K. Bhargavan, A. Lavaud, C. Fournet, A. Pironti, and P. Strub, Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, 2014 IEEE Symposium on Security and Privacy, pp.2014-98
DOI : 10.1109/SP.2014.14

URL : https://hal.archives-ouvertes.fr/hal-01102259

T. Frosch, C. Mainka, C. Bader, F. Bergsma, J. Schwenk et al., How Secure is TextSecure?, 2016 IEEE European Symposium on Security and Privacy (EuroS&P), 2016.
DOI : 10.1109/EuroSP.2016.41

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

B. Blanchet, Modeling and Verifying Security Protocols with the Applied Pi Calculus and ProVerif, Foundations and Trends?? in Privacy and Security, vol.1, issue.1-2, pp.1-135, 2016.
DOI : 10.1561/3300000004

URL : https://hal.archives-ouvertes.fr/hal-01423760

D. Dolev and A. C. Yao, On the security of public key protocols, IEEE Transactions on Information Theory, vol.29, issue.2, pp.198-207, 1983.
DOI : 10.1109/TIT.1983.1056650

B. Blanchet, A Computationally Sound Mechanized Prover for Security Protocols, IEEE Transactions on Dependable and Secure Computing, vol.5, issue.4, pp.193-207, 2008.
DOI : 10.1109/TDSC.2007.1005

K. Bhargavan, A. Delignat-lavaud, and S. Maffeis, Language-based defenses against untrusted browser origins, USENIX Security Symposium, pp.653-670, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00863372

K. Bhargavan, A. Delignat-lavaud, and S. Maffeis, Defensive JavaScript -building and verifying secure web components, Foundations of Security Analysis and Design (FOSAD VII), pp.88-123, 2013.
URL : https://hal.archives-ouvertes.fr/hal-01102144

M. Abadi and C. Fournet, Mobile values, new names, and secure communication, 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'01)
DOI : 10.1145/360204.360213

URL : https://hal.archives-ouvertes.fr/hal-01423924

H. Krawczyk, HMQV: A High-Performance Secure Diffie-Hellman Protocol, International Conference on Advances in Cryptology (CRYPTO), ser. Lecture Notes in Computer Science, pp.546-566, 2005.
DOI : 10.1007/11535218_33

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

N. Unger, S. Dechand, J. Bonneau, S. Fahl, H. Perl et al., SoK: Secure Messaging, 2015 IEEE Symposium on Security and Privacy, p.2015
DOI : 10.1109/SP.2015.22

N. Durov, Telegram MTProto protocol, 2015.

O. Schirokauer, The number field sieve for integers of low weight, Mathematics of Computation, vol.79, issue.269, pp.583-602, 2010.
DOI : 10.1090/S0025-5718-09-02198-X

D. Gillmor, Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS), p.7919, 2016.
DOI : 10.17487/RFC7919

K. Bhargavan, A. Delignat-lavaud, and A. Pironti, Verified Contributive Channel Bindings for Compound Authentication, Proceedings 2015 Network and Distributed System Security Symposium, 2015.
DOI : 10.14722/ndss.2015.23277

URL : https://hal.archives-ouvertes.fr/hal-01114248

A. Rad and J. Rizzo, A 2?64 attack on Telegram, and why a super villain doesn't need it to read your telegram chats, 2015.

J. Jakobsen and C. Orlandi, On the CCA (in)Security of MTProto, Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices , SPSM'16, 1177.
DOI : 10.1145/2994459.2994468

N. Borisov, I. Goldberg, and E. A. Brewer, Off-the-record communication, or, why not to use PGP, Proceedings of the 2004 ACM workshop on Privacy in the electronic society , WPES '04, pp.77-84, 2004.
DOI : 10.1145/1029179.1029200

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

P. A. Gardner, S. Maffeis, and G. D. Smith, Towards a program logic for JavaScript, ACM SIGPLAN Notices, vol.47, issue.1, pp.31-44, 2012.
DOI : 10.1145/2103621.2103663

K. Bhargavan, C. Fournet, A. D. Gordon, and S. Tse, Verified interoperable implementations of security protocols, ACM Transactions on Programming Languages and Systems, vol.31, issue.1, 2008.

H. Krawczyk, Cryptographic extraction and key derivation: The HKDF scheme, " in Advances in Cryptology (CRYPTO), ser. Lecture Notes in Computer Science, pp.631-648, 2010.

N. Kobeissi, SP code repository, " https://github.com/inriaprosecco/proscript-messaging, 2017.

V. Shoup, Sequences of games: a tool for taming complexity in security proofs, IACR Cryptology ePrint Archive, vol.332, 2004.

M. Bellare and P. Rogaway, The Security of Triple Encryption and a Framework??for??Code-Based??Game-Playing??Proofs, Advances in Cryptology (Eurocrypt), ser. Lecture Notes in Computer Science, S. Vaudenay, pp.409-426, 2006.
DOI : 10.1002/j.1538-7305.1949.tb00928.x

T. Okamoto and D. Pointcheval, The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes, Practice and Theory in Public Key Cryptography (PKC), ser. Lecture Notes in Computer Science, pp.104-118, 1992.
DOI : 10.1007/3-540-44586-2_8

A. Fujioka and K. Suzuki, Designing Efficient Authenticated Key Exchange Resilient to Leakage of Ephemeral Secret Keys, Topics in Cryptology (CT-RSA), ser. Lecture Notes in Computer Science, A. Kiayias, pp.121-141, 2011.
DOI : 10.1007/978-3-642-04642-1_16

D. J. Bernstein, Curve25519: New Diffie-Hellman Speed Records, Public Key Cryptography (PKC), pp.207-228, 2006.
DOI : 10.1007/11745853_14

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

]. S. Goldwasser, S. Micali, and R. Rivest, A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks, SIAM Journal on Computing, vol.17, issue.2, pp.281-308, 1988.
DOI : 10.1137/0217017

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

J. Coron, Y. Dodis, C. Malinaud, and P. Puniya, Merkle-Damg??rd Revisited: How to Construct a Hash Function, Advances in Cryptology (CRYPTO), pp.430-448, 2005.
DOI : 10.1007/11535218_26

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

M. Bellare, New proofs for NMAC and HMAC: Security without collision-resistance, Advances in Cryptology (CRYPTO), ser. Lecture Notes in Computer Science, pp.602-619, 2006.
DOI : 10.1007/11818175_36

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

D. A. Mcgrew and J. Viega, The Security and Performance of the Galois/Counter Mode (GCM) of Operation, Progress in Cryptology -INDOCRYPT 2004, ser. Lecture Notes in Computer Science, pp.343-355, 2004.
DOI : 10.1007/978-3-540-30556-9_27

P. Rogaway, Authenticated-encryption with associated-data, Proceedings of the 9th ACM conference on Computer and communications security , CCS '02, pp.98-107, 2002.
DOI : 10.1145/586110.586125

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

. Open-whisper and . Systems, Signal for the browser, 2015.

. Github, Electron framework, 2016.

M. Avalle, A. Pironti, R. Sisto, and D. Pozza, The Java SPI Framework for Security Protocol Implementation, 2011 Sixth International Conference on Availability, Reliability and Security, pp.746-751, 2011.
DOI : 10.1109/ARES.2011.117

G. Bierman, M. Abadi, and M. Torgersen, Understanding Type- Script, ECOOP 2014 Object-Oriented Programming, ser. Lecture Notes in Computer Science, pp.257-281, 2014.

F. Inc, Flow, a static type checker for JavaScript

C. Fournet, N. Swamy, J. Chen, P. Dagand, P. Strub et al., Fully abstract compilation to JavaScript, ACM SIGPLAN Notices, vol.48, issue.1, pp.371-384, 2013.
DOI : 10.1109/SP.2011.39

URL : https://hal.archives-ouvertes.fr/hal-00780803

C. Bansal, K. Bhargavan, A. Delignat-lavaud, and S. Maffeis, Discovering Concrete Attacks on Website Authorization by Formal Analysis, 2012 IEEE 25th Computer Security Foundations Symposium, pp.601-657, 2014.
DOI : 10.1109/CSF.2012.27

URL : https://hal.archives-ouvertes.fr/hal-01102202

G. Bai, J. Lei, G. Meng, S. S. Venkatraman, P. Saxena et al., AUTHSCAN: automatic extraction of web authentication protocols from implementations, Network and Distributed System Security Symposium (NDSS), 2013.

D. Fett, R. Küsters, and G. Schmitz, An Expressive Model for the Web Infrastructure: Definition and Application to the Browser ID SSO System, 2014 IEEE Symposium on Security and Privacy, pp.673-688, 2014.
DOI : 10.1109/SP.2014.49

K. Cohn-gordon, C. Cremers, and L. Garratt, On Post-compromise Security, 2016 IEEE 29th Computer Security Foundations Symposium (CSF), pp.164-178, 2016.
DOI : 10.1109/CSF.2016.19

URL : https://ora.ox.ac.uk/objects/uuid:241da365-1c73-4b6a-826c-f122c4c1e1b8/datastreams/ATTACHMENT01

K. Cohn-gordon, C. Cremers, B. Dowling, L. Garratt, and D. Stebila, A Formal Security Analysis of the Signal Messaging Protocol, 2017 IEEE European Symposium on Security and Privacy (EuroS&P), 2017.
DOI : 10.1109/EuroSP.2017.27