{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,13]],"date-time":"2026-03-13T20:58:31Z","timestamp":1773435511947,"version":"3.50.1"},"publisher-location":"Singapore","reference-count":36,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819655656","type":"print"},{"value":"9789819655663","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-5566-3_6","type":"book-chapter","created":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T20:23:14Z","timestamp":1749846194000},"page":"96-110","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Formal Treatment of\u00a0Envelope Encryption"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6723-722X","authenticated-orcid":false,"given":"Shoichi","family":"Hirose","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3427-6772","authenticated-orcid":false,"given":"Kazuhiko","family":"Minematsu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2025,6,14]]},"reference":[{"key":"6_CR1","unstructured":"Albertini, A., Duong, T., Gueron, S., K\u00f6lbl, S., Luykx, A., Schmieg, S.: How to abuse and fix authenticated encryption without key commitment. In: Butler, K.R.B., Thomas, K. (eds.) USENIX Security 2022, pp. 3291\u20133308. USENIX Association (2022). https:\/\/www.usenix.org\/conference\/usenixsecurity22\/presentation\/albertini"},{"key":"6_CR2","unstructured":"Alibaba Cloud: Use envelope encryption to encrypt and decrypt local data. https:\/\/www.alibabacloud.com\/help\/en\/kms\/support\/use-envelope-encryption-to-encrypt-and-decrypt-local-data. Accessed 08 Dec 2024"},{"key":"6_CR3","unstructured":"AWS Key Management Service: AWS KMS concepts. https:\/\/docs.aws.amazon.com\/kms\/latest\/developerguide\/concepts.html. Accessed 08 Dec 2024"},{"key":"6_CR4","doi-asserted-by":"crossref","unstructured":"Bellare, M., Hoang, V.T.: Efficient schemes for committing authenticated encryption. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Proceedings, Part II. LNCS, vol. 13276, pp. 845\u2013875. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-07085-3_29","DOI":"10.1007\/978-3-031-07085-3_29"},{"key":"6_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/3-540-44448-3_41","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531\u2013545. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44448-3_41"},{"key":"6_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/978-3-662-53018-4_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"M Bellare","year":"2016","unstructured":"Bellare, M., Tackmann, B.: The multi-user security of authenticated encryption: AES-GCM in TLS 1.3. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 247\u2013276. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_10"},{"key":"6_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"320","DOI":"10.1007\/978-3-642-28496-0_19","volume-title":"Selected Areas in Cryptography","author":"G Bertoni","year":"2012","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri, A., Vaudenay, S. (eds.) SAC 2011. LNCS, vol. 7118, pp. 320\u2013337. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-28496-0_19"},{"key":"6_CR8","doi-asserted-by":"crossref","unstructured":"Chan, J., Rogaway, P.: On committing authenticated-encryption. In: Atluri, V., Pietro, R.D., Jensen, C.D., Meng, W. (eds.) ESORICS 2022, Proceedings, Part II. LNCS, vol. 13555, pp. 275\u2013294. Springer, Heidelberg (2022). https:\/\/doi.org\/10.1007\/978-3-031-17146-8_14","DOI":"10.1007\/978-3-031-17146-8_14"},{"key":"6_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/978-3-319-96884-1_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"Y Dodis","year":"2018","unstructured":"Dodis, Y., Grubbs, P., Ristenpart, T., Woodage, J.: Fast message franking: from invisible salamanders to encryptment. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 155\u2013186. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96884-1_6"},{"key":"6_CR10","unstructured":"Facebook: Messenger secret conversations. Technical Whitepaper (2016). https:\/\/about.fb.com\/wp-content\/uploads\/2016\/07\/messenger-secret-conversations-technical-whitepaper.pdf"},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"Farshim, P., Orlandi, C., Rosie, R.: Security of symmetric primitives under incorrect usage of keys. IACR Trans. Symm. Cryptol. 2017(1), 449\u2013473 (2017). https:\/\/doi.org\/10.13154\/tosc.v2017.i1.449-473","DOI":"10.46586\/tosc.v2017.i1.449-473"},{"key":"6_CR12","unstructured":"Ganesan, R., Gobi, M., Vivekanandan, K.: A novel digital envelope approach for a secure e-commerce channel. Int. J. Netw. Secur. 11(3), 121\u2013127 (2010). http:\/\/ijns.jalaxy.com.tw\/contents\/ijns-v11-n3\/ijns-2010-v11-n3-p121-127.pdf"},{"key":"6_CR13","unstructured":"Google Cloud: Envelope encryption. https:\/\/cloud.google.com\/kms\/docs\/envelope-encryption. Accessed 08 Dec 2024"},{"key":"6_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"66","DOI":"10.1007\/978-3-319-63697-9_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"P Grubbs","year":"2017","unstructured":"Grubbs, P., Lu, J., Ristenpart, T.: Message franking via committing authenticated encryption. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 66\u201397. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_3"},{"key":"6_CR15","unstructured":"Gueron, S., Langley, A., Lindell, Y.: AES-GCM-SIV: Specification and analysis. Cryptology ePrint Archive, Paper 2017\/168 (2017). https:\/\/eprint.iacr.org\/2017\/168"},{"key":"6_CR16","unstructured":"Hirose, S., Minematsu, K.: Compactly committing authenticated encryption using encryptment and tweakable block cipher. Cryptology ePrint Archive, Paper 2022\/1670 (2022). https:\/\/eprint.iacr.org\/2022\/1670"},{"key":"6_CR17","unstructured":"Hirose, S., Minematsu, K.: A formal treatment of envelope encryption. Cryptology ePrint Archive, Paper 2023\/1727 (2023). https:\/\/eprint.iacr.org\/2023\/1727"},{"key":"6_CR18","unstructured":"IBM Cloud: Protecting your data with envelope encryption. https:\/\/cloud.ibm.com\/docs\/hs-crypto?topic=hs-crypto-envelope-encryption. Accessed 08 Dec 2024"},{"key":"6_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1007\/3-540-44987-6_32","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2001","author":"CS Jutla","year":"2001","unstructured":"Jutla, C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 529\u2013544. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_32"},{"key":"6_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"284","DOI":"10.1007\/3-540-44706-7_20","volume-title":"Fast Software Encryption","author":"J Katz","year":"2001","unstructured":"Katz, J., Yung, M.: Unforgeable encryption and chosen ciphertext secure modes of operation. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 284\u2013299. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44706-7_20"},{"key":"6_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"306","DOI":"10.1007\/978-3-642-21702-9_18","volume-title":"Fast Software Encryption","author":"T Krovetz","year":"2011","unstructured":"Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306\u2013327. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21702-9_18"},{"key":"6_CR22","doi-asserted-by":"publisher","unstructured":"Krovetz, T., Rogaway, P.: The design and evolution of OCB. J. Cryptol. 34(4), 36 (2021). https:\/\/doi.org\/10.1007\/s00145-021-09399-8","DOI":"10.1007\/s00145-021-09399-8"},{"key":"6_CR23","unstructured":"Kubernetes: Encrypting confidential data at rest. https:\/\/kubernetes.io\/docs\/tasks\/administer-cluster\/encrypt-data\/. Accessed 08 Dec 2024"},{"key":"6_CR24","unstructured":"Len, J., Grubbs, P., Ristenpart, T.: Partitioning oracle attacks. In: Bailey, M., Greenstadt, R. (eds.) USENIX Security 2021, pp. 195\u2013212. USENIX Association (2021). https:\/\/www.usenix.org\/conference\/usenixsecurity21\/presentation\/len"},{"key":"6_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-45708-9_3","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"M Liskov","year":"2002","unstructured":"Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31\u201346. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_3"},{"key":"6_CR26","unstructured":"Madden, N.: When a KEM is not enough. https:\/\/neilmadden.blog\/2021\/02\/16\/when-a-kem-is-not-enough\/. Accessed 29 July 2024"},{"key":"6_CR27","unstructured":"Microsoft Azure: Client-side encryption for blobs. https:\/\/learn.microsoft.com\/en-us\/azure\/storage\/blobs\/client-side-encryption. Accessed 08 Dec 2024"},{"key":"6_CR28","doi-asserted-by":"crossref","unstructured":"Nir, Y., Langley, A.: ChaCha20 and Poly1305 for IETF protocols. RFC 8439 (2018). https:\/\/doi.org\/10.17487\/RFC8439","DOI":"10.17487\/RFC8439"},{"key":"6_CR29","doi-asserted-by":"publisher","unstructured":"NIST Special Publication 800-38D: Recommendation for block cipher modes of operation: Galois\/counter mode (GCM) and GMAC (2007). https:\/\/doi.org\/10.6028\/NIST.SP.800-38D","DOI":"10.6028\/NIST.SP.800-38D"},{"key":"6_CR30","doi-asserted-by":"publisher","unstructured":"NIST Special Publication 800-38F: Recommendation for block cipher modes of operation: Methods for key wrapping (2012). https:\/\/doi.org\/10.6028\/NIST.SP.800-38F","DOI":"10.6028\/NIST.SP.800-38F"},{"key":"6_CR31","doi-asserted-by":"crossref","unstructured":"P\u00e9rez, S., Ramos, J.L.H., Pedone, D., Rotondi, D., Straniero, L., Skarmeta, A.F.: A digital envelope approach using attribute-based encryption for secure data exchange in iot scenarios. In: GIoTS 2017, pp.\u00a01\u20136. IEEE (2017). https:\/\/doi.org\/10.1109\/GIOTS.2017.8016281","DOI":"10.1109\/GIOTS.2017.8016281"},{"key":"6_CR32","doi-asserted-by":"publisher","unstructured":"Rogaway, P.: Authenticated-encryption with associated-data. In: Atluri, V. (ed.) CCS 2002, pp. 98\u2013107. ACM (2002). https:\/\/doi.org\/10.1145\/586110.586125","DOI":"10.1145\/586110.586125"},{"key":"6_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1007\/11761679_23","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"P Rogaway","year":"2006","unstructured":"Rogaway, P., Shrimpton, T.: A provable-security treatment of the key-wrap problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 373\u2013390. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11761679_23"},{"key":"6_CR34","doi-asserted-by":"crossref","unstructured":"Sosa, V.J.S., Morales-Sandoval, M., Telles-Hurtado, O., Compe\u00e1n, J.L.G.: Protecting data in the cloud: an assessment of practical digital envelopes from attribute based encryption. In: Bernardino, J., Quix, C., Filipe, J. (eds.) DATA 2017, pp. 382\u2013390. SciTePress (2017). https:\/\/doi.org\/10.5220\/0006484603820390","DOI":"10.5220\/0006484603820390"},{"issue":"2","key":"6_CR35","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1080\/10798587.2015.1095488","volume":"22","author":"A Xiong","year":"2016","unstructured":"Xiong, A., Xu, C.: Cloud storage access control scheme of ciphertext algorithm based on digital envelope. Intell. Autom. Soft Comput. 22(2), 289\u2013294 (2016). https:\/\/doi.org\/10.1080\/10798587.2015.1095488","journal-title":"Intell. Autom. Soft Comput."},{"key":"6_CR36","unstructured":"Yandex Cloud: Envelope encryption. https:\/\/yandex.cloud\/en\/docs\/kms\/concepts\/envelope. Accessed 08 Dec 2024"}],"container-title":["Lecture Notes in Computer Science","Information Security and Cryptology \u2013 ICISC 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-5566-3_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,13]],"date-time":"2025-06-13T20:23:18Z","timestamp":1749846198000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-5566-3_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9789819655656","9789819655663"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-5566-3_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"14 June 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICISC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Information Security and Cryptology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Seoul","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Korea (Republic of)","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 November 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"22 November 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"27","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icisc2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.icisc.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}