{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T00:00:40Z","timestamp":1769299240285,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":37,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662479995","type":"print"},{"value":"9783662480007","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-662-48000-7_27","type":"book-chapter","created":{"date-parts":[[2015,7,30]],"date-time":"2015-07-30T22:27:46Z","timestamp":1438295266000},"page":"545-564","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Data Is a Stream: Security of Stream-Based Channels"],"prefix":"10.1007","author":[{"given":"Marc","family":"Fischlin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Felix","family":"G\u00fcnther","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Giorgia Azzurra","family":"Marson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kenneth G.","family":"Paterson","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2015,8,1]]},"reference":[{"key":"27_CR1","unstructured":"3rd Generation Partnership Project (3GPP): GSM, UMTS, and LTE standards. \n                      http:\/\/www.3g.pp.org"},{"key":"27_CR2","doi-asserted-by":"crossref","unstructured":"Albrecht, M.R., Paterson, K.G., Watson, G.J.: Plaintext recovery attacks against SSH. In: 2009 IEEE Symposium on Security and Privacy, pp. 16\u201326. IEEE Computer Society Press, May 2009","DOI":"10.1109\/SP.2009.5"},{"key":"27_CR3","unstructured":"Badertscher, C., Matt, C., Maurer, U., Rogaway, P., Tackmann, B.: Augmented secure channels and the goal of the TLS 1.3 record layer. Cryptology ePrint Archive, Report 2015\/394 (2015). \n                      http:\/\/eprint.iacr.org\/"},{"key":"27_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/3-540-44647-8_18","volume-title":"Advances in Cryptology - CRYPTO 2001","author":"M Bellare","year":"2001","unstructured":"Bellare, M., Boldyreva, A., Knudsen, L.R., Namprempre, C.: Online ciphers and the Hash-CBC construction. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 292\u2013309. Springer, Heidelberg (2001)"},{"issue":"2","key":"27_CR5","doi-asserted-by":"publisher","first-page":"206","DOI":"10.1145\/996943.996945","volume":"7","author":"M Bellare","year":"2004","unstructured":"Bellare, M., Kohno, T., Namprempre, C.: Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the encode-then-encrypt-and-MAC paradigm. ACM Trans. Inf. Syst. Secur. 7(2), 206\u2013241 (2004)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"27_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/3-540-44448-3_41","volume-title":"Advances in Cryptology - ASIACRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531\u2013545. Springer, Heidelberg (2000)"},{"key":"27_CR7","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Delignat-Lavaud, A., Fournet, C., Pironti, A., Strub, P.Y.: Triple handshakes and cookie cutters: breaking and fixing authentication over TLS. In: 2014 IEEE Symposium on Security and Privacy, pp. 98\u2013113. IEEE Computer Society Press, May 2014","DOI":"10.1109\/SP.2014.14"},{"key":"27_CR8","doi-asserted-by":"crossref","unstructured":"Bhargavan, K., Fournet, C., Kohlweiss, M., Pironti, A., Strub, P.Y.: Implementing TLS with verified cryptographic security. In: 2013 IEEE Symposium on Security and Privacy, pp. 445\u2013459. IEEE Computer Society Press, May 2013","DOI":"10.1109\/SP.2013.37"},{"key":"27_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"682","DOI":"10.1007\/978-3-642-29011-4_40","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"A Boldyreva","year":"2012","unstructured":"Boldyreva, A., Degabriele, J.P., Paterson, K.G., Stam, M.: Security of symmetric encryption in the presence of ciphertext fragmentation. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 682\u2013699. Springer, Heidelberg (2012)"},{"key":"27_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"367","DOI":"10.1007\/978-3-662-43933-3_19","volume-title":"Fast Software Encryption","author":"A Boldyreva","year":"2014","unstructured":"Boldyreva, A., Degabriele, J.P., Paterson, K.G., Stam, M.: On symmetric encryption with distinguishable decryption failures. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 367\u2013390. Springer, Heidelberg (2014)"},{"key":"27_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-24660-2_1","volume-title":"Topics in Cryptology \u2013 CT-RSA 2004","author":"A Boldyreva","year":"2004","unstructured":"Boldyreva, A., Taesombut, N.: Online encryption schemes: new security notions and constructions. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 1\u201314. Springer, Heidelberg (2004)"},{"key":"27_CR12","unstructured":"Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000\/067 (2000). \n                      http:\/\/eprint.iacr.org\/2000\/067"},{"key":"27_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"453","DOI":"10.1007\/3-540-44987-6_28","volume-title":"Advances in Cryptology - EUROCRYPT 2001","author":"R Canetti","year":"2001","unstructured":"Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453\u2013474. Springer, Heidelberg (2001)"},{"key":"27_CR14","doi-asserted-by":"crossref","unstructured":"Degabriele, J.P., Paterson, K.G.: On the (in)security of IPsec in MAC-then-encrypt configurations. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM CCS 2010, pp. 493\u2013504. ACM Press, October 2010","DOI":"10.1145\/1866307.1866363"},{"key":"27_CR15","unstructured":"Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246 (Proposed Standard), August 2008. \n                      http:\/\/www.ietf.org\/rfc\/rfc5246.txt\n                      \n                     updated by RFCs 5746, 5878, 6176"},{"key":"27_CR16","unstructured":"Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. Internet-Draft (work in progress), January 2015. \n                      https:\/\/tools.ietf.org\/id\/draft-ietf-tls-tls13-04.txt\n                      \n                     (Expires: 7 July, 2015)"},{"key":"27_CR17","doi-asserted-by":"crossref","unstructured":"Fielding, R., Reschke, J.: Hypertext Transfer Protocol (HTTP\/1.1): Message Syntax and Routing. RFC 7230 (Proposed Standard), June 2014. \n                      http:\/\/www.ietf.org\/rfc\/rfc7230.txt","DOI":"10.17487\/rfc7230"},{"key":"27_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"145","DOI":"10.1007\/978-3-540-24654-1_11","volume-title":"SAC 2003","author":"PA Fouque","year":"2004","unstructured":"Fouque, P.A., Joux, A., Martinet, G., Valette, F.: Authenticated on-line encryption. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 145\u2013159. Springer, Heidelberg (2004)"},{"key":"27_CR19","unstructured":"Institute of Electrical and Electronics Engineers Inc: IEEE Standard 801.11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. \n                      http:\/\/standards.ieee.org\/about\/get\/802\/802.11.html"},{"key":"27_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/978-3-642-32009-5_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"T Jager","year":"2012","unstructured":"Jager, T., Kohlar, F., Sch\u00e4ge, S., Schwenk, J.: On the security of TLS-DHE in the standard model. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 273\u2013293. Springer, Heidelberg (2012)"},{"key":"27_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/3-540-45708-9_2","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"A Joux","year":"2002","unstructured":"Joux, A., Martinet, G., Valette, F.: Blockwise-adaptive attackers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 17\u201330. Springer, Heidelberg (2002)"},{"key":"27_CR22","unstructured":"Kent, S., Seo, K.: Security Architecture for the Internet Protocol. RFC 4301 (Proposed Standard), December 2005. \n                      http:\/\/www.ietf.org\/rfc\/rfc4301.txt\n                      \n                     (updated by RFC 6040)"},{"key":"27_CR23","unstructured":"Kohno, T., Palacio, A., Black, J.: Building secure cryptographic transforms, or how to encrypt and MAC. Cryptology ePrint Archive, Report 2003\/177 (2003). \n                      http:\/\/eprint.iacr.org\/2003\/177"},{"key":"27_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1007\/978-3-642-40041-4_24","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"H Krawczyk","year":"2013","unstructured":"Krawczyk, H., Paterson, K.G., Wee, H.: On the security of the TLS protocol: a systematic analysis. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 429\u2013448. Springer, Heidelberg (2013)"},{"key":"27_CR25","doi-asserted-by":"crossref","unstructured":"Maurer, U., Tackmann, B.: On the soundness of authenticate-then-encrypt: formalizing the malleability of symmetric encryption. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) ACM CCS 2010. pp. 505\u2013515. ACM Press, October 2010","DOI":"10.1145\/1866307.1866364"},{"key":"27_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"515","DOI":"10.1007\/3-540-36178-2_32","volume-title":"Advances in Cryptology - ASIACRYPT 2002","author":"C Namprempre","year":"2002","unstructured":"Namprempre, C.: Secure channels based on authenticated encryption schemes: a simple characterization. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 515\u2013532. Springer, Heidelberg (2002)"},{"key":"27_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"372","DOI":"10.1007\/978-3-642-25385-0_20","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"KG Paterson","year":"2011","unstructured":"Paterson, K.G., Ristenpart, T., Shrimpton, T.: Tag size Does matter: attacks and proofs for the TLS record protocol. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 372\u2013389. Springer, Heidelberg (2011)"},{"key":"27_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1007\/978-3-642-13190-5_18","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2010","author":"KG Paterson","year":"2010","unstructured":"Paterson, K.G., Watson, G.J.: Plaintext-dependent decryption: a formal security treatment of SSH-CTR. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 345\u2013361. Springer, Heidelberg (2010)"},{"key":"27_CR29","doi-asserted-by":"crossref","unstructured":"Postel, J.: User Datagram Protocol. RFC 768 (INTERNET STANDARD), August 1980. \n                      http:\/\/www.ietf.org\/rfc\/rfc768.txt","DOI":"10.17487\/rfc0768"},{"key":"27_CR30","unstructured":"Postel, J.: Transmission Control Protocol. RFC 793 (INTERNET STANDARD), September 1981. \n                      http:\/\/www.ietf.org\/rfc\/rfc793.txt\n                      \n                     (updated by RFCs 1122, 3168, 6093, 6528)"},{"key":"27_CR31","doi-asserted-by":"crossref","unstructured":"Rescorla, E., Modadugu, N.: Datagram Transport Layer Security Version 1.2. RFC 6347 (Proposed Standard), January 2012. \n                      http:\/\/www.ietf.org\/rfc\/rfc6347.txt","DOI":"10.17487\/rfc6347"},{"key":"27_CR32","doi-asserted-by":"crossref","unstructured":"Rogaway, P.: Authenticated-encryption with associated-data. In: Atluri, V. (ed.) ACM CCS 2002, pp. 98\u2013107. ACM Press, November 2002","DOI":"10.1145\/586110.586125"},{"key":"27_CR33","unstructured":"Roskind, J.: QUIC (Quick UDP Internet Connections): Multiplexed Stream Transport Over UDP, December 2013. \n                      https:\/\/docs.google.com\/document\/d\/1RNHkx_VvKWyWg6Lr8SZ-saqsQx7rFV-ev2jRFUoVD34\/\n                      \n                     (retrieved on 23 Jan 2015)"},{"key":"27_CR34","unstructured":"Shoup, V.: On formal models for secure key exchange. Cryptology ePrint Archive, Report 1999\/012 (1999). \n                      http:\/\/eprint.iacr.org\/1999\/012"},{"key":"27_CR35","unstructured":"Smyth, B., Pironti, A.: Truncating TLS connections to violate beliefs in web applications. In: WOOT 2013: 7th USENIX Workshop on Offensive Technologies. USENIX Association (2013) (first appeared at Black Hat USA 2013)"},{"key":"27_CR36","doi-asserted-by":"crossref","unstructured":"Ylonen, T., Lonvick, C.: The Secure Shell (SSH) Protocol Architecture. RFC 4251 (Proposed Standard), January 2006. \n                      http:\/\/www.ietf.org\/rfc\/rfc4251.txt","DOI":"10.17487\/rfc4251"},{"key":"27_CR37","doi-asserted-by":"crossref","unstructured":"Ylonen, T., Lonvick, C.: The Secure Shell (SSH) Transport Layer Protocol. RFC 4253 (Proposed Standard), January 2006. \n                      http:\/\/www.ietf.org\/rfc\/rfc4253.txt\n                      \n                    , updated by RFC 6668","DOI":"10.17487\/rfc4253"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology -- CRYPTO 2015"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-48000-7_27","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,9]],"date-time":"2019-08-09T20:08:42Z","timestamp":1565381322000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-48000-7_27"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783662479995","9783662480007"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-48000-7_27","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"1 August 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}