{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:12:26Z","timestamp":1772039546335,"version":"3.50.1"},"reference-count":33,"publisher":"IEEE","license":[{"start":{"date-parts":[[2023,5,21]],"date-time":"2023-05-21T00:00:00Z","timestamp":1684627200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-009"},{"start":{"date-parts":[[2023,5,21]],"date-time":"2023-05-21T00:00:00Z","timestamp":1684627200000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-001"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,5,21]]},"DOI":"10.1109\/sp46215.2023.10351027","type":"proceedings-article","created":{"date-parts":[[2023,12,11]],"date-time":"2023-12-11T19:01:53Z","timestamp":1702321313000},"page":"164-181","source":"Crossref","is-referenced-by-count":18,"title":["Practically-exploitable Cryptographic Vulnerabilities in Matrix"],"prefix":"10.1109","author":[{"given":"Martin R.","family":"Albrecht","sequence":"first","affiliation":[{"name":"King&#x2019;s College London"}]},{"given":"Sof\u00eda","family":"Celi","sequence":"additional","affiliation":[{"name":"Brave Software"}]},{"given":"Benjamin","family":"Dowling","sequence":"additional","affiliation":[{"name":"University of Sheffield,Security of Advanced Systems Group"}]},{"given":"Daniel","family":"Jones","sequence":"additional","affiliation":[{"name":"University of London,Information Security Group, Royal Holloway"}]}],"member":"263","reference":[{"key":"ref1","article-title":"Client-Server API (unstable)"},{"key":"ref2","article-title":"Olm: A cryptographic ratchet"},{"key":"ref3","article-title":"Megolm group ratchet"},{"key":"ref4","article-title":"Simplifying OTR deniability","author":"Marlinspike","year":"2013"},{"key":"ref5","article-title":"The X3DH key agreement protocol","year":"2016"},{"key":"ref6","article-title":"The Double Ratchet algorithm","year":"2016"},{"key":"ref7","article-title":"Matrix Olm cryptographic review","author":"Meredith","year":"2016","journal-title":"NCC Group, Tech. Rep."},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1007\/s13389-012-0027-1"},{"key":"ref9","volume-title":"Real-world Cryptography.","author":"Wong","year":"2021"},{"key":"ref10","article-title":"Independent public audit of Vodozemac, a native rust reference implementation of Matrix end-to-end encryption","author":"Hodgson"},{"key":"ref11","article-title":"Vodozemac Security Audit Report","volume-title":"Least Authority, Tech. Rep.","author":"Kaplan","year":"2022"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.41"},{"key":"ref13","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-020-09360-1"},{"key":"ref14","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-17653-2_5"},{"key":"ref15","article-title":"Private group messaging","author":"Marlinspike","year":"2014"},{"key":"ref16","doi-asserted-by":"publisher","DOI":"10.1109\/eurosp.2018.00036"},{"key":"ref17","article-title":"A new hope: matrix-rust-sdk"},{"key":"ref18","article-title":"This week in Matrix 2022-09-30","author":"Hodgson"},{"key":"ref19","article-title":"Clients Matrix"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.180-1"},{"key":"ref21","doi-asserted-by":"publisher","DOI":"10.17487\/rfc2104"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.17487\/rfc2104"},{"key":"ref23","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-14623-7_34"},{"key":"ref24","article-title":"RFC 5869: HMAC-based Extract-and-Expand Key Derivation Function (HKDF)","author":"Krawczyk","year":"2010"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.6028\/nist.fips.197"},{"key":"ref26","doi-asserted-by":"crossref","DOI":"10.6028\/NIST.SP.800-38a","article-title":"Recommendation for Block Cipher Modes of Operation: Methods and Techniques","volume-title":"National Institute of Standards and Technology, Tech. Rep. NIST Special Publication (SP) 800-38A","author":"Dworkin","year":"2001"},{"key":"ref27","article-title":"RFC 5652: Cryptographic Message Syntax (CMS)","author":"Housley","year":"2009"},{"key":"ref28","article-title":"MSC2732: Olm fallback keys","year":"2021"},{"key":"ref29","article-title":"Implementing more advanced e2ee features, such as cross-signing","year":"2021"},{"key":"ref30","doi-asserted-by":"crossref","DOI":"10.17487\/rfc6189","article-title":"RTP: Media Path Key Agreement for Unicast Secure RTP","author":"Zimmermann","year":"2011"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1007\/11745853_14"},{"key":"ref32","article-title":"MSC3270: Symmetric megolm backup","year":"2021"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417887"}],"event":{"name":"2023 IEEE Symposium on Security and Privacy (SP)","location":"San Francisco, CA, USA","start":{"date-parts":[[2023,5,21]]},"end":{"date-parts":[[2023,5,25]]}},"container-title":["2023 IEEE Symposium on Security and Privacy (SP)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/10179215\/10179280\/10351027.pdf?arnumber=10351027","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,21]],"date-time":"2024-07-21T04:12:22Z","timestamp":1721535142000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/10351027\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,21]]},"references-count":33,"URL":"https:\/\/doi.org\/10.1109\/sp46215.2023.10351027","relation":{},"subject":[],"published":{"date-parts":[[2023,5,21]]}}}