuss extensions of the logic motivated by
+ actual practice -- for example, in order to account for
+ the use of hash functions in signatures. The final
+ sections contain a formal semantics of the logic and some
+ conclusions."
+}
+
+@Article{canetti-2000:security-and-composition,
+ author = "Ran Canetti",
+ title = "Security and Composition of Multiparty Cryptographic
+ Protocols",
+ journal = j-J-CRYPTOLOGY,
+ year = 2000,
+ volume = 13,
+ number = 1,
+ pages = "143--202",
+ coden = "JOCREQ",
+ issn = "0933-2790 (print), 1432-1378 (electronic)",
+ issn-l = "0933-2790",
+ bibdate = "Mon Oct 9 17:48:14 MDT 2000",
+ bibsource = "http://link.springer.de/link/service/journals/00145/tocs/t0013001.html;
+ http://www.math.utah.edu/pub/tex/bib/jcryptology.bib",
+ url = "http://link.springer.de/link/service/journals/00145/bibs/0013001/00130143.html",
+ acknowledgement= ack-nhfb,
+ journal-url = "http://link.springer.com/journal/145"
+}
+
+@InProceedings{canetti-2001:uc-security,
+ author = "R. Canetti",
+ title = "{Universally Composable} security: a new paradigm for
+ cryptographic protocols",
+ booktitle = "{42nd IEEE Symposium on Foundations of Computer Science:
+ proceedings: October 14--17, 2001, Las Vegas, Nevada,
+ USA}",
+ year = 2001,
+ editor = "{IEEE}",
+ pages = "136--145",
+ address = "1109 Spring Street, Suite 300, Silver Spring, MD 20910,
+ USA",
+ publisher = "IEEE Computer Society Press",
+ isbn = "0-7695-1390-5, 0-7695-1391-3 (case), 0-7695-1392-1
+ (microfiche)",
+ issn = "0272-5428"
+}
+
+@TechReport{canetti-2001:uc-security-eprint,
+ author = "Ran Canetti",
+ title = "{Universally Composable} Security: a New Paradigm for