{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T07:00:29Z","timestamp":1777964429271,"version":"3.51.4"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031911231","type":"print"},{"value":"9783031911248","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-91124-8_16","type":"book-chapter","created":{"date-parts":[[2025,4,27]],"date-time":"2025-04-27T09:23:13Z","timestamp":1745745793000},"page":"451-481","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Under What Conditions Is Encrypted Key Exchange Actually Secure?"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-8686-8781","authenticated-orcid":false,"given":"Jake","family":"Januzelli","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-8436-0029","authenticated-orcid":false,"given":"Lawrence","family":"Roy","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0881-9980","authenticated-orcid":false,"given":"Jiayu","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,4,28]]},"reference":[{"key":"16_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-030-56784-2_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"M Abdalla","year":"2020","unstructured":"Abdalla, M., Barbosa, M., Bradley, T., Jarecki, S., Katz, J., Xu, J.: Universally composable relaxed password authenticated key exchange. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12170, pp. 278\u2013307. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56784-2_10"},{"key":"16_CR2","series-title":"Part V, volume 15488 of LNCS","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-981-96-0935-2_1","volume-title":"ASIACRYPT 2024","author":"A Arriaga","year":"2024","unstructured":"Arriaga, A., Barbosa, M., Jarecki, S., Skrobot, M.: C\u2019est Tr\u00e8s CHIC: a compact password-authenticated key exchange from lattice-based KEM. In: Chung, K.-M., Sasaki, Yu. (eds.) ASIACRYPT 2024. Part V, volume 15488 of LNCS, pp. 3\u201333. Springer, Singapore (2024). https:\/\/doi.org\/10.1007\/978-981-96-0935-2_1"},{"key":"16_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"711","DOI":"10.1007\/978-3-030-92068-5_24","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"M Abdalla","year":"2021","unstructured":"Abdalla, M., Haase, B., Hesse, J.: Security analysis of\u00a0CPace. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13093, pp. 711\u2013741. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92068-5_24"},{"key":"16_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1007\/978-3-540-30574-3_14","volume-title":"Topics in Cryptology \u2013 CT-RSA 2005","author":"M Abdalla","year":"2005","unstructured":"Abdalla, M., Pointcheval, D.: Simple password-based encrypted key exchange protocols. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 191\u2013208. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/978-3-540-30574-3_14"},{"key":"16_CR5","doi-asserted-by":"publisher","unstructured":"Abram, D., Waters, B., Zhandry, M.: Security-preserving distributed samplers: How to generate any CRS in one round without random oracles. In: Handschuh, H., Lysyanskaya, A. (eds.) CRYPTO 2023. Part I. LNCS, vol. 14081, pp. 489\u2013514. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-38557-5_16","DOI":"10.1007\/978-3-031-38557-5_16"},{"key":"16_CR6","doi-asserted-by":"crossref","unstructured":"Bresson, E., Chevassut, O., Pointcheval, D.: Security proofs for an efficient password-based key exchange. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) ACM CCS 2003, pp. 241\u2013250 (2). ACM Press003","DOI":"10.1145\/948109.948142"},{"key":"16_CR7","doi-asserted-by":"publisher","unstructured":"Beguinet, H., Chevalier, C., Pointcheval, D., Ricosset, T., Rossi, M.: GeT a CAKE: generic transformations from key encaspulation mechanisms to password authenticated key exchanges. In: Tibouchi, M., Wang, X. (eds.) ACNS 23. Part II, LNCS, vol. 13906, pp. 516\u2013538. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-33491-7_19","DOI":"10.1007\/978-3-031-33491-7_19"},{"key":"16_CR8","unstructured":"Bellovin, S.M., Merritt, M.: Encrypted key exchange: password-based protocols secure against dictionary attacks. In: 1992 IEEE Symposium on Security and Privacy, pp. 72\u201384. IEEE Computer Society Press (1992)"},{"key":"16_CR9","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-45539-6_11","volume-title":"EUROCRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139\u2013155. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_11"},{"key":"16_CR10","doi-asserted-by":"crossref","unstructured":"Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, pp. 136\u2013145. IEEE Computer Society Press (2001)","DOI":"10.1109\/SFCS.2001.959888"},{"key":"16_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1007\/978-3-319-78381-9_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"J Camenisch","year":"2018","unstructured":"Camenisch, J., Drijvers, M., Gagliardoni, T., Lehmann, A., Neven, G.: The wonderful world of global random oracles. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10820, pp. 280\u2013312. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_11"},{"key":"16_CR12","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"404","DOI":"10.1007\/11426639_24","volume-title":"EUROCRYPT 2005","author":"R Canetti","year":"2005","unstructured":"Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.D.: Universally composable password-based key exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404\u2013421. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_24"},{"key":"16_CR13","unstructured":"Crypto forum research group: PAKE selection (2020). https:\/\/github.com\/cfrg\/pake-selection"},{"key":"16_CR14","series-title":"Part IV, volume 14084 of LNCS","doi-asserted-by":"publisher","first-page":"330","DOI":"10.1007\/978-3-031-38551-3_11","volume-title":"CRYPTO 2023","author":"T Gareth","year":"2023","unstructured":"Gareth, T.: Security analysis of the WhatsApp end-to-end encrypted backup protocol. In: Handschuh, H., Lysyanskaya, A. (eds.) CRYPTO 2023. Part IV, volume 14084 of LNCS, pp. 330\u2013361. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-38551-3_11"},{"key":"16_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"393","DOI":"10.1007\/978-3-319-78372-7_13","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"P-A Dupont","year":"2018","unstructured":"Dupont, P.-A., Hesse, J., Pointcheval, D., Reyzin, L., Yakoubov, S.: Fuzzy password-authenticated key exchange. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 393\u2013424. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_13"},{"key":"16_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-662-53018-4_4","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"Y Dai","year":"2016","unstructured":"Dai, Y., Steinberger, J.: Indifferentiability of 8-round feistel networks. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 95\u2013120. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_4"},{"key":"16_CR17","doi-asserted-by":"crossref","unstructured":"Groce, A., Katz, J.: A new framework for efficient password-based authenticated key exchange. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V., (eds.) ACM CCS 2010, pp. 516\u2013525 (2010). ACM Press","DOI":"10.1145\/1866307.1866365"},{"key":"16_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"524","DOI":"10.1007\/3-540-39200-9_33","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2003","author":"R Gennaro","year":"2003","unstructured":"Gennaro, R., Lindell, Y.: A framework for password-based authenticated key exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524\u2013543. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/3-540-39200-9_33"},{"key":"16_CR19","doi-asserted-by":"crossref","unstructured":"Haase, B., Labrique, B.: AuCPace: efficient verifier-based PAKE protocol tailored for the IIoT. In: IACR Transactions on Cryptographic Hardware and Embedded Systems, pp. 1\u201348 (2019)","DOI":"10.46586\/tches.v2019.i2.1-48"},{"key":"16_CR20","unstructured":"Jarecki, S.: Randomized half-ideal cipher on groups with applications to UC (a)PAKE (2023). https:\/\/www.youtube.com\/watch?v=GL4m7StDsPg, 2023. Talk at EUROCRYPT 2023"},{"key":"16_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"456","DOI":"10.1007\/978-3-319-78372-7_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"S Jarecki","year":"2018","unstructured":"Jarecki, S., Krawczyk, H., Xu, J.: OPAQUE: an asymmetric PAKE protocol secure against pre-computation attacks. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 456\u2013486. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78372-7_15"},{"key":"16_CR22","unstructured":"Januzelli, J., Roy, L., Xu, J.: Under what conditions is encrypted key exchange actually secure? Cryptology ePrint Archive, Paper 2024\/324 (2024)"},{"key":"16_CR23","series-title":"LNCS","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-642-19571-6_18","volume-title":"TCC 2011","author":"J Katz","year":"2011","unstructured":"Katz, J., Vaikuntanathan, V.: Round-optimal password-based authenticated key exchange. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 293\u2013310. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19571-6_18"},{"key":"16_CR24","doi-asserted-by":"publisher","unstructured":"Liu, X., Liu, S., Han, S., Dawu, G.: EKE meets tight security in the Universally Composable framework. In: Boldyreva, A., Kolesnikov, V. (eds.) PKC 2023. Part I, vol. 13940 of LNCS, pp. 685\u2013713. Springer, Heidelberg (2023). https:\/\/doi.org\/10.1007\/978-3-031-31368-4_24","DOI":"10.1007\/978-3-031-31368-4_24"},{"key":"16_CR25","doi-asserted-by":"crossref","unstructured":"McQuoid, I., Rosulek, M., Roy, L.: Minimal symmetric PAKE and 1-out-of-N OT from programmable-once public functions. In: Ligatti, J., Ou, X., Katz, J., Vigna, G., (eds.) ACM CCS 2020, pp. 425\u2013442 (2020). ACM Press","DOI":"10.1145\/3372297.3417870"},{"key":"16_CR26","doi-asserted-by":"publisher","unstructured":"Roy, L., Xu, J.: A universally composable PAKE with zero communication cost. In: Boldyreva, A., Kolesnikov, V. (eds.) Public-Key Cryptography \u2013 PKC 2023. PKC 2023. LNCS, vol. 13940. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-31368-4_25","DOI":"10.1007\/978-3-031-31368-4_25"},{"key":"16_CR27","doi-asserted-by":"publisher","unstructured":"Santos, B.F.D., Gu, Y., Jarecki, S.: Randomized half-ideal cipher on groups with applications to UC (a)PAKE. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14008. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-30589-4_5","DOI":"10.1007\/978-3-031-30589-4_5"},{"key":"16_CR28","doi-asserted-by":"publisher","unstructured":"Xagawa, K.: Anonymity of NIST PQC round 3 KEMs. In: Dunkelman, O., Dziembowski, S. (eds.) Advances in Cryptology \u2013 EUROCRYPT 2022. EUROCRYPT 2022. LNCS, vol. 13277. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-07082-2_20","DOI":"10.1007\/978-3-031-07082-2_20"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-91124-8_16","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,27]],"date-time":"2025-04-27T09:23:18Z","timestamp":1745745798000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-91124-8_16"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031911231","9783031911248"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-91124-8_16","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"28 April 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Madrid","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 May 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 May 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"44","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2025\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}