, The Oracle Diffie-Hellman Assumptions and an Analysis of DHIES, Topics in Cryptology ? CT-RSA 2001, pp.143-158, 2001.
DOI : 10.1007/3-540-45353-9_12
, Cryptographic agility and its reation to circular encryption, 2010.
, Man-in-the-Middle in Tunnelled Authentication Protocols, 11th International Workshop on Security Protocols, pp.28-41, 2005.
DOI : 10.1007/11542322_6
, Transport Layer Security (TLS) Channel IDs. IETF Internet Draft draft-balfanz-tls-channelid-01, 2013.
, Computer-Aided Security Proofs for the Working Cryptographer, Advances in Cryptology ? CRYPTO 2011, 2011.
DOI : 10.1007/978-3-642-22792-9_5
URL : https://hal.archives-ouvertes.fr/hal-01112075
, Verified security of redundancy-free encryption from Rabin and RSA, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, pp.724-735, 2012.
DOI : 10.1145/2382196.2382272
URL : https://hal.archives-ouvertes.fr/hal-00764871
, Entity Authentication and Key Distribution, Advances in Cryptology ? CRYPTO'93, 1993.
DOI : 10.1007/3-540-48329-2_21
, Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements, Advances in Cryptology ? EUROCRYPT 2000, pp.259-274, 2000.
DOI : 10.1007/3-540-45539-6_18
, Implementing TLS with verified cryptograhic security, IEEE Symposium on Security and Privacy, 2013.
, Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, 2014 IEEE Symposium on Security and Privacy, 2014.
DOI : 10.1109/SP.2014.14
URL : https://hal.archives-ouvertes.fr/hal-01102259
, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology ? CRYPTO'98, 1998.
DOI : 10.1007/BFb0055716
, Practical Realisation and Elimination of an ECC-Related Software Bug Attack, Topics in Cryptology ? CT-RSA 2012, 2011.
DOI : 10.1007/11761679_2
, Less is more: relaxed yet composable security notions for key exchange, International Journal of Information Security, vol.23, issue.4, 2012.
DOI : 10.1007/s10207-013-0192-y
, Universally composable security: a new paradigm for cryptographic protocols, Proceedings 2001 IEEE International Conference on Cluster Computing, pp.136-145, 2001.
DOI : 10.1109/SFCS.2001.959888
, Universally Composable Notions of Key Exchange and Secure Channels, Advances in Cryptology ? EUROCRYPT 2002, pp.337-351, 2002.
DOI : 10.1007/3-540-46035-7_22
, Relaxing Chosen-Ciphertext Security, Advances in Cryptology ? CRYPTO 2003, 2003.
DOI : 10.1007/978-3-540-45146-4_33
, Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack, SIAM Journal on Computing, vol.33, issue.1, pp.167-226, 2003.
DOI : 10.1137/S0097539702403773
, On the Joint Security of Encryption and Signature in EMV, Topics in Cryptology -CT-RSA 2012, pp.116-135, 2012.
DOI : 10.1007/978-3-642-11925-5_2
URL : https://hal.archives-ouvertes.fr/hal-01111635
, The Transport Layer Security (TLS) Protocol Version 1, 2008.
, Multi-ciphersuite security and the SSH protocol, Cryptology ePrint Archive, vol.813, 2013.
, Rethinking SSL development in an appified world, Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, CCS '13, 2013.
DOI : 10.1145/2508859.2516655
, Hash Function Combiners in TLS and SSL, Topics in Cryptology ? CT-RSA 2010, 2010.
DOI : 10.1007/978-3-642-11925-5_19
, HMAC is a randomness extractor and applications to TLS, Proceedings of the 2008 ACM symposium on Information, computer and communications security , ASIACCS '08, 2008.
DOI : 10.1145/1368310.1368317
URL : https://hal.archives-ouvertes.fr/inria-00419158
, Modular code-based cryptographic verification, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, 2011.
DOI : 10.1145/2046707.2046746
URL : https://hal.archives-ouvertes.fr/inria-00614372
, Universally Composable Security Analysis of TLS, 2nd International Conference on Provable Security, pp.313-327, 2008.
DOI : 10.1007/11555827_28
, The most dangerous code in the world, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, 2012.
DOI : 10.1145/2382196.2382204
, On the security of TLS renegotiation, Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, CCS '13, 2013.
DOI : 10.1145/2508859.2516694
, Securely combining public-key cryptosystems, Proceedings of the 8th ACM conference on Computer and Communications Security , CCS '01, 2001.
DOI : 10.1145/501983.502013
, On the Security of TLS-DHE in the Standard Model, Advances in Cryptology ? CRYPTO 2012, 2012.
DOI : 10.1007/978-3-642-32009-5_17
, One bad apple: Backwards compatibility attacks on state-of-the-art cryptography, 20th Annual Network and Distributed System Security Symposium, NDSS 2013, 2013.
, Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2, 2003.
DOI : 10.17487/rfc3447
, On the Security of RSA Encryption in TLS, Advances in Cryptology ? CRYPTO 2002, 2002.
DOI : 10.1007/3-540-45708-9_9
, Protocol interactions and the chosen protocol attack, 5th International Security Protocols Workshop, pp.91-104, 1998.
DOI : 10.1007/BFb0028162
, Further Results and Considerations on Side Channel Attacks on RSA, 4th International Workshop on Cryptographic Hardware and Embedded Systems, CHES 2003, pp.244-259, 2003.
DOI : 10.1007/3-540-36400-5_19
, Attacking RSA-Based Sessions in SSL/TLS, Cryptographic Hardware and Embedded Systems ? CHES 2003, 2003.
DOI : 10.1007/978-3-540-45238-6_33
, On the security of TLS-DH and TLS-RSA in the standard model, Cryptology ePrint Archive, vol.367, 2013.
, On the Security of the TLS Protocol: A Systematic Analysis, Advances in Cryptology ? CRYPTO 2013, 2013.
DOI : 10.1007/978-3-642-40041-4_24
, On the Security of the TLS Protocol: A Systematic Analysis, Cryptology ePrint Archive, vol.339, 2013.
DOI : 10.1007/978-3-642-40041-4_24
, Variants of Bleichenbacher's low-exponent attack on PKCS#1 RSA signatures, Sicherheit, 2008.
, Composition theorems without pre-established session identifiers, Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pp.41-50, 2011.
DOI : 10.1145/2046707.2046715
, Unfortunate current practices for HTTP over TLS, 2011.
, Transport Layer Security (TLS) Next Protocol Negotiation Extension, Internet Draft, 2012.
, Transport Layer Security (TLS) False Start, 2010.
DOI : 10.17487/RFC7918
, A key recovery attack on discrete log-based schemes using a prime order subgroupp, Advances in Cryptology ? CRYPTO'97, 1997.
, Constructive Cryptography ??? A New Paradigm for Security Definitions and Proofs, Joint Workshop on Theory of Security and Applications, pp.33-56, 2011.
DOI : 10.1007/978-3-642-27375-9_3
, Preventing cross-protocol attacks in TLS protocol, Internet Draft, 2012.
, A cross-protocol attack on the TLS protocol, Proceedings of the 2012 ACM conference on Computer and communications security, CCS '12, 2012.
DOI : 10.1145/2382196.2382206
, Lessons learned from previous SSL/TLS attacks -a brief chronology of attacks and weaknesses, Cryptology ePrint Archive, 2013.
, A Modular Security Analysis of the TLS Handshake Protocol, Advances in Cryptology ? ASIACRYPT, 2008.
DOI : 10.1145/322510.322530
, Divisibility, Smoothness and Cryptographic Applications. ArXiv e-prints, 2008.
, Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol, Advances in Cryptology ? ASIACRYPT 2011, 2011.
DOI : 10.1007/978-3-642-25385-0_20
, On the Joint Security of Encryption and Signature, Revisited, Lecture Notes in Computer Science, vol.7073, pp.161-178, 2011.
DOI : 10.1007/978-3-642-25385-0_9
, SSL server test
, Authentication gap in TLS renegotiation, 2009.
, TLS renegotiation indication extension, 2010.
, MITM attack on delayed TLS-client auth through renegotiation, 2009.
, Formalizing Human Ignorance, VIETCRYPT, pp.211-228, 2006.
DOI : 10.1007/11958239_14
, Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate, Report, vol.111, 2009.
DOI : 10.1007/978-3-642-03356-8_4
, Prohibiting secure sockets layer (SSL) version 2.0. RFC 6176, 2011.
, Analysis of the SSL 3.0 protocol, 2nd USENIX Workshop on Electronic Commerce (WOEC'96), 1996.