{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,16]],"date-time":"2025-09-16T17:15:34Z","timestamp":1758042934456,"version":"3.44.0"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030590123"},{"type":"electronic","value":"9783030590130"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-59013-0_26","type":"book-chapter","created":{"date-parts":[[2020,9,12]],"date-time":"2020-09-12T10:03:03Z","timestamp":1599904983000},"page":"525-545","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["MAC-in-the-Box: Verifying a Minimalistic Hardware Design for MAC Computation"],"prefix":"10.1007","author":[{"given":"Robert","family":"K\u00fcennemann","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Hamed","family":"Nemati","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,9,13]]},"reference":[{"key":"26_CR1","doi-asserted-by":"crossref","unstructured":"Almeida, J.B., et al.: Jasmin: high-assurance and high-speed cryptography. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, 30 October\u201303 November 2017, pp. 1807\u20131823. ACM (2017)","DOI":"10.1145\/3133956.3134078"},{"key":"26_CR2","doi-asserted-by":"crossref","unstructured":"Almeida, J.B., et al.: Machine-checked proofs for cryptographic standards: indifferentiability of sponge and secure high-assurance implementations of SHA-3. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS 2019, London, UK, 11\u201315 November 2019, pp. 1607\u20131622. ACM (2019)","DOI":"10.1145\/3319535.3363211"},{"key":"26_CR3","series-title":"Lecture Notes in Computer Science (Lecture Notes in Artificial Intelligence)","doi-asserted-by":"publisher","first-page":"353","DOI":"10.1007\/978-3-540-89439-1_26","volume-title":"Logic for Programming, Artificial Intelligence, and Reasoning","author":"M Backes","year":"2008","unstructured":"Backes, M., Berg, M., Unruh, D.: A formal language for cryptographic pseudocode. In: Cervesato, I., Veith, H., Voronkov, A. (eds.) LPAR 2008. LNCS (LNAI), vol. 5330, pp. 353\u2013376. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-89439-1_26"},{"key":"26_CR4","doi-asserted-by":"crossref","unstructured":"Barthe, G., Gr\u00e9goire, B., B\u00e9guelin, S.Z.: Formal certification of code-based cryptographic proofs. In: Proceedings of the 36th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2009, Savannah, GA, USA, 21\u201323 January 2009, pp. 90\u2013101. ACM (2009)","DOI":"10.1145\/1480881.1480894"},{"key":"26_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/978-3-642-22792-9_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"G Barthe","year":"2011","unstructured":"Barthe, G., Gr\u00e9goire, B., Heraud, S., B\u00e9guelin, S.Z.: Computer-aided security proofs for the working cryptographer. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 71\u201390. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_5"},{"key":"26_CR6","unstructured":"Beringer, L., Petcher, A., Katherine, Q.Y., Appel, A.W.: Verified correctness and security of OpenSSL HMAC. In: USENIX Security Symposium, pp. 207\u2013221 (2015)"},{"key":"26_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-540-78967-3_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"G Bertoni","year":"2008","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181\u2013197. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_11"},{"key":"26_CR8","unstructured":"Bertoni, G., Daemen, J., Peeters, M., and Assche, G.V.: Online Keccak Specifications (2009). http:\/\/keccak.noekeon.org\/"},{"key":"26_CR9","doi-asserted-by":"crossref","unstructured":"Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. In: Symposium on Logic in Computer Science (LICS 2005), pp. 331\u2013340. IEEE Computer Society (2005)","DOI":"10.1109\/LICS.2005.8"},{"key":"26_CR10","doi-asserted-by":"crossref","unstructured":"Bortolozzo, M., Centenaro, M., Focardi, R., Steel, G.: Attacking and fixing PKCS#11 security tokens. In: 17th ACM Conference on Computer and Communications Security (CCS 2010), pp. 260\u2013269. ACM (2010)","DOI":"10.1145\/1866307.1866337"},{"key":"26_CR11","unstructured":"Camilleri, A., Gordon, M., Melham, T.: Hardware verification using higher-order logic. Technical report, University of Cambridge, Computer Laboratory (1986)"},{"key":"26_CR12","doi-asserted-by":"crossref","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Foundations of Computer Science, pp. 136\u2013145. IEEE Computer Society (2001)","DOI":"10.1109\/SFCS.2001.959888"},{"key":"26_CR13","doi-asserted-by":"crossref","unstructured":"Dax, A., Tangermann, S., K\u00fcnnemann, R., Backes, M.: How to wrap it up - a formally verified proposal for the use of authenticated wrapping in PKCS#11. In: Computer Security Foundations Symposium (2019)","DOI":"10.1109\/CSF.2019.00012"},{"key":"26_CR14","doi-asserted-by":"crossref","unstructured":"Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: Formal analysis of protocols based on TPM state registers. In: 24th IEEE Computer Security Foundations Symposium (CSF 2011), pp. 66\u201382. IEEE Computer Society (2011)","DOI":"10.1109\/CSF.2011.12"},{"key":"26_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/978-3-642-19751-2_8","volume-title":"Formal Aspects of Security and Trust","author":"S Delaune","year":"2011","unstructured":"Delaune, S., Kremer, S., Ryan, M.D., Steel, G.: A formal analysis of authentication in the TPM. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 111\u2013125. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19751-2_8"},{"issue":"6","key":"26_CR16","doi-asserted-by":"publisher","first-page":"1211","DOI":"10.3233\/JCS-2009-0394","volume":"18","author":"S Delaune","year":"2010","unstructured":"Delaune, S., Kremer, S., Steel, G.: Formal analysis of PKCS#11 and proprietary extensions. J. Comput. Secur. 18(6), 1211\u20131245 (2010)","journal-title":"J. Comput. Secur."},{"key":"26_CR17","volume-title":"Hardware Implementation of Finite-Field Arithmetic","author":"J-P Deschamps","year":"2009","unstructured":"Deschamps, J.-P.: Hardware Implementation of Finite-Field Arithmetic. McGraw- Hill Inc., New York (2009)"},{"key":"26_CR18","unstructured":"Dworkin, M.J.: SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. Technical report (2015)"},{"key":"26_CR19","doi-asserted-by":"crossref","unstructured":"Erk\u00f6k, L., Carlsson, M., Wick, A.: Hardware\/software co-verification of cryptographic algorithms using cryptol. In: Formal Methods in Computer-Aided Design, 2009. FMCAD 2009, pp. 188\u2013191 (2009)","DOI":"10.1109\/FMCAD.2009.5351121"},{"key":"26_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/978-3-662-47989-6_18","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"P Ga\u017ei","year":"2015","unstructured":"Ga\u017ei, P., Pietrzak, K., Tessaro, S.: The exact PRF security of truncation: tight bounds for keyed sponges and truncated CBC. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 368\u2013387. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_18"},{"key":"26_CR21","unstructured":"Hofheinz, D., Shoup, V.: GNUC: a new universal composability framework. Cryptology ePrint Archive (2011). http:\/\/eprint.iacr.org\/"},{"key":"26_CR22","doi-asserted-by":"crossref","unstructured":"Jacomme, C., Kremer, S.: An extensive formal analysis of multi-factor authentication protocols. In: 31st IEEE Computer Security Foundations Symposium, CSF 2018, Oxford, United Kingdom, 9\u201312 July 2018, pp. 1\u201315. IEEE Computer Society (2018)","DOI":"10.1109\/CSF.2018.00008"},{"key":"26_CR23","unstructured":"Jean, J.: TikZ for Cryptographers (2016). https:\/\/www.iacr.org\/authors\/tikz\/"},{"key":"26_CR24","doi-asserted-by":"publisher","first-page":"583","DOI":"10.3233\/JCS-160556","volume":"24","author":"S Kremer","year":"2016","unstructured":"Kremer, S., K\u00fcnnemann, R.: Automated analysis of security protocols with global state. J. Comput. Secur. 24, 583\u2013616 (2016)","journal-title":"J. Comput. Secur."},{"key":"26_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-642-40203-6_19","volume-title":"Computer Security \u2013 ESORICS 2013","author":"S Kremer","year":"2013","unstructured":"Kremer, S., K\u00fcnnemann, R., Steel, G.: Universally composable key-management. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 327\u2013344. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40203-6_19"},{"key":"26_CR26","unstructured":"K\u00fcnnemann, R., Nemati, H.: MAC-in-the-Box: Verifying a Minimalistic Hard- ware Design for MAC Computation (extended). https:\/\/bit.ly\/2yyttvL"},{"key":"26_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"257","DOI":"10.1007\/978-3-642-38004-4_17","volume-title":"Security and Trust Management","author":"R K\u00fcnnemann","year":"2013","unstructured":"K\u00fcnnemann, R., Steel, G.: YubiSecure? Formal security analysis results for the Yubikey and YubiHSM. In: J\u00f8sang, A., Samarati, P., Petrocchi, M. (eds.) STM 2012. LNCS, vol. 7783, pp. 257\u2013272. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38004-4_17"},{"key":"26_CR28","unstructured":"K\u00fcsters, R., and Tuengerthal, M.: The IITM model: a simple and expressive model for universal composability. Technical report 2013\/025, Cryptology ePrint Archive (2013)"},{"key":"26_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"503","DOI":"10.1007\/978-3-662-49498-1_20","volume-title":"Programming Languages and Systems","author":"A Lochbihler","year":"2016","unstructured":"Lochbihler, A.: Probabilistic functions and cryptographic oracles in higher order logic. In: Thiemann, P. (ed.) ESOP 2016. LNCS, vol. 9632, pp. 503\u2013531. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49498-1_20"},{"key":"26_CR30","unstructured":"NV, G.: Smart card basics - A short guide (2019). https:\/\/www.gemalto.com\/companyinfo\/smart-cards-basics"},{"key":"26_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/978-3-642-40349-1_8","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2013","author":"P Pessl","year":"2013","unstructured":"Pessl, P., Hutter, M.: Pushing the limits of SHA-3 hardware implementations to fit on RFID. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 126\u2013141. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40349-1_8"},{"key":"26_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/978-3-662-46666-7_4","volume-title":"Principles of Security and Trust","author":"A Petcher","year":"2015","unstructured":"Petcher, A., Morrisett, G.: The foundational cryptography framework. In: Focardi, R., Myers, A. (eds.) POST 2015. LNCS, vol. 9036, pp. 53\u201372. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46666-7_4"},{"key":"26_CR33","doi-asserted-by":"crossref","unstructured":"Scerri, G., Stanley-Oakes, R.: Analysis of KeyWrapping APIs: generic policies, computational security. In: 29th Computer Security Foundations Symposium, pp. 281\u2013295. IEEE Computer Society (2016)","DOI":"10.1109\/CSF.2016.27"},{"key":"26_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"696","DOI":"10.1007\/978-3-642-39799-8_48","volume-title":"Computer Aided Verification","author":"S Meier","year":"2013","unstructured":"Meier, S., Schmidt, B., Cremers, C., Basin, D.: The TAMARIN prover for the symbolic analysis of security protocols. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 696\u2013701. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-39799-8_48"},{"key":"26_CR35","doi-asserted-by":"crossref","unstructured":"Shao, J., Qin, Y., Feng, D., Wang, W.: Formal analysis of enhanced authorization in the TPM 2.0. In: 10th ACM Symposium on Information, Computer and Communications Security (ASIA CCS 2015), pp. 273\u2013284. ACM (2015)","DOI":"10.1145\/2714576.2714610"},{"issue":"3","key":"26_CR36","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1007\/s00165-007-0028-5","volume":"19","author":"K Slind","year":"2007","unstructured":"Slind, K., Owens, S., Iyoda, J., Gordon, M.: Proof producing synthesis of arithmetic and cryptographic hardware. Form. Asp. Comput. 19(3), 343\u2013362 (2007)","journal-title":"Form. Asp. Comput."},{"key":"26_CR37","unstructured":"Srinivas, S., Balfanz, D., Tiffany, E., Alliance, F., Czeskis, A.: Universal 2nd factor (U2F) overview. FIDO Alliance Proposed Standard (2015)"},{"key":"26_CR38","doi-asserted-by":"crossref","unstructured":"Ye, K.Q., Green, M., Sanguansin, N., Beringer, L., Petcher, A., Appel, A.W.: Verified correctness and security of mbedTLS HMAC-DRBG. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS 2017), pp. 2007\u20132020. ACM (2017)","DOI":"10.1145\/3133956.3133974"}],"container-title":["Lecture Notes in Computer Science","Computer Security \u2013 ESORICS 2020"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-59013-0_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,11]],"date-time":"2025-09-11T22:04:43Z","timestamp":1757628283000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-59013-0_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030590123","9783030590130"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-59013-0_26","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"13 September 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guildford","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Kingdom","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 September 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 September 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/esorics2020.sccs.surrey.ac.uk\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"366","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"72","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,16","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"9,1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-10 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}