{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,25]],"date-time":"2026-01-25T04:16:22Z","timestamp":1769314582299,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2016,10,24]],"date-time":"2016-10-24T00:00:00Z","timestamp":1477267200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2016,10,24]]},"DOI":"10.1145\/2976749.2978325","type":"proceedings-article","created":{"date-parts":[[2016,10,25]],"date-time":"2016-10-25T12:46:35Z","timestamp":1477399595000},"page":"1438-1450","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["A Unilateral-to-Mutual Authentication Compiler for Key Exchange (with Applications to Client Authentication in TLS 1.3)"],"prefix":"10.1145","author":[{"given":"Hugo","family":"Krawczyk","sequence":"first","affiliation":[{"name":"IBM Research, Yorktown Heights, NY, USA"}]}],"member":"320","published-online":{"date-parts":[[2016,10,24]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"M.\n      Bellare\n     and \n      P.\n      Rogaway\n  . \n  Entity authentication and key distribution\n  . In D. R. Stinson editor CRYPTO volume \n  773\n   of \n  Lecture Notes in Computer Science pages \n  232\n  --\n  249\n  . \n  Springer 1993\n  . ISBN 3--540--57766--1.   M. Bellare and P. Rogaway. Entity authentication and key distribution. In D. R. Stinson editor CRYPTO volume 773 of Lecture Notes in Computer Science pages 232--249. Springer 1993. ISBN 3--540--57766--1."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/276698.276854"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.39"},{"key":"e_1_3_2_1_4_1","volume-title":"IKE and SSH. In 23nd Annual Network and Distributed System Security Symposium, NDSS 2016","author":"Bhargavan K.","year":"2016","unstructured":"K. Bhargavan and G. Leurent . Transcript collision attacks: Breaking authentication in tls , IKE and SSH. In 23nd Annual Network and Distributed System Security Symposium, NDSS 2016 , San Diego, California, USA, February 21--24 , 2016 . The Internet Society, 2016. URL http:\/\/www.internetsociety.org\/events\/ndss-symposium-2016. K. Bhargavan and G. Leurent. Transcript collision attacks: Breaking authentication in tls, IKE and SSH. In 23nd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, February 21--24, 2016. The Internet Society, 2016. URL http:\/\/www.internetsociety.org\/events\/ndss-symposium-2016."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.37"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2014.14"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23277"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-013-0192-y"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.5555\/647086.715688"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.5555\/647087.715825"},{"key":"e_1_3_2_1_11_1","volume-title":"Automated verification of TLS 1.3: 0-RTT, resumption and delayed authentication","author":"Cremers C.","year":"2016","unstructured":"C. Cremers , M. Horvat , S. Scott , and T. van der Merwe . Automated verification of TLS 1.3: 0-RTT, resumption and delayed authentication . In IEEE S &P 2016 ., 2016. C. Cremers, M. Horvat, S. Scott, and T. van der Merwe. Automated verification of TLS 1.3: 0-RTT, resumption and delayed authentication. In IEEE S&P 2016., 2016."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813653"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660308"},{"key":"e_1_3_2_1_15_1","unstructured":"M.\n      Fischlin F.\n      G\u00fcnther G. A.\n      Marson and \n      K. G.\n      Paterson\n  . \n  Data is a stream: Security of stream-based channels\n  . In R. Gennaro and M. J. B. Robshaw editors CRYPTO \n  2015 Part II volume \n  9216\n   of \n  LNCS pages \n  545\n  --\n  564\n  . \n  Springer Heidelberg Aug. 2015. 10.1007\/978--3--662--48000--7_27.  M. Fischlin F. G\u00fcnther G. A. Marson and K. G. Paterson. Data is a stream: Security of stream-based channels. In R. Gennaro and M. J. B. Robshaw editors CRYPTO 2015 Part II volume 9216 of LNCS pages 545--564. Springer Heidelberg Aug. 2015. 10.1007\/978--3--662--48000--7_27."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10623-011-9604-z"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/322510.322514"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1964658.1964685"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"crossref","unstructured":"T.\n      Jager F.\n      Kohlar S.\n      Schage and \n      J.\n      Schwenk\n  . \n  Generic compilers for authenticated key exchange\n  . In M. Abe editor ASIACRYPT \n  2010 volume \n  6477\n   of \n  LNCS pages \n  232\n  --\n  249\n  . \n  Springer Heidelberg Dec. 2010.  T. Jager F. Kohlar S. Schage and J. Schwenk. Generic compilers for authenticated key exchange. In M. Abe editor ASIACRYPT 2010 volume 6477 of LNCS pages 232--249. Springer Heidelberg Dec. 2010.","DOI":"10.1007\/978-3-642-17373-8_14"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32009-5_17"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-26617-6_5"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-45146-4_24"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2016.18"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-40041-4_24"},{"key":"e_1_3_2_1_27_1","volume-title":"QUIC crypto","author":"Langley A.","year":"2013","unstructured":"A. Langley and W.-T. Chang . QUIC crypto , 2013 . URL http:\/\/tinyurl.com\/lrrjyjs. A. Langley and W.-T. Chang. QUIC crypto, 2013. URL http:\/\/tinyurl.com\/lrrjyjs."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.21"},{"key":"e_1_3_2_1_29_1","volume-title":"Key exchange with unilateral authentication: Composable security definition and modular protocol design. IACR Cryptology ePrint Archive","author":"Maurer U.","year":"2013","unstructured":"U. Maurer , B. Tackmann , and S. Coretti . Key exchange with unilateral authentication: Composable security definition and modular protocol design. IACR Cryptology ePrint Archive , 2013 : 555, 2013. URL http:\/\/eprint.iacr.org\/2013\/555. U. Maurer, B. Tackmann, and S. Coretti. Key exchange with unilateral authentication: Composable security definition and modular protocol design. IACR Cryptology ePrint Archive, 2013: 555, 2013. URL http:\/\/eprint.iacr.org\/2013\/555."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-89255-7_5"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-25385-0_20"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180454"},{"key":"e_1_3_2_1_33_1","volume-title":"Dec.","author":"Rescorla E.","year":"2015","unstructured":"E. Rescorla . The transport layer security (TLS) protocol version 1.3 (draft 13) , Dec. 2015 . URL https:\/\/tools.ietf.org\/html\/draft-ietf-tls-tls13--13. E. Rescorla. The transport layer security (TLS) protocol version 1.3 (draft 13), Dec. 2015. URL https:\/\/tools.ietf.org\/html\/draft-ietf-tls-tls13--13."}],"event":{"name":"CCS'16: 2016 ACM SIGSAC Conference on Computer and Communications Security","location":"Vienna Austria","acronym":"CCS'16","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978325","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2976749.2978325","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:56:17Z","timestamp":1750222577000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2976749.2978325"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,10,24]]},"references-count":30,"alternative-id":["10.1145\/2976749.2978325","10.1145\/2976749"],"URL":"https:\/\/doi.org\/10.1145\/2976749.2978325","relation":{},"subject":[],"published":{"date-parts":[[2016,10,24]]},"assertion":[{"value":"2016-10-24","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}