- title = "The {EAX} Mode of Operation",
- author = "Mihir Bellare and Phillip Rogaway and David Wagner",
- bibdate = "2004-07-29",
- bibsource = "DBLP,
- http://dblp.uni-trier.de/db/conf/fse/fse2004.html#BellareRW04",
- booktitle = "FSE",
- booktitle = "Fast Software Encryption, 11th International Workshop,
- {FSE} 2004, Delhi, India, February 5-7, 2004, Revised
- Papers",
- publisher = "Springer",
- year = "2004",
- volume = "3017",
- editor = "Bimal K. Roy and Willi Meier",
- ISBN = "3-540-22171-9",
- pages = "389--407",
- series = "Lecture Notes in Computer Science",
- URL = "http://www.cs.berkeley.edu/~daw/papers/eax-fse04.ps"
-}
-
-@Misc{Shoup:1999:OFM,
- title = "On Formal Models for Secure Key Exchange",
- author = "Victor Shoup",
- year = "1999",
- month = apr # "~21",
- abstract = "A new formal security model for session key exchange
- protocols in the public key setting is proposed, and
- several efficient protocols are analyzed in this model.
- The relationship between this new model and previously
- proposed models is explored, and several interesting,
- subtle distinctions between static and adaptive
- adversaries are explored. We also give a brief account
- of anonymous users.",
- citeseer-references = "oai:CiteSeerPSU:100248; oai:CiteSeerPSU:159141;
- oai:CiteSeerPSU:587558; oai:CiteSeerPSU:70784;
- oai:CiteSeerPSU:459391; oai:CiteSeerPSU:340126;
- oai:CiteSeerPSU:343528; oai:CiteSeerPSU:451555;
- oai:CiteSeerPSU:432396",
- annote = "Victor Shoup (IBM Zurich Research Lab , Saumerstr; 4 ,
- 8803 Ruschlikon , Switzerland);",
- bibsource = "OAI-PMH server at cs1.ist.psu.edu",
- oai = "oai:CiteSeerPSU:190779",
- rights = "unrestricted",
- URL = "http://www.shoup.net/papers/skey.ps.Z",
-}
-
-@misc{Koblitz:2006:ALP,
- author = {Neal Koblitz and Alfred Menezes},
- title = {Another Look at ``Provable Security''. {II}},
- howpublished = {Cryptology ePrint Archive, Report 2006/229},
- year = {2006},
- url = {http://eprint.iacr.org/2006/229},
-}
-
-@Article{Blake-Wilson:1998:EAA,
- author = "S. Blake-Wilson and A. Menezes",
- title = "Entity Authentication and Authenticated Key Transport
- Protocols Employing Asymmetric Techniques",
- journal = "Lecture Notes in Computer Science",
- volume = "1361",
- pages = "137--??",
- year = "1998",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Tue Apr 28 08:51:33 MDT 1998",
- acknowledgement = "Nelson H. F. Beebe, Center for Scientific
- Computing, University of Utah, Department of
- Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|,
- \path|beebe@ieee.org| (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
- url = "http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/transport.ps"
-}
-
-@Article{Blake-Wilson:1997:KAP,
- author = "S. Blake-Wilson and D. Johnson and A. Menezes",
- title = "Key Agreement Protocols and Their Security Analysis",
- journal = "Lecture Notes in Computer Science",
- volume = "1355",
- pages = "30--??",
- year = "1997",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Tue Apr 28 08:51:33 MDT 1998",
- acknowledgement = "Nelson H. F. Beebe, University of Utah, Department
- of Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|
- (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
- url = "http://www.cacr.math.uwaterloo.ca/~ajmeneze/publications/agreement.ps"
-}
-
-@InProceedings{Bellare:1998:MAD,
- author = "Mihir Bellare and Ran Canetti and Hugo Krawczyk",
- title = "A Modular Approach to the Design and Analysis of Key
- Exchange Protocols",
- pages = "419--428",
- ISBN = "0-89791-962-9",
- booktitle = "Proceedings of the 30th Annual {ACM} Symposium on
- Theory of Computing ({STOC}-98)",
- month = may # "~23--26",
- publisher = "ACM Press",
- address = "New York",
- year = "1998",
- url = "http://www.cs.ucsd.edu/~mihir/papers/key-distribution.html"
-}
-
-@TechReport{Canetti:2001:UCS,
- author = "Ran Canetti",
- title = "Universally Composable Security: {A} New Paradigm for
- Cryptographic Protocols",
- added-by = "sti",
- URL = "http://eprint.iacr.org/2000/067",
- number = "2000/067",
- month = oct,
- abstract = "We propose a new paradigm for defining security of
- cryptographic protocols, called {\sf universally
- composable security.} The salient property of
- universally composable definitions of security is that
- they guarantee security even when a secure protocol is
- composed with an arbitrary set of protocols, or more
- generally when the protocol is used as a component of
- an arbitrary system. This is an essential property for
- maintaining security of cryptographic protocols in
- complex and unpredictable environments such as the
- Internet. In particular, universally composable
- definitions guarantee security even when an unbounded
- number of protocol instances are executed concurrently
- in an adversarially controlled manner, they guarantee
- non-malleability with respect to arbitrary protocols,
- and more. We show how to formulate universally
- composable definitions of security for practically any
- cryptographic task. Furthermore, we demonstrate that
- practically any such definition can be realized using
- known general techniques, as long as only a minority of
- the participants are corrupted. We then proceed to
- formulate universally composable definitions of a wide
- array of cryptographic tasks, including authenticated
- and secure communication, key-exchange, public-key
- encryption, signature, commitment, oblivious transfer,
- zero-knowledge, and more. We also make initial steps
- towards studying the realizability of the proposed
- definitions in other natural settings.",
- keywords = "foundations / cryptographic protocols, security
- analysis of protocols, concurrent composition",
- type = "Report",
- annote = "Revised version of \cite{Canett2000a}.",
- year = "2001",
- institution = "Cryptology {ePrint} Archive",
- added-at = "Wed Oct 17 16:02:37 2001",
- note = "Extended Abstract appeared in proceedings of the 42nd
- Symposium on Foundations of Computer Science (FOCS),
- 2001",
-}
-
-@Article{Canett2000a,
- author = "Ran Canetti",
- title = "Security and Composition of Multiparty Cryptographic
- Protocols",
- added-by = "sti",
- URL = "http://link.springer-ny.com/link/service/journals/00145/papers/0013001/00130143.pdf",
- journal = "Journal of Cryptology",
- number = "1",
- month = "Winter",
- abstract = "We present general definitions of security for
- multiparty cryptographic protocols, with focus on the
- task of evaluating a probabilistic function of the
- parties' inputs. We show that, with respect to these
- definitions, security is preserved under a natural
- composition operation. The definitions follow the
- general paradigm of known definitions; yet some
- substantial modifications and simplifications are
- introduced. The composition operation is the natural
- ``subroutine substitution'' operation, formalized by
- Micali and Rogaway. We consider several standard
- settings for multiparty protocols, including the cases
- of eavesdropping, Byzantine, nonadaptive and adaptive
- adversaries, as well as the information-theoretic and
- the computational models. In particular, in the
- computational model we provide the first definition of
- security of protocols that is shown to be preserved
- under composition.",
- volume = "13",
- annote = "Discusses general formalization of Secure Multiparty
- Computation in synchronous model with passive vs active
- (=> compute function t-privately vs t-securely) and
- static vs adaptive adversaries as well as perfect
- (e.g., with secure channel) and cryptographic settings.
- Contrary to previous definitions doesn't restrict to
- black-box simulations (though probably that restriction
- was not that important) and allows rewinds (more
- important, e.g., ZKP). Probably most precise and
- complete to date. Proves composition theorems for
- 'sequential subroutine composition'. To model adaptive
- adversaries he defines an additional TM Z to model the
- environment which feeds the context as auxiliary input
- on corruptions as well models post-execution effects in
- a non-erasing model by allowing Z (on input \emph{all}
- outputs of the protocol) to further corrupt parties
- (via adversary) after the termination of the protocol.
- The simulation has to hold now for all Z and all A (but
- note that contrary to A, Z is the same in the ideal
- model!). However, if we consider erasing models where
- all internal states are deleted after protocol
- terminatin then Z can be simplified to apriori fixed
- auxilliary strings for each corruption. Appeared also
- as Theory of Cryptography Library Record 98-18.",
- year = "2000",
- pages = "143--202",
- publisher = "Springer-Verlag, Berlin Germany",
- added-at = "Thu Jul 20 11:01:42 2000",
-}
-
-
-@Article{Canetti:2002:UCN,
- author = "Ran Canetti and Hugo Krawczyk",
- title = "Universally Composable Notions of Key Exchange and
- Secure Channels",
- journal = "Lecture Notes in Computer Science",
- volume = "2332",
- pages = "337--??",
- year = "2002",
- CODEN = "LNCSD9",
- ISSN = "0302-9743",
- bibdate = "Tue Sep 10 19:09:37 MDT 2002",
- bibsource = "http://link.springer-ny.com/link/service/series/0558/tocs/t2332.htm",
- url = "http://eprint.iacr.org/2002/059",
- acknowledgement = "Nelson H. F. Beebe, Center for Scientific
- Computing, University of Utah, Department of
- Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake
- City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1
- 801 581 4148, e-mail: \path|beebe@math.utah.edu|,
- \path|beebe@acm.org|, \path|beebe@computer.org|,
- \path|beebe@ieee.org| (Internet), URL:
- \path|http://www.math.utah.edu/~beebe/|",
-}
-
-@misc{Shoup:2004:SGT,
- author = {Victor Shoup},
- title = {Sequences of games: a tool for taming complexity in security proofs},
- howpublished = {Cryptology ePrint Archive, Report 2004/332},
- year = {2004},
- url = {http://eprint.iacr.org/2004/332},