{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,6]],"date-time":"2024-09-06T22:35:32Z","timestamp":1725662132823},"publisher-location":"Berlin, Heidelberg","reference-count":18,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642283673"},{"type":"electronic","value":"9783642283680"}],"license":[{"start":{"date-parts":[[2012,1,1]],"date-time":"2012-01-01T00:00:00Z","timestamp":1325376000000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012]]},"DOI":"10.1007\/978-3-642-28368-0_9","type":"book-chapter","created":{"date-parts":[[2012,2,21]],"date-time":"2012-02-21T07:51:46Z","timestamp":1329810706000},"page":"83-107","source":"Crossref","is-referenced-by-count":5,"title":["Authenticated-Encryption with Padding: A Formal Security Treatment"],"prefix":"10.1007","author":[{"given":"Kenneth G.","family":"Paterson","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Gaven J.","family":"Watson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"9_CR1","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1109\/SP.2009.5","volume-title":"IEEE Symposium on Security and Privacy","author":"M.R. Albrecht","year":"2009","unstructured":"Albrecht, M.R., Paterson, K.G., Watson, G.J.: Plaintext recovery attacks against SSH. In: IEEE Symposium on Security and Privacy, pp. 16\u201326. IEEE Computer Society, Los Alamitos (2009)"},{"key":"9_CR2","doi-asserted-by":"publisher","first-page":"394","DOI":"10.1109\/SFCS.1997.646128","volume-title":"Proceedings of 38th Annual Symposium on Foundations of Computer Science (FOCS 1997)","author":"M. Bellare","year":"1997","unstructured":"Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: Proceedings of 38th Annual Symposium on Foundations of Computer Science (FOCS 1997), pp. 394\u2013403. IEEE, Los Alamitos (1997)"},{"issue":"2","key":"9_CR3","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1145\/996943.996945","volume":"7","author":"M. Bellare","year":"2004","unstructured":"Bellare, M., Kohno, T., Namprempre, C.: Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the encode-then-encrypt-and-MAC paradigm. ACM Transactions on Information and Systems Security\u00a07(2), 206\u2013241 (2004)","journal-title":"ACM Transactions on Information and Systems Security"},{"key":"9_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/3-540-44448-3_41","volume-title":"Advances in Cryptology - ASIACRYPT 2000","author":"M. Bellare","year":"2000","unstructured":"Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol.\u00a01976, pp. 531\u2013545. Springer, Heidelberg (2000)"},{"key":"9_CR5","unstructured":"Black, J., Urtubia, H.: Side-channel attacks on symmetric encryption schemes: The case for authenticated encryption. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 5-9, pp. 327\u2013338 (2002)"},{"key":"9_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"583","DOI":"10.1007\/978-3-540-45146-4_34","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"B. Canvel","year":"2003","unstructured":"Canvel, B., Hiltgen, A.P., Vaudenay, S., Vuagnoux, M.: Password interception in a SSL\/TLS channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 583\u2013599. Springer, Heidelberg (2003)"},{"key":"9_CR7","first-page":"335","volume-title":"IEEE Symposium on Security and Privacy","author":"J.P. Degabriele","year":"2007","unstructured":"Degabriele, J.P., Paterson, K.G.: Attacking the IPsec standards in encryption-only configurations. In: IEEE Symposium on Security and Privacy, pp. 335\u2013349. IEEE Computer Society, Los Alamitos (2007)"},{"key":"9_CR8","first-page":"493","volume-title":"ACM Conference on Computer and Communications Security","author":"J.P. Degabriele","year":"2010","unstructured":"Degabriele, J.P., Paterson, K.G.: On the (in)security of IPsec in MAC-then-Encrypt configurations. In: Keromytis, A.D., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 493\u2013504. ACM, New York (2010)"},{"key":"9_CR9","doi-asserted-by":"crossref","unstructured":"Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard) (August 2008), \n                    \n                      http:\/\/www.ietf.org\/rfc\/rfc5246.txt","DOI":"10.17487\/rfc5246"},{"key":"9_CR10","volume-title":"IEEE Symposium on Security and Privacy","author":"T. Duong","year":"2011","unstructured":"Duong, T., Rizzo, J.: Cryptography in the Web: The Case of Cryptographic Design Flaws in ASP.NET. In: IEEE Symposium on Security and Privacy. IEEE Computer Society, Los Alamitos (to appear, 2011)"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"310","DOI":"10.1007\/3-540-44647-8_19","volume-title":"Advances in Cryptology - CRYPTO 2001","author":"H. Krawczyk","year":"2001","unstructured":"Krawczyk, H.: The order of encryption and authentication for protecting communications (or: How secure is SSL?). In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol.\u00a02139, pp. 310\u2013331. Springer, Heidelberg (2001)"},{"key":"9_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1007\/11556992_18","volume-title":"Information Security","author":"C.J. Mitchell","year":"2005","unstructured":"Mitchell, C.J.: Error oracle attacks on CBC mode: Is there a future for CBC mode encryption? In: Zhou, J., L\u00f3pez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol.\u00a03650, pp. 244\u2013258. Springer, Heidelberg (2005)"},{"key":"9_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1007\/978-3-540-85855-3_23","volume-title":"Security and Cryptography for Networks","author":"K.G. Paterson","year":"2008","unstructured":"Paterson, K.G., Watson, G.J.: Immunising CBC mode against padding oracle attacks: A formal security treatment. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol.\u00a05229, pp. 340\u2013357. Springer, Heidelberg (2008)"},{"key":"9_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1007\/978-3-642-13190-5_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"K.G. Paterson","year":"2010","unstructured":"Paterson, K.G., Watson, G.J.: Plaintext-dependent decryption: A formal security treatment of SSH-CTR. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol.\u00a06110, pp. 345\u2013361. Springer, Heidelberg (2010)"},{"key":"9_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1007\/978-3-540-24660-2_24","volume-title":"Topics in Cryptology \u2013 CT-RSA 2004","author":"K.G. Paterson","year":"2004","unstructured":"Paterson, K.G., Yau, A.K.L.: Padding oracle attacks on the ISO CBC mode encryption standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol.\u00a02964, pp. 305\u2013323. Springer, Heidelberg (2004)"},{"key":"9_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1007\/3-540-46035-7_35","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"S. Vaudenay","year":"2002","unstructured":"Vaudenay, S.: Security flaws induced by CBC padding - applications to SSL, IPSEC, WTLS.... In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, pp. 534\u2013546. Springer, Heidelberg (2002)"},{"key":"9_CR17","unstructured":"Watson, G.: Provable Security in Practice: Analysis of SSH and CBC mode with Padding. Ph.D. thesis, University of London (2010), \n                    \n                      http:\/\/www.ma.rhul.ac.uk\/static\/techrep\/2011\/RHUL-MA-2011-02.pdf"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"299","DOI":"10.1007\/11502760_20","volume-title":"Fast Software Encryption","author":"A.K.L. Yau","year":"2005","unstructured":"Yau, A.K.L., Paterson, K.G., Mitchell, C.J.: Padding oracle attacks on CBC-mode encryption with secret and random IVs. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol.\u00a03557, pp. 299\u2013319. Springer, Heidelberg (2005)"}],"container-title":["Lecture Notes in Computer Science","Cryptography and Security: From Theory to Applications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-28368-0_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T00:40:36Z","timestamp":1558312836000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-28368-0_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2012]]},"ISBN":["9783642283673","9783642283680"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-28368-0_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2012]]}}}