M. Abdalla, E. Bresson, O. Chevassut, B. Möller, and D. Pointcheval, Provably secure password-based authentication in TLS, Proceedings of the 2006 ACM Symposium on Information, computer and communications security , ASIACCS '06, pp.35-45, 2006.
DOI : 10.1145/1128817.1128827
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.74.20

R. Dhamija, J. D. Tygar, and M. Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems , CHI '06, pp.581-590, 2006.
DOI : 10.1145/1124772.1124861

T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1.2, RFC, vol.5246, 2008.
DOI : 10.17487/rfc5246

J. Engler, C. Karlof, E. Shi, and D. Song, Is it too late for PAKE?, W2SP '09: Proceedings of the Web 2.0 Security and Privacy Workshop, 2009.

P. Eronen and H. Tschofenig, Pre-Shared Key Ciphersuites for Transport Layer Security (TLS), RFC, vol.4279, 2005.
DOI : 10.17487/rfc4279

S. Gajek, L. Liao, and J. Schwenk, Stronger TLS bindings for SAML assertions and SAML artifacts, Proceedings of the 2008 ACM workshop on Secure web services, SWS '08, pp.11-20, 2008.
DOI : 10.1145/1456492.1456495

S. Holtmanns, V. Niemi, P. Ginzboorg, P. Laitinen, and N. Asokan, Cellular Authentication for Mobile and Internet Services, 2008.

F. Kohlar, J. Schwenk, M. Jensen, and S. Gajek, On cryptographically secure bindings of SAML assertions to TLS sessions, ARES '10: Proceedings of the 5th International Conference on Availability, Reliability and Security, pp.62-69, 2010.

H. Krawczyk, M. Bellare, and R. Canetti, HMAC: Keyed-Hashing for Message Authentication, RFC, vol.2104, 1997.
DOI : 10.17487/rfc2104
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.383.2086

J. Lopez, R. Oppliger, and G. Pernul, Why have public key infrastructures failed so far? Internet Research, pp.554-556, 2005.
DOI : 10.1108/10662240510629475
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.330.7734

J. C. Mitchell, V. Shmatikov, and U. Stern, Finite-state analysis of SSL 3.0, USENIX '98: Proceedings of the 7th USENIX Security Symposium, pp.201-216, 1998.

R. Oppliger, R. Hauser, and D. Basin, SSL/TLS session-aware user authentication ??? Or how to effectively thwart the man-in-the-middle, Computer Communications, vol.29, issue.12, pp.2238-2246, 2006.
DOI : 10.1016/j.comcom.2006.03.004

R. Oppliger, R. Hauser, and D. Basin, SSL/TLS session-aware user authentication revisited, Computers & Security, vol.27, issue.3-4, pp.3-464, 2008.
DOI : 10.1016/j.cose.2008.04.005
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.504.1397

R. Oppliger, R. Hauser, D. Basin, A. Rodenhaeuser, and B. Kaiser, A Proof of Concept Implementation of SSL/TLS Session-Aware User Authentication (TLS-SA)
DOI : 10.1007/978-3-540-69962-0_19

L. C. Paulson, Inductive analysis of the Internet protocol TLS, ACM Transactions on Information and System Security, vol.2, issue.3, pp.332-351, 1999.
DOI : 10.1145/322510.322530

M. Steiner, P. Buhler, T. Eirich, and M. Waidner, Secure password-based cipher suite for TLS, ACM Transactions on Information and System Security, vol.4, issue.2, pp.134-157, 2001.
DOI : 10.1145/501963.501965
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.2.4729

D. Taylor, T. Wu, N. Mavrogiannopoulos, and T. Perrin, Using the Secure Remote Password (SRP) protocol for TLS authentication, RFC, vol.5054, 2007.
DOI : 10.17487/rfc5054