{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,8]],"date-time":"2026-05-08T16:11:05Z","timestamp":1778256665977,"version":"3.51.4"},"publisher-location":"Cham","reference-count":74,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031400025","type":"print"},{"value":"9783031400032","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-40003-2_22","type":"book-chapter","created":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T13:03:04Z","timestamp":1691586184000},"page":"601-633","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["$$\\text {Muckle}+$$: End-to-End Hybrid Authenticated Key Exchanges"],"prefix":"10.1007","author":[{"given":"Sonja","family":"Bruckner","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1957-3725","authenticated-orcid":false,"given":"Sebastian","family":"Ramacher","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4724-8022","authenticated-orcid":false,"given":"Christoph","family":"Striecks","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,8,10]]},"reference":[{"key":"22_CR1","doi-asserted-by":"publisher","unstructured":"Aas, J., et al.: Let\u2019s encrypt: an automated certificate authority to encrypt the entire web. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2473\u20132487. ACM Press (2019). https:\/\/doi.org\/10.1145\/3319535.3363192","DOI":"10.1145\/3319535.3363192"},{"key":"22_CR2","doi-asserted-by":"publisher","first-page":"62","DOI":"10.1016\/j.tcs.2014.09.018","volume":"560","author":"R All\u00e9aume","year":"2014","unstructured":"All\u00e9aume, R., et al.: Using quantum key distribution for cryptographic purposes: a survey. Theor. Comput. Sci. 560, 62\u201381 (2014). https:\/\/doi.org\/10.1016\/j.tcs.2014.09.018","journal-title":"Theor. Comput. Sci."},{"key":"22_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/978-3-030-75245-3_11","volume-title":"Public-Key Cryptography \u2013 PKC 2021","author":"C Baum","year":"2021","unstructured":"Baum, C., de Saint Guilhem, C.D., Kales, D., Orsini, E., Scholl, P., Zaverucha, G.: Banquet: short and fast signatures from AES. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12710, pp. 266\u2013297. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-75245-3_11"},{"key":"22_CR4","unstructured":"Bellare, M., Lysyanskaya, A.: Symmetric and dual PRFs from standard assumptions: a generic validation of an HMAC assumption. Cryptology ePrint Archive, Report 2015\/1198 (2015). https:\/\/eprint.iacr.org\/2015\/1198"},{"key":"22_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"431","DOI":"10.1007\/3-540-48405-1_28","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 99","author":"M Bellare","year":"1999","unstructured":"Bellare, M., Miner, S.K.: A forward-secure digital signature scheme. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 431\u2013448. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48405-1_28"},{"key":"22_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-45539-6_11","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139\u2013155. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_11"},{"key":"22_CR7","doi-asserted-by":"publisher","unstructured":"Bellare, M., Rogaway, P.: Provably secure session key distribution: the three party case. In: 27th ACM STOC, pp. 57\u201366. ACM Press (1995). https:\/\/doi.org\/10.1145\/225058.225084","DOI":"10.1145\/225058.225084"},{"key":"22_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1007\/11745853_14","volume-title":"Public Key Cryptography - PKC 2006","author":"DJ Bernstein","year":"2006","unstructured":"Bernstein, D.J.: Curve25519: new Diffie-Hellman speed records. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 207\u2013228. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11745853_14"},{"key":"22_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1007\/978-3-642-23951-9_9","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2011","author":"DJ Bernstein","year":"2011","unstructured":"Bernstein, D.J., Duif, N., Lange, T., Schwabe, P., Yang, B.-Y.: High-speed high-security signatures. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 124\u2013142. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23951-9_9"},{"key":"22_CR10","doi-asserted-by":"publisher","unstructured":"Bernstein, D.J., H\u00fclsing, A., K\u00f6lbl, S., Niederhagen, R., Rijneveld, J., Schwabe, P.: The SPHINCS$$^+$$ signature framework. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 2129\u20132146. ACM Press (2019). https:\/\/doi.org\/10.1145\/3319535.3363229","DOI":"10.1145\/3319535.3363229"},{"key":"22_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"464","DOI":"10.1007\/978-3-031-15979-4_16","volume-title":"Advances in Cryptology \u2013 CRYPTO 2022","author":"W Beullens","year":"2022","unstructured":"Beullens, W.: Breaking rainbow takes a weekend on a laptop. In: Dodis, Y., Shrimpton, T. (eds.) CRYPTO 2022. LNCS, vol. 13508, pp. 464\u2013479. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-15979-4_16"},{"key":"22_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1007\/978-3-030-25510-7_12","volume-title":"Post-Quantum Cryptography","author":"N Bindel","year":"2019","unstructured":"Bindel, N., Brendel, J., Fischlin, M., Goncalves, B., Stebila, D.: Hybrid key encapsulation mechanisms and authenticated key exchange. In: Ding, J., Steinwandt, R. (eds.) PQCrypto 2019. LNCS, vol. 11505, pp. 206\u2013226. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-25510-7_12"},{"key":"22_CR13","doi-asserted-by":"publisher","unstructured":"Bos, J.W., Costello, C., Naehrig, M., Stebila, D.: Post-quantum key exchange for the TLS protocol from the ring learning with errors problem. In: 2015 IEEE Symposium on Security and Privacy, pp. 553\u2013570. IEEE Computer Society Press (2015). https:\/\/doi.org\/10.1109\/SP.2015.40","DOI":"10.1109\/SP.2015.40"},{"key":"22_CR14","doi-asserted-by":"publisher","unstructured":"Bost, R., Minaud, B., Ohrimenko, O.: Forward and backward private searchable encryption from constrained cryptographic primitives. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1465\u20131482. ACM Press (2017). https:\/\/doi.org\/10.1145\/3133956.3133980","DOI":"10.1145\/3133956.3133980"},{"key":"22_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/3-540-45539-6_12","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"V Boyko","year":"2000","unstructured":"Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156\u2013171. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_12"},{"key":"22_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"521","DOI":"10.1007\/978-3-030-29962-0_25","volume-title":"Computer Security \u2013 ESORICS 2019","author":"J Brendel","year":"2019","unstructured":"Brendel, J., Fischlin, M., G\u00fcnther, F.: Breakdown resilience of key exchange protocols: newhope, TLS 1.3, and hybrids. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11736, pp. 521\u2013541. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-29962-0_25"},{"key":"22_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1007\/978-3-642-25405-5_8","volume-title":"Post-Quantum Cryptography","author":"J Buchmann","year":"2011","unstructured":"Buchmann, J., Dahmen, E., H\u00fclsing, A.: XMSS - a practical forward secure signature scheme based on minimal security assumptions. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 117\u2013129. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25405-5_8"},{"key":"22_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/3-540-39200-9_16","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2003","author":"R Canetti","year":"2003","unstructured":"Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255\u2013271. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-39200-9_16"},{"key":"22_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"423","DOI":"10.1007\/978-3-031-30589-4_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2023","author":"W Castryck","year":"2023","unstructured":"Castryck, W., Decru, T.: An efficient key recovery attack on SIDH. In: Hazay, C., Stam, M. (eds.) EUROCRYPT 2023. LNCS, vol. 14008, pp. 423\u2013447. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-30589-4_15"},{"key":"22_CR20","doi-asserted-by":"publisher","unstructured":"Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 1825\u20131842. ACM Press (2017). https:\/\/doi.org\/10.1145\/3133956.3133997","DOI":"10.1145\/3133956.3133997"},{"issue":"1","key":"22_CR21","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1007\/s11128-022-03825-x","volume":"22","author":"L Chen","year":"2023","unstructured":"Chen, L., Chen, J., Chen, Q., Zhao, Y.: A quantum key distribution routing scheme for hybrid-trusted QKD network system. Quantum Inf. Process. 22(1), 75 (2023). https:\/\/doi.org\/10.1007\/s11128-022-03825-x","journal-title":"Quantum Inf. Process."},{"key":"22_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/978-3-030-64837-4_6","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"V Cini","year":"2020","unstructured":"Cini, V., Ramacher, S., Slamanig, D., Striecks, C.: CCA-secure (puncturable) KEMs from encryption with non-negligible decryption errors. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 159\u2013190. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64837-4_6"},{"key":"22_CR23","doi-asserted-by":"publisher","unstructured":"Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., Polk, W.T.: Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280, 1\u2013151 (2008). https:\/\/doi.org\/10.17487\/RFC5280","DOI":"10.17487\/RFC5280"},{"key":"22_CR24","doi-asserted-by":"publisher","unstructured":"Costea, S., Choudary, M.O., Gucea, D., Tackmann, B., Raiciu, C.: Secure opportunistic multipath key exchange. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 2077\u20132094. ACM Press (2018). https:\/\/doi.org\/10.1145\/3243734.3243791","DOI":"10.1145\/3243734.3243791"},{"key":"22_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"734","DOI":"10.1007\/978-3-642-33167-1_42","volume-title":"Computer Security \u2013 ESORICS 2012","author":"C Cremers","year":"2012","unstructured":"Cremers, C., Feltz, M.: Beyond eCK: perfect forward secrecy under actor compromise and ephemeral-key reveal. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 734\u2013751. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-33167-1_42"},{"key":"22_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"211","DOI":"10.1007\/978-3-030-65411-5_11","volume-title":"Cryptology and Network Security","author":"F Dallmeier","year":"2020","unstructured":"Dallmeier, F., et al.: Forward-secure 0-RTT goes live: implementation and performance analysis in QUIC. In: Krenn, S., Shulman, H., Vaudenay, S. (eds.) CANS 2020. LNCS, vol. 12579, pp. 211\u2013231. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-65411-5_11"},{"key":"22_CR27","unstructured":"Dauterman, E., Corrigan-Gibbs, H., Mazi\u00e8res, D.: SafetyPin: encrypted backups with human-memorable secrets. In: 14th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2020, Virtual Event, 4\u20136 November 2020, pp. 1121\u20131138. USENIX Association (2020)"},{"issue":"2","key":"22_CR28","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/s00145-021-09374-3","volume":"34","author":"D Derler","year":"2021","unstructured":"Derler, D., Gellert, K., Jager, T., Slamanig, D., Striecks, C.: Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange. J. Cryptol. 34(2), 13 (2021)","journal-title":"J. Cryptol."},{"key":"22_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"425","DOI":"10.1007\/978-3-319-78372-7_14","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"D Derler","year":"2018","unstructured":"Derler, D., Jager, T., Slamanig, D., Striecks, C.: Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 425\u2013455. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_14"},{"key":"22_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"219","DOI":"10.1007\/978-3-319-76578-5_8","volume-title":"Public-Key Cryptography \u2013 PKC 2018","author":"D Derler","year":"2018","unstructured":"Derler, D., Krenn, S., Lor\u00fcnser, T., Ramacher, S., Slamanig, D., Striecks, C.: Revisiting proxy re-encryption: forward secrecy, improved security, and applications. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10769, pp. 219\u2013250. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76578-5_8"},{"key":"22_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"499","DOI":"10.1007\/978-3-662-64331-0_26","volume-title":"Financial Cryptography and Data Security","author":"D Derler","year":"2021","unstructured":"Derler, D., Ramacher, S., Slamanig, D., Striecks, C.: Fine-grained forward secrecy: allow-list\/deny-list encryption and applications. In: Borisov, N., Diaz, C. (eds.) FC 2021. LNCS, vol. 12675, pp. 499\u2013519. Springer, Heidelberg (2021). https:\/\/doi.org\/10.1007\/978-3-662-64331-0_26"},{"issue":"6","key":"22_CR32","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/TIT.1976.1055638","volume":"22","author":"W Diffie","year":"1976","unstructured":"Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644\u2013654 (1976). https:\/\/doi.org\/10.1109\/TIT.1976.1055638","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"2","key":"22_CR33","doi-asserted-by":"publisher","first-page":"107","DOI":"10.1007\/BF00124891","volume":"2","author":"W Diffie","year":"1992","unstructured":"Diffie, W., van Oorschot, P.C., Wiener, M.J.: Authentication and authenticated key exchanges. Des. Codes Cryptogr. 2(2), 107\u2013125 (1992)","journal-title":"Des. Codes Cryptogr."},{"key":"22_CR34","doi-asserted-by":"crossref","unstructured":"Donenfeld, J.A.: WireGuard: next generation kernel network tunnel. In: NDSS 2017. The Internet Society (2017)","DOI":"10.14722\/ndss.2017.23160"},{"issue":"4","key":"22_CR35","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1007\/s00145-021-09384-1","volume":"34","author":"B Dowling","year":"2021","unstructured":"Dowling, B., Fischlin, M., G\u00fcnther, F., Stebila, D.: A cryptographic analysis of the TLS 1.3 handshake protocol. J. Cryptol. 34(4), 37 (2021). https:\/\/doi.org\/10.1007\/s00145-021-09384-1","journal-title":"J. Cryptol."},{"key":"22_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"483","DOI":"10.1007\/978-3-030-44223-1_26","volume-title":"Post-Quantum Cryptography","author":"B Dowling","year":"2020","unstructured":"Dowling, B., Hansen, T.B., Paterson, K.G.: Many a mickle makes a muckle: a framework for provably quantum-secure hybrid key exchange. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 483\u2013502. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-44223-1_26"},{"key":"22_CR37","unstructured":"Drijvers, M., Gorbunov, S., Neven, G., Wee, H.: Pixel: multi-signatures for consensus. In: Capkun, S., Roesner, F. (eds.) USENIX Security 2020, pp. 2093\u20132110. USENIX Association (2020)"},{"key":"22_CR38","unstructured":"ETSI: Quantum key distribution (QKD): Protocol and data format of rest-based key delivery API (2019). https:\/\/www.etsi.org\/deliver\/etsi_gs\/QKD\/001_099\/014\/01.01.01_60\/gs_qkd014v010101p.pdf"},{"key":"22_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"311","DOI":"10.1007\/978-3-540-70936-7_17","volume-title":"Theory of Cryptography","author":"M Fitzi","year":"2007","unstructured":"Fitzi, M., Franklin, M., Garay, J., Vardhan, S.H.: Towards optimal and efficient perfectly secure message transmission. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 311\u2013322. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-70936-7_17"},{"key":"22_CR40","unstructured":"Groth, J.: Non-interactive distributed key generation and key resharing. Cryptology ePrint Archive, Report 2021\/339 (2021). https:\/\/eprint.iacr.org\/2021\/339"},{"key":"22_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"29","DOI":"10.1007\/3-540-46885-4_5","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201989","author":"CG G\u00fcnther","year":"1990","unstructured":"G\u00fcnther, C.G.: An identity-based key-exchange protocol. In: Quisquater, J.-J., Vandewalle, J. (eds.) EUROCRYPT 1989. LNCS, vol. 434, pp. 29\u201337. Springer, Heidelberg (1990). https:\/\/doi.org\/10.1007\/3-540-46885-4_5"},{"key":"22_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1007\/978-3-319-56617-7_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"F G\u00fcnther","year":"2017","unstructured":"G\u00fcnther, F., Hale, B., Jager, T., Lauer, S.: 0-RTT key exchange with full forward secrecy. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 519\u2013548. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56617-7_18"},{"key":"22_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1007\/978-3-030-45388-6_14","volume-title":"Public-Key Cryptography \u2013 PKC 2020","author":"K H\u00f6velmanns","year":"2020","unstructured":"H\u00f6velmanns, K., Kiltz, E., Sch\u00e4ge, S., Unruh, D.: Generic authenticated key exchange in\u00a0the quantum random oracle model. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 389\u2013422. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45388-6_14"},{"key":"22_CR44","doi-asserted-by":"publisher","unstructured":"H\u00fclsing, A., Butin, D., Gazdag, S., Rijneveld, J., Mohaisen, A.: XMSS: extended Merkle signature scheme. RFC 8391, 1\u201374 (2018). https:\/\/doi.org\/10.17487\/RFC8391","DOI":"10.17487\/RFC8391"},{"key":"22_CR45","doi-asserted-by":"publisher","unstructured":"H\u00fclsing, A., Ning, K.C., Schwabe, P., Weber, F., Zimmermann, P.R.: Post-quantum WireGuard. In: 2021 IEEE Symposium on Security and Privacy, pp. 304\u2013321. IEEE Computer Society Press (2021). https:\/\/doi.org\/10.1109\/SP40001.2021.00030","DOI":"10.1109\/SP40001.2021.00030"},{"issue":"1","key":"22_CR46","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1038\/s41534-021-00512-0","volume":"8","author":"B Huttner","year":"2022","unstructured":"Huttner, B., et al.: Long-range QKD without trusted nodes is not possible with current technology. npj Quantum Inf. 8(1), 1\u20135 (2022)","journal-title":"npj Quantum Inf."},{"key":"22_CR47","doi-asserted-by":"publisher","unstructured":"Iyengar, J., Thomson, M.: QUIC: a UDP-based multiplexed and secure transport. RFC 9000, 1\u2013151 (2021). https:\/\/doi.org\/10.17487\/RFC9000","DOI":"10.17487\/RFC9000"},{"key":"22_CR48","doi-asserted-by":"publisher","unstructured":"Katz, J., Kolesnikov, V., Wang, X.: Improved non-interactive zero knowledge with applications to post-quantum signatures. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) ACM CCS 2018, pp. 525\u2013537. ACM Press (2018). https:\/\/doi.org\/10.1145\/3243734.3243805","DOI":"10.1145\/3243734.3243805"},{"key":"22_CR49","doi-asserted-by":"crossref","unstructured":"Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. CRC Press (2014). https:\/\/www.crcpress.com\/Introduction-to-Modern-Cryptography-Second-Edition\/Katz-Lindell\/p\/book\/9781466570269","DOI":"10.1201\/b17668"},{"key":"22_CR50","doi-asserted-by":"publisher","unstructured":"Kaufman, C.: Internet key exchange (IKEv2) protocol. RFC 4306, 1\u201399 (2005). https:\/\/doi.org\/10.17487\/RFC4306","DOI":"10.17487\/RFC4306"},{"key":"22_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"400","DOI":"10.1007\/978-3-540-45146-4_24","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"H Krawczyk","year":"2003","unstructured":"Krawczyk, H.: SIGMA: the \u201cSIGn-and-MAc\u2019\u2019 approach to authenticated Diffie-Hellman and its use in the IKE protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 400\u2013425. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_24"},{"key":"22_CR52","doi-asserted-by":"publisher","unstructured":"Kumar, M.V.N.A., Goundan, P.R., Srinathan, K., Rangan, C.P.: On perfectly secure communication over arbitrary networks. In: Ricciardi, A. (ed.) 21st ACM PODC, pp. 193\u2013202. ACM (2002). https:\/\/doi.org\/10.1145\/571825.571858","DOI":"10.1145\/571825.571858"},{"key":"22_CR53","unstructured":"Kwiatkowski, K., Sullivan, N., Langley, A., Levin, D., Mislove, A.: Measuring TLS key exchange with post-quantum KEM. In: Workshop Record of the Second PQC Standardization Conference (2019). https:\/\/csrc.nist.gov\/CSRC\/media\/Events\/Second-PQC-Standardization-Conference\/documents\/accepted-papers\/kwiatkowski-measuring-tls.pdf"},{"key":"22_CR54","unstructured":"Langley, A.: Cecpq1 results. Blog post (2016). https:\/\/www.imperialviolet.org\/2016\/11\/28\/cecpq1.html"},{"key":"22_CR55","doi-asserted-by":"publisher","unstructured":"Langley, A., et al.: The QUIC transport protocol: design and internet-scale deployment. In: Proceedings of the Conference of the ACM Special Interest Group on Data Communication, SIGCOMM 2017, Los Angeles, CA, USA, 21\u201325 August 2017, pp. 183\u2013196. ACM (2017). https:\/\/doi.org\/10.1145\/3098822.3098842","DOI":"10.1145\/3098822.3098842"},{"issue":"2","key":"22_CR56","doi-asserted-by":"publisher","first-page":"336","DOI":"10.2478\/popets-2020-0030","volume":"2020","author":"S Lauer","year":"2020","unstructured":"Lauer, S., Gellert, K., Merget, R., Handirk, T., Schwenk, J.: T0RTT: non-interactive immediate forward-secret single-pass circuit construction. PoPETs 2020(2), 336\u2013357 (2020). https:\/\/doi.org\/10.2478\/popets-2020-0030","journal-title":"PoPETs"},{"key":"22_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1007\/978-3-540-75670-5_15","volume-title":"Provable Security","author":"J Li","year":"2007","unstructured":"Li, J., Kim, K., Zhang, F., Chen, X.: Aggregate proxy signature and verifiably encrypted proxy signature. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 208\u2013217. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-75670-5_15"},{"key":"22_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1007\/3-540-48071-4_32","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 92","author":"UM Maurer","year":"1993","unstructured":"Maurer, U.M.: Protocols for secret key agreement by public discussion based on common information. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 461\u2013470. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-48071-4_32"},{"key":"22_CR59","doi-asserted-by":"publisher","unstructured":"Mehic, M., et al.: Quantum key distribution: a networking perspective. ACM Comput. Surv. 53(5), 96:1\u201396:41 (2020). https:\/\/doi.org\/10.1145\/3402192","DOI":"10.1145\/3402192"},{"key":"22_CR60","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"136","DOI":"10.1007\/978-3-642-38616-9_9","volume-title":"Post-Quantum Cryptography","author":"M Mosca","year":"2013","unstructured":"Mosca, M., Stebila, D., Ustao\u011flu, B.: Quantum key distribution in the classical authenticated key exchange framework. In: Gaborit, P. (ed.) PQCrypto 2013. LNCS, vol. 7932, pp. 136\u2013154. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38616-9_9"},{"issue":"1","key":"22_CR61","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/s11128-015-1160-4","volume":"15","author":"C Pacher","year":"2016","unstructured":"Pacher, C., et al.: Attacks on quantum key distribution protocols that employ non-its authentication. Quantum Inf. Process. 15(1), 327\u2013362 (2016). https:\/\/doi.org\/10.1007\/s11128-015-1160-4","journal-title":"Quantum Inf. Process."},{"key":"22_CR62","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"72","DOI":"10.1007\/978-3-030-44223-1_5","volume-title":"Post-Quantum Cryptography","author":"C Paquin","year":"2020","unstructured":"Paquin, C., Stebila, D., Tamvada, G.: Benchmarking post-quantum cryptography in TLS. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 72\u201391. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-44223-1_5"},{"key":"22_CR63","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"676","DOI":"10.1007\/978-3-030-88428-4_33","volume-title":"Computer Security \u2013 ESORICS 2021","author":"S Ramacher","year":"2021","unstructured":"Ramacher, S., Slamanig, D., Weninger, A.: Privacy-preserving authenticated key exchange: stronger privacy and generic constructions. In: Bertino, E., Shulman, H., Waidner, M. (eds.) ESORICS 2021. LNCS, vol. 12973, pp. 676\u2013696. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-88428-4_33"},{"key":"22_CR64","doi-asserted-by":"crossref","unstructured":"Rashidi, L., et al.: More than a fair share: network data remanence attacks against secret sharing-based schemes. In: NDSS 2021. The Internet Society (2021)","DOI":"10.14722\/ndss.2021.23062"},{"key":"22_CR65","unstructured":"Rass, S., K\u00f6nig, S.: Indirect eavesdropping in quantum networks. In: ICQNM 2011: The Fifth International Conference on Quantum, Nano and Micro Technologies (2011)"},{"key":"22_CR66","unstructured":"Rass, S., Schartner, P.: Multipath authentication without shared secrets and with applications in quantum networks. In: Arabnia, H.R., et al. (eds.) Proceedings of the 2010 International Conference on Security & Management, SAM 2010, Las Vegas Nevada, USA, 12\u201315 July 2010, vol. 2, pp. 111\u2013115. CSREA Press (2010)"},{"key":"22_CR67","doi-asserted-by":"publisher","unstructured":"Rescorla, E.: The transport layer security (TLS) protocol version 1.3. RFC 8446, 1\u2013160 (2018). https:\/\/doi.org\/10.17487\/RFC8446","DOI":"10.17487\/RFC8446"},{"key":"22_CR68","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-031-30589-4_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2023","author":"P R\u00f6sler","year":"2023","unstructured":"R\u00f6sler, P., Slamanig, D., Striecks, C.: Unique-path identity based encryption with applications to strongly secure messaging. In: Hazay, C., Stam, M. (eds.) EUROCRYPT 2023. LNCS, vol. 14008, pp. 3\u201334. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-30589-4_1"},{"key":"22_CR69","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"567","DOI":"10.1007\/978-3-030-45388-6_20","volume-title":"Public-Key Cryptography \u2013 PKC 2020","author":"S Sch\u00e4ge","year":"2020","unstructured":"Sch\u00e4ge, S., Schwenk, J., Lauer, S.: Privacy-preserving authenticated key exchange and the case of IKEv2. In: Kiayias, A., Kohlweiss, M., Wallden, P., Zikas, V. (eds.) PKC 2020. LNCS, vol. 12111, pp. 567\u2013596. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45388-6_20"},{"key":"22_CR70","doi-asserted-by":"publisher","unstructured":"Schwabe, P., Stebila, D., Wiggers, T.: Post-quantum TLS without handshake signatures. In: Ligatti, J., Ou, X., Katz, J., Vigna, G. (eds.) ACM CCS 2020, pp. 1461\u20131480. ACM Press (2020). https:\/\/doi.org\/10.1145\/3372297.3423350","DOI":"10.1145\/3372297.3423350"},{"key":"22_CR71","unstructured":"Slamanig, D., Striecks, C.: Puncture \u2019em all: updatable encryption with no-directional key updates and expiring ciphertexts. Cryptology ePrint Archive, Report 2021\/268 (2021). https:\/\/eprint.iacr.org\/2021\/268"},{"key":"22_CR72","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1007\/978-3-319-69453-5_2","volume-title":"Selected Areas in Cryptography \u2013 SAC 2016","author":"D Stebila","year":"2017","unstructured":"Stebila, D., Mosca, M.: Post-quantum key exchange for the internet and the open quantum safe project. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 14\u201337. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-69453-5_2"},{"issue":"14","key":"22_CR73","doi-asserted-by":"publisher","first-page":"21225","DOI":"10.1364\/OE.425562","volume":"29","author":"X Yu","year":"2021","unstructured":"Yu, X., et al.: Multi-path-based quasi-real-time key provisioning in quantum-key-distribution enabled optical networks (QKD-on). Opt. Express 29(14), 21225\u201321239 (2021). https:\/\/doi.org\/10.1364\/OE.425562","journal-title":"Opt. Express"},{"key":"22_CR74","doi-asserted-by":"publisher","unstructured":"Zhao, Y.: Identity-concealed authenticated encryption and key exchange. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 1464\u20131479. ACM Press (2016). https:\/\/doi.org\/10.1145\/2976749.2978350","DOI":"10.1145\/2976749.2978350"}],"container-title":["Lecture Notes in Computer Science","Post-Quantum Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-40003-2_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T13:05:46Z","timestamp":1691586346000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-40003-2_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031400025","9783031400032"],"references-count":74,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-40003-2_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"10 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"PQCrypto","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Post-Quantum Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"College Park, MD","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"pqcrypto2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/pqcrypto2023.umiacs.io\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"51","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"25","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"49% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.16","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.30","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}