{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,17]],"date-time":"2026-03-17T03:15:37Z","timestamp":1773717337326,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2015,10,12]],"date-time":"2015-10-12T00:00:00Z","timestamp":1444608000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Deutsche Forschungsgemeinschaft","award":["GRK 1817\/1"],"award-info":[{"award-number":["GRK 1817\/1"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2015,10,12]]},"DOI":"10.1145\/2810103.2813683","type":"proceedings-article","created":{"date-parts":[[2015,10,6]],"date-time":"2015-10-06T15:22:12Z","timestamp":1444144932000},"page":"1224-1235","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":9,"title":["TOPAS"],"prefix":"10.1145","author":[{"given":"Sven","family":"Sch\u00e4ge","sequence":"first","affiliation":[{"name":"Ruhr-Universit\u00e4t Bochum, Bochum, Germany"}]}],"member":"320","published-online":{"date-parts":[[2015,10,12]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Michel\n      Abdalla Mihir\n      Bellare and \n      Phillip\n      Rogaway\n    .\n  The oracle Diffie-Hellman assumptions and an analysis of DHIES\n  . In David Naccache editor CT-RSA \n  2001 volume \n  2020\n   of \n  LNCS pages \n  143\n  --\n  158\n  . \n  Springer April 2001.   Michel Abdalla Mihir Bellare and Phillip Rogaway. The oracle Diffie-Hellman assumptions and an analysis of DHIES. In David Naccache editor CT-RSA 2001 volume 2020 of LNCS pages 143--158. Springer April 2001.","DOI":"10.1007\/3-540-45353-9_12"},{"key":"e_1_3_2_1_2_1","unstructured":"Google Security Team Adam Langley. Protecting data for the long term with forward secrecy. http:\/\/googleonlinesecurity.blogspot.co.uk\/2011\/11\/protecting-data-for-long-term-with.html.  Google Security Team Adam Langley. Protecting data for the long term with forward secrecy. http:\/\/googleonlinesecurity.blogspot.co.uk\/2011\/11\/protecting-data-for-long-term-with.html."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1007\/11693383_22"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-46447-2_21"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-010-9078-6"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"crossref","unstructured":"Dan\n      Boneh Craig\n      Gentry Ben\n      Lynn and \n      Hovav\n      Shacham\n    .\n  Aggregate and verifiably encrypted signatures from bilinear maps\n  . In Eli Biham editor EUROCRYPT \n  2003 volume \n  2656\n   of \n  LNCS pages \n  416\n  --\n  432\n  . \n  Springer May 2003.   Dan Boneh Craig Gentry Ben Lynn and Hovav Shacham. Aggregate and verifiably encrypted signatures from bilinear maps. In Eli Biham editor EUROCRYPT 2003 volume 2656 of LNCS pages 416--432. Springer May 2003.","DOI":"10.1007\/3-540-39200-9_26"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-004-0314-9"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-85538-5_3"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"crossref","unstructured":"Ran\n      Canetti\n     and \n      Hugo\n      Krawczyk\n    .\n  Analysis of key-exchange protocols and their use for building secure channels\n  . In Birgit Pfitzmann editor EUROCRYPT \n  2001 volume \n  2045\n   of \n  LNCS pages \n  453\n  --\n  474\n  . \n  Springer May 2001.   Ran Canetti and Hugo Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. In Birgit Pfitzmann editor EUROCRYPT 2001 volume 2045 of LNCS pages 453--474. Springer May 2001.","DOI":"10.1007\/3-540-44987-6_28"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"crossref","unstructured":"David\n      Cash Eike\n      Kiltz and \n      Victor\n      Shoup\n    .\n  The twin Diffie-Hellman problem and applications\n  . In Nigel P. Smart editor EUROCRYPT \n  2008 volume \n  4965\n   of \n  LNCS pages \n  127\n  --\n  145\n  . \n  Springer April 2008.   David Cash Eike Kiltz and Victor Shoup. The twin Diffie-Hellman problem and applications. In Nigel P. Smart editor EUROCRYPT 2008 volume 4965 of LNCS pages 127--145. Springer April 2008.","DOI":"10.1007\/978-3-540-78967-3_8"},{"key":"e_1_3_2_1_11_1","series-title":"LNCS","first-page":"274","volume-title":"Willy Susilo and Yi Mu","author":"Chen Yu","year":"2014"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"crossref","unstructured":"Cas J.\n     F.\n  Cremers and Michele Feltz. Beyond eCK: Perfect forward secrecy under actor compromise and ephemeral-key reveal\n  . In Sara Foresti Moti Yung and Fabio Martinelli editors ESORICS \n  2012 volume \n  7459\n   of \n  LNCS pages \n  734\n  --\n  751\n  . \n  Springer September 2012.  Cas J. F. Cremers and Michele Feltz. Beyond eCK: Perfect forward secrecy under actor compromise and ephemeral-key reveal. In Sara Foresti Moti Yung and Fabio Martinelli editors ESORICS 2012 volume 7459 of LNCS pages 734--751. Springer September 2012.","DOI":"10.1007\/978-3-642-33167-1_42"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180454"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1976.1055638"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-11925-5_12"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"crossref","unstructured":"Marc\n      Fischlin\n     and \n      Nils\n      Fleischhacker\n    .\n  Limitations of the meta-reduction technique: The case of schnorr signatures\n  . In Thomas Johansson and Phong Q. Nguyen editors EUROCRYPT \n  2013 volume \n  7881\n   of \n  LNCS pages \n  444\n  --\n  460\n  . \n  Springer May 2013.  Marc Fischlin and Nils Fleischhacker. Limitations of the meta-reduction technique: The case of schnorr signatures. In Thomas Johansson and Phong Q. Nguyen editors EUROCRYPT 2013 volume 7881 of LNCS pages 444--460. Springer May 2013.","DOI":"10.1007\/978-3-642-38348-9_27"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.dam.2007.12.010"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Rosario\n      Gennaro Hugo\n      Krawczyk and \n      Tal\n      Rabin\n    .\n  Okamoto-Tanaka revisited: Fully authenticated Diffie-Hellman with minimal overhead\n  . In Jianying Zhou and Moti Yung editors ACNS 10 volume \n  6123\n   of \n  LNCS pages \n  309\n  --\n  328\n  . \n  Springer June \n  2010\n  .   Rosario Gennaro Hugo Krawczyk and Tal Rabin. Okamoto-Tanaka revisited: Fully authenticated Diffie-Hellman with minimal overhead. In Jianying Zhou and Moti Yung editors ACNS 10 volume 6123 of LNCS pages 309--328. Springer June 2010.","DOI":"10.1007\/978-3-642-13708-2_19"},{"key":"e_1_3_2_1_19_1","first-page":"114","volume-title":"SKEME: a versatile secure key exchange mechanism for internet","author":"Krawczyk Hugo","year":"1996"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/11535218_33"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1023\/A:1022595222606"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/49.17711"},{"key":"e_1_3_2_1_24_1","unstructured":"Transport Layer Security working group of the IETF. Confirming consensus on removing RSA key transport from TLS 1.3. http:\/\/www.ietf.org\/mail-archive\/web\/tls\/current\/msg12362.html.  Transport Layer Security working group of the IETF. Confirming consensus on removing RSA key transport from TLS 1.3. http:\/\/www.ietf.org\/mail-archive\/web\/tls\/current\/msg12362.html."}],"event":{"name":"CCS'15: The 22nd ACM Conference on Computer and Communications Security","location":"Denver Colorado USA","acronym":"CCS'15","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813683","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2810103.2813683","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:24Z","timestamp":1750225704000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2810103.2813683"}},"subtitle":["2-Pass Key Exchange with Full Perfect Forward Secrecy and Optimal Communication Complexity"],"short-title":[],"issued":{"date-parts":[[2015,10,12]]},"references-count":23,"alternative-id":["10.1145\/2810103.2813683","10.1145\/2810103"],"URL":"https:\/\/doi.org\/10.1145\/2810103.2813683","relation":{},"subject":[],"published":{"date-parts":[[2015,10,12]]},"assertion":[{"value":"2015-10-12","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}