A cryptographic analysis of the TLS 1.3 handshake protocol
From MaRDI portal
Publication:1983332
DOI10.1007/s00145-021-09384-1zbMath1472.94049OpenAlexW3083633640WikidataQ114850021 ScholiaQ114850021MaRDI QIDQ1983332
Douglas Stebila, Marc Fischlin, Felix Günther, Benjamin Dowling
Publication date: 10 September 2021
Published in: Journal of Cryptology (Search for Journal in Brave)
Full work available at URL: https://doi.org/10.1007/s00145-021-09384-1
Related Items (19)
Oblivious TLS via multi-party computation ⋮ Flexible Authenticated and Confidential Channel Establishment (fACCE): Analyzing the Noise Protocol Framework ⋮ Benchmarking Post-quantum Cryptography in TLS ⋮ Provable security analysis of FIDO2 ⋮ Towards post-quantum security for signal's X3DH handshake ⋮ Short variable length domain extenders with beyond birthday bound security ⋮ More efficient post-quantum KEMTLS with pre-distributed public keys ⋮ Multipath TLS 1.3 ⋮ Zero round-trip time for the extended access control protocol ⋮ On the concrete security of TLS 1.3 PSK mode ⋮ On IND-qCCA security in the ROM and its applications. CPA security is sufficient for TLS 1.3 ⋮ Key-schedule security for the TLS 1.3 standard ⋮ When messages are keys: is HMAC a dual-PRF? ⋮ Post-quantum asynchronous deniable key exchange and the signal handshake ⋮ Authenticated confidential channel establishment and the security of TLS-DHE ⋮ State separation for code-based game-playing proofs ⋮ Privacy-preserving authenticated key exchange and the case of IKEv2 ⋮ KEMTLS with delayed forward identity protection in (almost) a single round trip ⋮ Tighter proofs for the SIGMA and TLS 1.3 key exchange protocols
Uses Software
Cites Work
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Unnamed Item
- Security standardisation research. Third international conference, SSR 2016, Gaithersburg, MD, USA, December 5--6, 2016. Proceedings
- A formal treatment of multi-key channels
- PRF-ODH: relations, instantiations, and impossibility results
- Secure communication channel establishment: TLS 1.3 (over TCP Fast Open) versus QUIC
- On the tight security of TLS 1.3: theoretically sound cryptographic parameters for real-world deployments
- Secure channels and termination: the last word on TLS
- Highly efficient key exchange protocols with optimal tightness
- The Multi-user Security of Authenticated Encryption: AES-GCM in TLS 1.3
- On the Security of the TLS Protocol: A Systematic Analysis
- Proving the TLS Handshake Secure (As It Is)
- Formalizing Human Ignorance
- On the Security of TLS-DHE in the Standard Model
- Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol
- Modelling Ciphersuite and Version Negotiation in the TLS Protocol
- Keying Hash Functions for Message Authentication
- Data Is a Stream: Security of Stream-Based Channels
- (De-)Constructing TLS 1.3
- Augmented Secure Channels and the Goal of the TLS 1.3 Record Layer
- Stronger Security of Authenticated Key Exchange
- Cryptographic Extraction and Key Derivation: The HKDF Scheme
- A Modular Security Analysis of the TLS Handshake Protocol
- 0-RTT Key Exchange with Full Forward Secrecy
- On the Security of the Pre-shared Key Ciphersuites of TLS
- Advances in Cryptology - CRYPTO 2003
- A Universally Composable Framework for the Analysis of Browser-Based Security Protocols
- New Proofs for NMAC and HMAC: Security Without Collision-Resistance
- Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange
- Session resumption protocols and efficient forward security for TLS 1.3 0-RTT
This page was built for publication: A cryptographic analysis of the TLS 1.3 handshake protocol
