{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T04:18:39Z","timestamp":1769314719107,"version":"3.49.0"},"reference-count":49,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017,5]]},"DOI":"10.1109\/sp.2017.58","type":"proceedings-article","created":{"date-parts":[[2017,6,26]],"date-time":"2017-06-26T16:34:26Z","timestamp":1498494866000},"page":"463-482","source":"Crossref","is-referenced-by-count":58,"title":["Implementing and Proving the TLS 1.3 Record Layer"],"prefix":"10.1109","author":[{"given":"Antoine","family":"Delignat-Lavaud","sequence":"first","affiliation":[]},{"given":"Cedric","family":"Fournet","sequence":"additional","affiliation":[]},{"given":"Markulf","family":"Kohlweiss","sequence":"additional","affiliation":[]},{"given":"Jonathan","family":"Protzenko","sequence":"additional","affiliation":[]},{"given":"Aseem","family":"Rastogi","sequence":"additional","affiliation":[]},{"given":"Nikhil","family":"Swamy","sequence":"additional","affiliation":[]},{"given":"Santiago","family":"Zanella-Beguelin","sequence":"additional","affiliation":[]},{"given":"Karthikeyan","family":"Bhargavan","sequence":"additional","affiliation":[]},{"given":"Jianyang","family":"Pan","sequence":"additional","affiliation":[]},{"given":"Jean Karim","family":"Zinzindohoue","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25385-0_20"},{"key":"ref38","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7539"},{"key":"ref33","doi-asserted-by":"crossref","first-page":"429","DOI":"10.1007\/978-3-642-40041-4_24","article-title":"On the security of the TLS protocol: A systematic analysis","author":"krawczyk","year":"2013","journal-title":"Advances in Cryptology-CRYPTO 2013"},{"key":"ref32","article-title":"The OPTLS protocol and TLS 1.3","author":"krawczyk","year":"2015","journal-title":"Cryptology ePrint Archive"},{"key":"ref31","article-title":"The order of encryption and authentication for protecting communications (or: how secure is SSL?)","author":"krawczyk","year":"2001","journal-title":"Cryptology ePrint Archive"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-48658-5_15"},{"key":"ref37","author":"m\u00f6ller","year":"2014","journal-title":"This POODLE Bites Exploiting The SSL 3 0 Fallback"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5116"},{"key":"ref35","article-title":"Flexible and efficient message authentication in hardware and software","author":"mcgrew","year":"0","journal-title":"unpublished draft"},{"key":"ref34","article-title":"Limits on authenticated encryption use in TLS","author":"luykx","year":"2015","journal-title":"Personal"},{"key":"ref28","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813657"},{"key":"ref27","doi-asserted-by":"crossref","first-page":"273","DOI":"10.1007\/978-3-642-32009-5_17","article-title":"On the security of TLS-DHE in the standard model","author":"jager","year":"2012","journal-title":"Advances in Cryptology-CRYPTO 2012"},{"key":"ref29","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1007\/978-3-319-26617-6_5","article-title":"(de-) constructing TLS 1.3","author":"kohlweiss","year":"2015","journal-title":"Progress in Cryptology - INDOCRYPT 2015"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-52993-5_9"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.42"},{"key":"ref20","author":"duong","year":"2011","journal-title":"Here Come the ?ninjas"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-48000-7_27"},{"key":"ref21","first-page":"800","article-title":"Recommendation for block cipher modes of operation: Galois\/Counter mode (GCM) and GMAC","author":"dworkin","year":"2007","journal-title":"Tech Rep Natl Inst Stand Technol"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046746"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.34"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.17487\/rfc7366"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516694"},{"key":"ref10","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978423"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.37"},{"key":"ref40","author":"rizzo","year":"2012","journal-title":"The CRIME Attack"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.14"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44381-1_14"},{"key":"ref14","author":"b\u00f6ck","year":"2016","journal-title":"Wrong results with Poly1305 functions"},{"key":"ref15","article-title":"Nonce-disrespecting adversaries: Practical forgery attacks on GCM in TLS","author":"b\u00f6ck","year":"2016","journal-title":"Cryptology ePrint Archive"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-29485-8_4"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.35"},{"key":"ref18","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813653"},{"key":"ref19","author":"dowling","year":"2016","journal-title":"A cryptographic analysis of the TLS 1 3 draft-10 full and pre-shared key handshake protocol"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/2535838.2535847"},{"key":"ref3","first-page":"85","article-title":"Augmented secure channels and the goal of the TLS 1.3 record layer","author":"badertscher","year":"2016","journal-title":"9th InternationalConference on Provable Security ProvSec 2015"},{"key":"ref6","article-title":"Code-based game-playing proofs and the security of triple encryption","author":"bellare","year":"2004","journal-title":"Cryptology ePrint Archive"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1007\/11761679_25"},{"key":"ref8","first-page":"32","article-title":"The Poly1305-AES message-authentication code","author":"bernstein","year":"2005","journal-title":"12th InternationalWorkshopo on Fast Software Encryption FSE 2005"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-53018-4_10"},{"key":"ref49","first-page":"29","article-title":"Analysis of the SSL 3.0 protocol","author":"wagner","year":"1996","journal-title":"2nd USENIX Workshop on Electronic Commerce WOEC 1996"},{"key":"ref9","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_10"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1145\/2837614.2837655"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978411"},{"key":"ref48","article-title":"Online privacy and ISPs: ISP access to consumer data is limited and often less than access by others","author":"swire","year":"2016","journal-title":"Georgia Tech Tech Rep"},{"key":"ref47","article-title":"ChaCha20\/Poly1305 heap-buffer-overflow","author":"swi?cki","year":"2016","journal-title":"CVE-2016&#x2013;7054"},{"key":"ref42","article-title":"A trade-off between collision probability and key size in universal hashing using polynomials","author":"sarkar","year":"2009","journal-title":"Cryptology ePrint Archive"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.17487\/rfc5288"},{"key":"ref44","article-title":"Truncating TLS connections to violate beliefs in web applications","author":"smyth","year":"2014","journal-title":"Inria Tech Rep hal-01102013"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-68697-5_24"}],"event":{"name":"2017 IEEE Symposium on Security and Privacy (SP)","location":"San Jose, CA, USA","start":{"date-parts":[[2017,5,22]]},"end":{"date-parts":[[2017,5,26]]}},"container-title":["2017 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/7957740\/7958557\/07958593.pdf?arnumber=7958593","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,26]],"date-time":"2019-09-26T23:47:41Z","timestamp":1569541661000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7958593\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,5]]},"references-count":49,"URL":"https:\/\/doi.org\/10.1109\/sp.2017.58","relation":{},"subject":[],"published":{"date-parts":[[2017,5]]}}}