{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,28]],"date-time":"2026-02-28T12:57:56Z","timestamp":1772283476391,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":16,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642019562","type":"print"},{"value":"9783642019579","type":"electronic"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-01957-9_2","type":"book-chapter","created":{"date-parts":[[2009,5,15]],"date-time":"2009-05-15T11:24:25Z","timestamp":1242386665000},"page":"20-33","source":"Crossref","is-referenced-by-count":46,"title":["Session-state Reveal Is Stronger Than Ephemeral Key Reveal: Attacking the NAXOS Authenticated Key Exchange Protocol"],"prefix":"10.1007","author":[{"given":"Cas J. F.","family":"Cremers","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"2_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-75670-5_1","volume-title":"Provable Security","author":"B. LaMacchia","year":"2007","unstructured":"LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol.\u00a04784, pp. 1\u201316. Springer, Heidelberg (2007)"},{"key":"2_CR2","unstructured":"LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. Cryptology ePrint Archive, Report 2006\/073 (2006), \n                    \n                      http:\/\/eprint.iacr.org\/"},{"key":"2_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-540-76900-2_29","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"T. Okamoto","year":"2007","unstructured":"Okamoto, T.: Authenticated key exchange and key encapsulation in the standard model. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol.\u00a04833, pp. 474\u2013484. Springer, Heidelberg (2007)"},{"issue":"3","key":"2_CR4","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/s10623-007-9159-1","volume":"46","author":"B. Ustaoglu","year":"2008","unstructured":"Ustaoglu, B.: Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Des. Codes Cryptography\u00a046(3), 329\u2013342 (2008)","journal-title":"Des. Codes Cryptography"},{"key":"2_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/3-540-44987-6_28","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"R. Canetti","year":"2001","unstructured":"Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol.\u00a02045, pp. 453\u2013474. Springer, Heidelberg (2001)"},{"key":"2_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"546","DOI":"10.1007\/11535218_33","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"H. Krawczyk","year":"2005","unstructured":"Krawczyk, H.: HMQV: A high-performance secure diffie-hellman protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 546\u2013566. Springer, Heidelberg (2005)"},{"key":"2_CR7","first-page":"255","volume-title":"CCS 2001: Proceedings of the 8th ACM conference on Computer and Communications Security","author":"E. Bresson","year":"2001","unstructured":"Bresson, E., Chevassut, O., Pointcheval, D., Quisquater, J.: Provably authenticated group Diffie-Hellman key exchange. In: CCS 2001: Proceedings of the 8th ACM conference on Computer and Communications Security, pp. 255\u2013264. ACM Press, New York (2001)"},{"key":"2_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1007\/978-3-540-70500-0_5","volume-title":"Information Security and Privacy","author":"A. Menezes","year":"2008","unstructured":"Menezes, A., Ustaoglu, B.: Comparing the pre- and post-specified peer models for key agreement. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol.\u00a05107, pp. 53\u201368. Springer, Heidelberg (2008)"},{"key":"2_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"624","DOI":"10.1007\/11593447_34","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"K.K. Choo","year":"2005","unstructured":"Choo, K.K., Boyd, C., Hitchcock, Y.: Examining indistinguishability-based proof models for key establishment proofs. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol.\u00a03788, pp. 624\u2013643. Springer, Heidelberg (2005)"},{"key":"2_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/3-540-45539-6_11","volume-title":"Advances in Cryptology - EUROCRYPT 2000","author":"M. Bellare","year":"2000","unstructured":"Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol.\u00a01807, pp. 139\u2013155. Springer, Heidelberg (2000)"},{"key":"2_CR11","unstructured":"Xia, J., Wang, J., Fang, L., Ren, Y., Bian, S.: Formal proof of relative strengths of security between ECK 2007 model and other proof models for key agreement protocols. Cryptology ePrint Archive, Report 2008\/479 (2008) \n                    \n                      http:\/\/eprint.iacr.org\/\n                    \n                    \n                   (retrieved January 12, 2009)"},{"key":"2_CR12","unstructured":"Lee, J., Park, C.: An efficient authenticated key exchange protocol with a tight security reduction. Cryptology ePrint Archive, Report 2008\/345 (2008) \n                    \n                      http:\/\/eprint.iacr.org\/\n                    \n                    \n                   (retrieved January 12, 2009)"},{"key":"2_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-540-70500-0_6","volume-title":"Information Security and Privacy","author":"C. Boyd","year":"2008","unstructured":"Boyd, C., Cliff, Y., Nieto, J., Paterson, K.: Efficient one-round key exchange in the standard model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol.\u00a05107, pp. 69\u201383. Springer, Heidelberg (2008)"},{"key":"2_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"414","DOI":"10.1007\/978-3-540-70545-1_38","volume-title":"Computer Aided Verification","author":"C. Cremers","year":"2008","unstructured":"Cremers, C.: The Scyther Tool: Verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol.\u00a05123, pp. 414\u2013418. Springer, Heidelberg (2008)"},{"key":"2_CR15","unstructured":"NIST: SKIPJACK and KEA algorithm specification (1998), \n                    \n                      http:\/\/csrc.nist.gov\/groups\/ST\/toolkit\/documents\/skipjack\/skipjack.pdf"},{"key":"2_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1007\/11745853_25","volume-title":"Public Key Cryptography - PKC 2006","author":"K. Lauter","year":"2006","unstructured":"Lauter, K., Mityagin, A.: Security analysis of KEA authenticated key exchange protocol. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol.\u00a03958, pp. 378\u2013394. Springer, Heidelberg (2006)"}],"container-title":["Lecture Notes in Computer Science","Applied Cryptography and Network Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-01957-9_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,19]],"date-time":"2019-05-19T12:14:43Z","timestamp":1558268083000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-01957-9_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642019562","9783642019579"],"references-count":16,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-01957-9_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2009]]}}}