Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Collisions for the compression function of MD5
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security (TISSEC)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
REACT: Rapid Enhanced-Security Asymmetric Cryptosystem Transform
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
GEM: A Generic Chosen-Ciphertext Secure Encryption Method
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
RSA-OAEP Is Secure under the RSA Assumption
CRYPTO '01 Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology
Universal Padding Schemes for RSA
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes
PKC '01 Proceedings of the 4th International Workshop on Practice and Theory in Public Key Cryptography: Public Key Cryptography
Low-exponent RSA with related messages
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
New attacks on PKCS#1 v1.5 encryption
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
HMAC is a randomness extractor and applications to TLS
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Enforcing User-Aware Browser-Based Mutual Authentication with Strong Locked Same Origin Policy
ACISP '08 Proceedings of the 13th Australasian conference on Information Security and Privacy
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
Universally Composable Security Analysis of TLS
ProvSec '08 Proceedings of the 2nd International Conference on Provable Security
A Modular Security Analysis of the TLS Handshake Protocol
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
User-aware provably secure protocols for browser-based mutual authentication
International Journal of Applied Cryptography
Verified Cryptographic Implementations for TLS
ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
On the security of TLS renegotiation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
We show that the security of the TLS handshake protocol based on RSA can be related to the hardness of inverting RSA given a certain "partial-RSA" decision oracle. The reduction takes place in a security model with reasonable assumptions on the underlying TLS pseudo-random function, thereby addressing concerns about its construction in terms of two hash functions. The result is extended to a wide class of constructions that we denote tagged key-encapsulation mechanisms.