{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,22]],"date-time":"2026-04-22T13:28:59Z","timestamp":1776864539123,"version":"3.51.2"},"publisher-location":"Berlin, Heidelberg","reference-count":27,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540424567","type":"print"},{"value":"9783540446477","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2001]]},"DOI":"10.1007\/3-540-44647-8_19","type":"book-chapter","created":{"date-parts":[[2007,11,13]],"date-time":"2007-11-13T19:28:14Z","timestamp":1194982094000},"page":"310-331","source":"Crossref","is-referenced-by-count":177,"title":["The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?)"],"prefix":"10.1007","author":[{"given":"Hugo","family":"Krawczyk","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2001,8,2]]},"reference":[{"key":"19_CR1","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44987-6_31","volume-title":"Advances in Cryptology-EUROCRYPT 2001 Proceedings","author":"J. An","year":"2001","unstructured":"J. An, M. Bellare, \u201cDoes encryption with redundancy provide authenticity?\u201d, Advances in Cryptology-EUROCRYPT 2001 Proceedings, Lecture Notes in Computer Science, Vol. 2045, Springer-Verlag, B. Pfitzmann, ed, 2001."},{"key":"19_CR2","unstructured":"M. Bellare, A. Desai, E. Jokipii, and P. Rogaway, \u201cA concrete security treatment of symmetric encryption: Analysis of the DES modes of operation\u201c, Proceedings of the 38th Symposium on Foundations of Computer Science, IEEE, 1997."},{"key":"19_CR3","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1007\/BFb0055718","volume-title":"Advances in Cryptology-CRYPTO\u201998 Proceedings","author":"M. Bellare","year":"1998","unstructured":"M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway, \u201cRelations Among Notions of Security for Public-Key Encryption Schemes\u201d, Advances in Cryptology-CRYPTO\u201998 Proceedings, Lecture Notes in Computer Science Vol. 1462, H. Krawczyk, ed., Springer-Verlag, 1998, pp. 26\u201345."},{"key":"19_CR4","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"341","DOI":"10.1007\/3-540-48658-5_32","volume-title":"Advances in Cryptology-CRYPTO\u201994 Proceedings","author":"M. Bellare","year":"1994","unstructured":"M. Bellare, J. Kilian and P. Rogaway, \u201c The security of cipher block chaining\u201d, Advances in Cryptology-CRYPTO\u201994 Proceedings, Lecture Notes in Computer Science Vol. 839, Y. Desmedt, ed., Springer-Verlag, 1994. pp. 341\u2013358."},{"key":"19_CR5","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","DOI":"10.1007\/3-540-44598-6","volume-title":"Advances in Cryptology-ASIACRYPT\u201900 Proceedings","author":"M. Bellare","year":"2000","unstructured":"M. Bellare and C. Namprempre, \u201cAuthenticated encryption: Relations among notions and analysis of the generic composition paradigm\u201d, Advances in Cryptology-ASIACRYPT\u201900 Proceedings, Lecture Notes in Computer Science Vol. 1976, T. Okamoto, ed., Springer-Verlag, 2000."},{"key":"19_CR6","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"216","DOI":"10.1007\/3-540-48405-1_14","volume-title":"Advances in Cryptology-CRYPTO\u201999 Proceedings","author":"J. Black","year":"1999","unstructured":"Black, J., Halevi, S., Krawczyk, H., Krovetz, T., and Rogaway, P., \u201cUMAC: Fast and Secure Message Authentication\u201d, Advances in Cryptology-CRYPTO\u201999 Proceedings, Lecture Notes in Computer Science, Vol. 1666, Springer-Verlag, M. Wiener, ed, 1999, pp. 216\u2013233."},{"key":"19_CR7","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BFb0055716","volume-title":"Advances in Cryptology-CRYPTO\u201998 Proceedings","author":"D. Bleichenbacher","year":"1998","unstructured":"Bleichenbacher, D., \u201cChosen Ciphertext Attacks against Protocols Based on RSA Encryption Standard PKCS #1\u201d, Advances in Cryptology-CRYPTO\u201998 Proceedings, Lecture Notes in Computer Science Vol. 1462, H. Krawczyk, ed., Springer-Verlag, 1998, pp. 1\u201312."},{"key":"19_CR8","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/3-540-44987-6_28","volume-title":"Advances in Cryptology-EUROCRYPT 2001 Proceedings","author":"R. Canetti","year":"2001","unstructured":"Canetti, R., and Krawczyk, H., \u201cAnalysis of Key-Exchange Protocols and Their Use for Building Secure Channels\u201d, Advances in Cryptology-EUROCRYPT 2001 Proceedings, Lecture Notes in Computer Science, Vol. 2045, Springer-Verlag, B. Pfitzmann, ed, 2001, pp. 453\u2013474. Full version in: Cryptology ePrint Archive ( http:\/\/eprint.iacr.org\/ ), Report 2001\/040."},{"key":"19_CR9","doi-asserted-by":"crossref","unstructured":"T. Dierks and C. Allen, \u201cThe TLS Protocol-Version 1\u201d, Request for Comments 2246, 1999.","DOI":"10.17487\/rfc2246"},{"key":"19_CR10","doi-asserted-by":"crossref","unstructured":"D. Dolev, C. Dwork, and M. Naor. \u201cNon-malleable cryptography\u201d. Proceedings of the 23rd Annual ACM Symposium on Theory of Computing, pages 542\u2013552, 1991.","DOI":"10.1145\/103418.103474"},{"key":"19_CR11","unstructured":"A. Frier, P. Karlton, and P. Kocher, \u201cThe SSL 3.0 Protocol\u201d, Netscape Communications Corp., Nov 18, 1996. http:\/\/home.netscape.com\/eng\/ssl3\/ssl-toc.html"},{"key":"19_CR12","unstructured":"O. Goldreich, \u201cFoundations of Cryptography (Fragments of a book)\u201d, Weizmann Inst. of Science, 1995. http:\/\/www.wisdom.weizmann.ac.il\/oded\/frag.html"},{"key":"19_CR13","doi-asserted-by":"publisher","first-page":"270","DOI":"10.1016\/0022-0000(84)90070-9","volume":"28","author":"S. Goldwasser","year":"1984","unstructured":"S. Goldwasser, and S. Micali. \u201cProbabilistic Encryption\u201d, Journal of Computer and System Sciences, Vol. 28, 1984, pp. 270\u2013299.","journal-title":"Journal of Computer and System Sciences"},{"issue":"3","key":"19_CR14","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1145\/322510.322514","volume":"2","author":"S. Halevi","year":"1999","unstructured":"Halevi, S., and Krawczyk H., \u201cPublic-Key Cryptography and Password Protocols\u201d, ACM Transactions on Information and System Security, Vol. 2, No. 3, August 1999, pp. 230\u2013268.","journal-title":"ACM Transactions on Information and System Security"},{"key":"19_CR15","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-44987-6_32","volume-title":"Advances in Cryptology-EUROCRYPT 2001 Proceedings","author":"C. Jutla","year":"2001","unstructured":"C. Jutla, \u201cEncryption Modes with Almost Free Message Integrity\u201d, Advances in Cryptology-EUROCRYPT 2001 Proceedings, Lecture Notes in Computer Science, Vol. 2045, Springer-Verlag, B. Pfitzmann, ed, 2001."},{"key":"19_CR16","doi-asserted-by":"crossref","unstructured":"J. Katz and M. Yung, \u201cUnforgeable encryption and adaptively secure modes of operations\u201d, Fast Software Encryption\u201900, 2000.","DOI":"10.1007\/3-540-44706-7_20"},{"key":"19_CR17","doi-asserted-by":"crossref","unstructured":"J. Katz and M. Yung, \u201cComplete characterization of security notions for probabilistic private-key encryption\u201d, Proceedings of the 32nd Annual ACM Symposium on Theory of Computing, 2000.","DOI":"10.1145\/335305.335335"},{"key":"19_CR18","doi-asserted-by":"crossref","unstructured":"S. Kent and R. Atkinson, \u201cSecurity Architecture for the Internet Protocol\u201d, Request for Comments 2401, Nov. 1998.","DOI":"10.17487\/rfc2401"},{"key":"19_CR19","doi-asserted-by":"crossref","unstructured":"S. Kent and R. Atkinson, \u201cIP Encapsulating Security Payload (ESP)\u201d, Request for Comments 2406, Nov. 1998.","DOI":"10.17487\/rfc2406"},{"key":"19_CR20","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"129","DOI":"10.1007\/3-540-48658-5_15","volume-title":"Proceedings of CRYPTO\u2019 94","author":"H. Krawczyk","year":"1994","unstructured":"H. Krawczyk, \u201cLFSR-based Hashing and Authentication\u201d, Proceedings of CRYPTO\u2019 94, Lecture Notes in Computer Science, vol. 839, Y. Desmedt, ed., Springer-Verlag, 1994, pp. 129\u2013139."},{"key":"19_CR21","doi-asserted-by":"crossref","unstructured":"H. Krawczyk, \u201cThe order of encryption and authentication for protecting communications (Or: how secure is SSL?)\u201d. Full version: http:\/\/eprint.iacr.org\/2001 .","DOI":"10.1007\/3-540-44647-8_19"},{"key":"19_CR22","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1137\/0217022","volume":"17","author":"M. Luby","year":"1988","unstructured":"M. Luby and C. Rackoff, \u201cHow to construct pseudorandom permutations from pseudorandom functions\u201d, SIAM J. on Computing, Vol 17, Number 2, April 1988, pp. 373\u2013386.","journal-title":"SIAM J. on Computing"},{"key":"19_CR23","doi-asserted-by":"crossref","unstructured":"M. Naor and M. Yung, \u201cPublic key cryptosystems provably secure against chosen ciphertext attacks\u201d. Proceedings of the 22nd Annual ACM Symposium on Theory of Computing, 1990.","DOI":"10.1145\/100216.100273"},{"key":"19_CR24","series-title":"Lect Notes Comput Sci","volume-title":"Advances in Cryptology-CRYPTO\u201991 Proceedings","author":"C. Rackoff","year":"1992","unstructured":"C. Rackoff and D. Simon, \u201cNon-interactive zero-knowledge proof of knowledge and chosen ciphertext attack\u201d, Advances in Cryptology-CRYPTO\u201991 Proceedings, Lecture Notes in Computer Science Vol. 576, J. Feigenbaum ed, Springer-Verlag."},{"key":"19_CR25","series-title":"Lect Notes Comput Sci","first-page":"15","volume-title":"Proceedings of CRYPTO\u2019 95","author":"P. Rogaway","year":"1995","unstructured":"P. Rogaway. \u201cBucket Hashing and its application to Fast Message Authentication\u201d, Proceedings of CRYPTO\u2019 95, Lecture Notes in Computer Science, vol. 963, D. Coppersmith, ed., Springer-Verlag, 1995, pp. 15\u201325."},{"key":"19_CR26","doi-asserted-by":"crossref","unstructured":"P. Rogaway, M. Bellare, J. Black, and T. Krovetz, \u201cOCB Mode\u201d, Cryptology ePrint Archive, Report 2001\/026.","DOI":"10.1145\/502010.502011"},{"key":"19_CR27","unstructured":"T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, \u201cSSH Transport Layer Protocol\u201d, January 2001, draft-ietf-secsh-transport-09.txt ."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2014 CRYPTO 2001"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-44647-8_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,4]],"date-time":"2019-05-04T10:22:28Z","timestamp":1556965348000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-44647-8_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2001]]},"ISBN":["9783540424567","9783540446477"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/3-540-44647-8_19","relation":{},"ISSN":["0302-9743"],"issn-type":[{"value":"0302-9743","type":"print"}],"subject":[],"published":{"date-parts":[[2001]]}}}