{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T04:12:33Z","timestamp":1743048753194,"version":"3.40.3"},"publisher-location":"Cham","reference-count":27,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031781155"},{"type":"electronic","value":"9783031781162"}],"license":[{"start":{"date-parts":[[2024,11,29]],"date-time":"2024-11-29T00:00:00Z","timestamp":1732838400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,11,29]],"date-time":"2024-11-29T00:00:00Z","timestamp":1732838400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-78116-2_10","type":"book-chapter","created":{"date-parts":[[2024,11,28]],"date-time":"2024-11-28T07:30:18Z","timestamp":1732779018000},"page":"155-170","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Formal Verification of\u00a0Forward Secrecy and\u00a0Post-Compromise Security for\u00a0TreeKEM"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7181-4288","authenticated-orcid":false,"given":"Alex J.","family":"Washburn","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Subash","family":"Shankar","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,11,29]]},"reference":[{"key":"10_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-030-17653-2_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"J Alwen","year":"2019","unstructured":"Alwen, J., Coretti, S., Dodis, Y.: The double ratchet: security notions, proofs, and modularization for the signal protocol. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 129\u2013158. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17653-2_5"},{"key":"10_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"248","DOI":"10.1007\/978-3-030-56784-2_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"J Alwen","year":"2020","unstructured":"Alwen, J., Coretti, S., Dodis, Y., Tselekounis, Y.: Security analysis and improvements for the IETF MLS standard for group messaging. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12170, pp. 248\u2013277. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56784-2_9"},{"key":"10_CR3","unstructured":"B\u00e6rentzen, J.A.: On left-balancing binary trees. Technical report, Technical University of Denmark, Technical report (2003)"},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"Barnes, R., Beurdouche, B., Robert, R., Millican, J., Omara, E., Cohn-Gordon, K.: The messaging layer security (MLS) protocol. Internet-Draft draft-ietf-mls-protocol-14, Internet Engineering Task Force (2022). https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-mls-protocol-14, work in Progress","DOI":"10.17487\/RFC9420"},{"key":"10_CR5","unstructured":"Bhargavan, K., Barnes, R., Rescorla, E.: TreeKEM: asynchronous decentralized key management for large dynamic groups a protocol proposal for messaging layer security (MLS). Research report, Inria Paris (2018). https:\/\/hal.inria.fr\/hal-02425247"},{"issue":"4","key":"10_CR6","doi-asserted-by":"publisher","first-page":"639","DOI":"10.1093\/comjnl\/bxaa104","volume":"64","author":"C Boyd","year":"2021","unstructured":"Boyd, C., Gellert, K.: A modern view on forward security. Comput. J. 64(4), 639\u2013652 (2021)","journal-title":"Comput. J."},{"issue":"2","key":"10_CR7","doi-asserted-by":"publisher","first-page":"142","DOI":"10.1016\/0890-5401(92)90017-A","volume":"98","author":"JR Burch","year":"1992","unstructured":"Burch, J.R., Clarke, E.M., McMillan, K.L., Dill, D.L., Hwang, L.J.: Symbolic model checking: 1020 states and beyond. Inf. Comput. 98(2), 142\u2013170 (1992)","journal-title":"Inf. Comput."},{"key":"10_CR8","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1007\/bfb0025774","volume-title":"Logic of Programs 1981","author":"EM Clarke","year":"1981","unstructured":"Clarke, E.M., Emerson, E.A.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Kozen, D. (ed.) Logic of Programs 1981. LNCS, vol. 131, pp. 52\u201371. Springer, Heidelberg (1981). https:\/\/doi.org\/10.1007\/bfb0025774"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Cohn-Gordon, K., Cremers, C., Garratt, L.: On post-compromise security. In: 2016 IEEE 29th Computer Security Foundations Symposium (CSF), pp. 164\u2013178. IEEE (2016)","DOI":"10.1109\/CSF.2016.19"},{"key":"10_CR10","doi-asserted-by":"publisher","unstructured":"Cohn-Gordon, K., Cremers, C., Garratt, L.: On post-compromise security. In: 2016 IEEE 29th Computer Security Foundations Symposium (CSF), pp. 164\u2013178 (2016). https:\/\/doi.org\/10.1109\/CSF.2016.19","DOI":"10.1109\/CSF.2016.19"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Cohn-Gordon, K., Cremers, C., Garratt, L., Millican, J., Milner, K.: On ends-to-ends encryption: asynchronous group messaging with strong security guarantees. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1802\u20131819 (2018)","DOI":"10.1145\/3243734.3243747"},{"key":"10_CR12","unstructured":"Holzmann, G.J.: The Spin Model Checker: Primer and Reference Manual. Addison-Wesley Professional, hardcover edn. (2003)"},{"issue":"02","key":"10_CR13","doi-asserted-by":"publisher","first-page":"467","DOI":"10.1055\/s-0038-1660521","volume":"9","author":"MA Jahn","year":"2018","unstructured":"Jahn, M.A., Porter, B.W., Patel, H., Zillich, A.J., Simon, S.R., Russ, A.L.: Usability assessment of secure messaging for clinical document sharing between health care providers and patients. Appl. Clin. Inform. 9(02), 467\u2013477 (2018)","journal-title":"Appl. Clin. Inform."},{"key":"10_CR14","unstructured":"Omara, B., Rescorla, I., Kwon, D.: The messaging layer security (MLS) architecture. In: Proceedings of Network Working Group. Internet Engineering Task Force (2020)"},{"key":"10_CR15","unstructured":"Omara, E., Beurdouche, B., Rescorla, E., Inguva, S., Kwon, A., Duric, A.: The messaging layer security (MLS) architecture. Internet-Draft draft-ietf-mls-architecture-03, Internet Engineering Task Force (2019). https:\/\/datatracker.ietf.org\/doc\/draft-ietf-mls-architecture\/03\/. work in Progress"},{"issue":"6","key":"10_CR16","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/65.806987","volume":"13","author":"R Perlman","year":"1999","unstructured":"Perlman, R.: An overview of PKI trust models. IEEE Netw. 13(6), 38\u201343 (1999)","journal-title":"IEEE Netw."},{"key":"10_CR17","unstructured":"Perrin, T., Marlinspike, M.: Axolotl ratchet, p.\u00a016 (2013). https:\/\/github.com\/trevp\/axolotl\/wiki (visited on 2014-11-02)"},{"key":"10_CR18","unstructured":"Perrin, T., Marlinspike, M.: The double ratchet algorithm. GitHub wiki 112 (2016), M. Marlinspike and T. Perrin. The double ratchet algorithm (2016)"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Rescorla, E., Korver, B.: RFC3552: Guidelines for Writing RFC Text on Security Considerations (2003)","DOI":"10.17487\/rfc3552"},{"key":"10_CR20","unstructured":"Rudin, H., West, C., et\u00a0al.: On limits and possibilities of automated protocol analysis. In: Protocol Specification, Testing, and Verification, VII: Proceedings of the IFIP WG 6.1 Seventh International Conference on Protocol Specification, Testing, and Verification, vol.\u00a07, p.\u00a0339. North Holland (1987)"},{"key":"10_CR21","doi-asserted-by":"crossref","unstructured":"Schr\u00f6der, S., Huber, M., Wind, D., Rottermanner, C.: When SIGNAL hits the fan: on the usability and security of state-of-the-art secure mobile messaging. In: European Workshop on Usable Security, pp.\u00a01\u20137. IEEE (2016)","DOI":"10.14722\/eurousec.2016.23012"},{"key":"10_CR22","doi-asserted-by":"publisher","unstructured":"Shirey, R.W.: Internet Security Glossary, Version 2. RFC 4949 (2007). https:\/\/doi.org\/10.17487\/RFC4949. https:\/\/www.rfc-editor.org\/info\/rfc4949","DOI":"10.17487\/RFC4949"},{"key":"10_CR23","unstructured":"Shoup, V.: Sequences of games: a tool for taming complexity in security proofs. cryptology eprint archive (2004)"},{"key":"10_CR24","doi-asserted-by":"crossref","unstructured":"Unger, N., et al.: SoK: secure messaging. In: 2015 IEEE Symposium on Security and Privacy, pp. 232\u2013249. IEEE (2015)","DOI":"10.1109\/SP.2015.22"},{"key":"10_CR25","unstructured":"Vaziripour, E., et al.: Is that you, alice? A usability study of the authentication ceremony of secure messaging applications. In: Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), pp. 29\u201347 (2017)"},{"key":"10_CR26","unstructured":"Washburn, A.J.: Formal Verification Applications for the TreeKEM Continuous Group Key Agreement Protocol. Master\u2019s thesis (2022)"},{"key":"10_CR27","doi-asserted-by":"publisher","unstructured":"Washburn, A.J., Shankar, S.: SPIN Model of TreeKEM: FSU & PCS (2024). https:\/\/doi.org\/10.5281\/zenodo.13893828","DOI":"10.5281\/zenodo.13893828"}],"container-title":["Lecture Notes in Computer Science","Formal Methods: Foundations and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-78116-2_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,11,28]],"date-time":"2024-11-28T09:04:39Z","timestamp":1732784679000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-78116-2_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,11,29]]},"ISBN":["9783031781155","9783031781162"],"references-count":27,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-78116-2_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024,11,29]]},"assertion":[{"value":"29 November 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SBMF","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Brazilian Symposium on Formal Methods","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Vit\u00f3ria","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Brazil","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"3 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sbmf2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}