{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T03:15:37Z","timestamp":1773717337335,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":35,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642275753","type":"print"},{"value":"9783642275760","type":"electronic"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-27576-0_10","type":"book-chapter","created":{"date-parts":[[2012,2,2]],"date-time":"2012-02-02T13:45:35Z","timestamp":1328190335000},"page":"113-126","source":"Crossref","is-referenced-by-count":7,"title":["Authenticated Key Exchange under Bad Randomness"],"prefix":"10.1007","author":[{"given":"Guomin","family":"Yang","sequence":"first","affiliation":[]},{"given":"Shanshan","family":"Duan","sequence":"additional","affiliation":[]},{"given":"Duncan S.","family":"Wong","sequence":"additional","affiliation":[]},{"given":"Chik How","family":"Tan","sequence":"additional","affiliation":[]},{"given":"Huaxiong","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"10_CR1","unstructured":"Digital singature standard. National Institute of Standards and Technology, NIST FIPS PUB 186 (May 1994)"},{"issue":"2","key":"10_CR2","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1145\/996943.996946","volume":"7","author":"W. Aiello","year":"2004","unstructured":"Aiello, W., Bellovin, S.M., Blaze, M., Canetti, R., Ioannidis, J., Keromytis, A.D., Reingold, O.: Just fast keying: Key agreement in a hostile Internet. ACM Trans. Inf. Syst. Secur.\u00a07(2), 242\u2013273 (2004)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"10_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"602","DOI":"10.1007\/11818175_36","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"M. Bellare","year":"2006","unstructured":"Bellare, M.: New Proofs for NMAC and HMAC: Security without Collision-Resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol.\u00a04117, pp. 602\u2013619. Springer, Heidelberg (2006)"},{"key":"10_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/978-3-642-10366-7_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"M. Bellare","year":"2009","unstructured":"Bellare, M., Brakerski, Z., Naor, M., Ristenpart, T., Segev, G., Shacham, H., Yilek, S.: Hedged Public-Key Encryption: How to Protect Against Bad Randomness. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol.\u00a05912, pp. 232\u2013249. Springer, Heidelberg (2009)"},{"key":"10_CR5","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"M. Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 1\u201315. Springer, Heidelberg (1996)"},{"key":"10_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"495","DOI":"10.1007\/3-540-44987-6_30","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"M. Bellare","year":"2001","unstructured":"Bellare, M., Fischlin, M., Goldwasser, S., Micali, S.: Identification Protocols Secure Against Reset Attacks. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol.\u00a02045, pp. 495\u2013511. Springer, Heidelberg (2001)"},{"key":"10_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/3-540-48329-2_21","volume-title":"Advances in Cryptology - CRYPTO \u201993","author":"M. Bellare","year":"1994","unstructured":"Bellare, M., Rogaway, P.: Entity Authentication and Key Distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol.\u00a0773, pp. 232\u2013249. Springer, Heidelberg (1994)"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Provably secure session key distribution \u2014 the three party case. In: 28th ACM STOC, pp. 57\u201366","DOI":"10.1145\/225058.225084"},{"key":"10_CR9","doi-asserted-by":"crossref","unstructured":"Blake-Wilson, S., Menezes, A.: Entity authentication and authenticated key transport protocols employing asymmetric techniques. In: Security Protocols Workshop, pp. 137\u2013158 (1997)","DOI":"10.1007\/BFb0028166"},{"key":"10_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-3-540-70500-0_6","volume-title":"Information Security and Privacy","author":"C. Boyd","year":"2008","unstructured":"Boyd, C., Cliff, Y., Gonzalez Nieto, J.M., Paterson, K.G.: Efficient One-Round Key Exchange in the Standard Model. In: Mu, Y., Susilo, W., Seberry, J. (eds.) ACISP 2008. LNCS, vol.\u00a05107, pp. 69\u201383. Springer, Heidelberg (2008), http:\/\/eprint.iacr.org\/2008\/007"},{"issue":"3","key":"10_CR11","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1145\/501978.501981","volume":"4","author":"B.S. Kaliski Jr.","year":"2001","unstructured":"Kaliski Jr., B.S.: An unknown key-share attack on the MQV key agreement protocol. ACM Trans. Inf. Syst. Secur.\u00a04(3), 275\u2013288 (2001)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Canetti, R., Goldreich, O., Goldwasser, S., Micali, S.: Resettable zero-knowledge. In: 32nd ACM STOC, pp. 235\u2013244","DOI":"10.1145\/335305.335334"},{"key":"10_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/3-540-44987-6_28","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"R. Canetti","year":"2001","unstructured":"Canetti, R., Krawczyk, H.: Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol.\u00a02045, pp. 453\u2013474. Springer, Heidelberg (2001), http:\/\/eprint.iacr.org\/2001\/040\/"},{"key":"10_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1007\/3-540-45708-9_10","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"R. Canetti","year":"2002","unstructured":"Canetti, R., Krawczyk, H.: Security Analysis of iKE\u2019s Signature-Based Key-Exchange Protocol. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 143\u2013161. Springer, Heidelberg (2002), http:\/\/eprint.iacr.org\/2002\/120\/"},{"key":"10_CR15","unstructured":"Chevassut, O., Fouque, P.-A., Gaudry, P., Pointcheval, D.: Key derivation and randomness extraction. Cryptology ePrint Archive, Report 2005\/061 (2005), http:\/\/eprint.iacr.org\/"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/3-540-46035-7_24","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"A. Desai","year":"2002","unstructured":"Desai, A., Hevia, A., Yin, Y.L.: A Practice-Oriented Treatment of Pseudorandom Number Generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, pp. 368\u2013383. Springer, Heidelberg (2002)"},{"key":"10_CR17","unstructured":"Dodis, Y.: Exposure-resilient cryptography. PhD Thesis, MIT (2000)"},{"key":"10_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"494","DOI":"10.1007\/978-3-540-28628-8_30","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"Y. Dodis","year":"2004","unstructured":"Dodis, Y., Gennaro, R., H\u00e5stad, J., Krawczyk, H., Rabin, T.: Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol.\u00a03152, pp. 494\u2013510. Springer, Heidelberg (2004)"},{"key":"10_CR19","doi-asserted-by":"crossref","unstructured":"Eastlake, D., Crocker, S., Schiller, J.: IETF RFC 1750: Randomness Recommendations for Security (1994)","DOI":"10.17487\/rfc1750"},{"key":"10_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"186","DOI":"10.1007\/3-540-47721-7_12","volume-title":"Advances in Cryptology - CRYPTO \u201986","author":"A. Fiat","year":"1987","unstructured":"Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol.\u00a0263, pp. 186\u2013194. Springer, Heidelberg (1987)"},{"issue":"2","key":"10_CR21","doi-asserted-by":"publisher","first-page":"281","DOI":"10.1137\/0217017","volume":"17","author":"S. Goldwasser","year":"1988","unstructured":"Goldwasser, S., Micali, S., Rivest, R.L.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing\u00a017(2), 281\u2013308 (1988)","journal-title":"SIAM Journal on Computing"},{"key":"10_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/978-3-642-01001-9_3","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"V. Goyal","year":"2009","unstructured":"Goyal, V., Sahai, A.: Resettably Secure Computation. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol.\u00a05479, pp. 54\u201371. Springer, Heidelberg (2009)"},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Harkins, D., Carrel, D.: The Internet Key Exchange (IKE). RFC 2409 (1998)","DOI":"10.17487\/rfc2409"},{"key":"10_CR24","unstructured":"Entity authentication mechanisms - Part 3: Entity authentication using asymmetric techniques. ISO\/IEC IS 9798-3 (1993)"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Kaufman, C.: Internet Key Exchange (IKEv2) Protocol. RFC 4306 (2005)","DOI":"10.17487\/rfc4306"},{"key":"10_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"546","DOI":"10.1007\/11535218_33","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"H. Krawczyk","year":"2005","unstructured":"Krawczyk, H.: HMQV: A High-Performance Secure Diffie-Hellman Protocol. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 546\u2013566. Springer, Heidelberg (2005)"},{"key":"10_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"400","DOI":"10.1007\/978-3-540-45146-4_24","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"H. Krawczyk","year":"2003","unstructured":"Krawczyk, H.: SIGMA: The \u2018SIGn-and-mAc\u2019 Approach to Authenticated Diffie-Hellman and its Use in the IKE Protocols. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 400\u2013425. Springer, Heidelberg (2003)"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Krawczyk, H.: SKEME: A versatile secure key exchange mechanism for Internet. In: NDSS, pp. 114\u2013127 (1996)","DOI":"10.1109\/NDSS.1996.492418"},{"key":"10_CR29","doi-asserted-by":"crossref","unstructured":"LaMacchia, B.A., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Provable Security, pp. 1\u201316 (2007)","DOI":"10.1007\/978-3-540-75670-5_1"},{"key":"10_CR30","unstructured":"Matthews, T.: Suggestions for random number generation in software. RSA Laboratories Bulletin # 1 (January 1996)"},{"key":"10_CR31","unstructured":"Menezes, A., Ustaoglu, B.: On reusing ephemeral keys in Diffie-Hellman key agreement protocols. International Journal of Applied Cryptography (to appear), http:\/\/www.math.uwaterloo.ca\/~ajmeneze\/research.html"},{"key":"10_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-540-76900-2_29","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"T. Okamoto","year":"2007","unstructured":"Okamoto, T.: Authenticated Key Exchange and Key Encapsulation in the Standard Model. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol.\u00a04833, pp. 474\u2013484. Springer, Heidelberg (2007), http:\/\/eprint.iacr.org\/2007\/473"},{"key":"10_CR33","doi-asserted-by":"crossref","unstructured":"Fouque, P.-A., Pointcheval, D., Zimmer, S.: HMAC is a randomness extractor and applications to TLS. In: ASIACCS, pp. 21\u201332 (2008)","DOI":"10.1145\/1368310.1368317"},{"key":"10_CR34","unstructured":"Ristenpart, T., Yilek, S.: When good randomness goes bad: Virtual machine reset vulnerabilities and hedging deployed cryptography. In: Network and Distributed System Security Symposium (NDSS) (2010)"},{"key":"10_CR35","doi-asserted-by":"crossref","unstructured":"Yilek, S.: Resettable public-key encryption: How to encrypt on a virtual machine. In: Topics in Cryptology - CT-RSA, pp. 41\u201356 (2010)","DOI":"10.1007\/978-3-642-11925-5_4"}],"container-title":["Lecture Notes in Computer Science","Financial Cryptography and Data Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-27576-0_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,3,19]],"date-time":"2025-03-19T18:53:03Z","timestamp":1742410383000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-27576-0_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642275753","9783642275760"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-27576-0_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012]]}}}