{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:31:48Z","timestamp":1766442708489,"version":"3.48.0"},"publisher-location":"New York, NY, USA","reference-count":33,"publisher":"ACM","funder":[{"DOI":"10.13039\/501100001665","name":"Agence Nationale de la Recherche","doi-asserted-by":"publisher","award":["ANR-22-PETQ-0008 PQ-TLS"],"award-info":[{"award-number":["ANR-22-PETQ-0008 PQ-TLS"]}],"id":[{"id":"10.13039\/501100001665","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2025,11,19]]},"DOI":"10.1145\/3719027.3765165","type":"proceedings-article","created":{"date-parts":[[2025,11,22]],"date-time":"2025-11-22T23:42:02Z","timestamp":1763854922000},"page":"1200-1214","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Subversion-resilient Key-exchange in the Post-quantum World"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-2358-0609","authenticated-orcid":false,"given":"K\u00e9vin","family":"Duverger","sequence":"first","affiliation":[{"name":"Universit\u00e9 de Limoges, XLIM, CNRS 7252, Limoges, France"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4997-2276","authenticated-orcid":false,"given":"Pierre-Alain","family":"Fouque","sequence":"additional","affiliation":[{"name":"Universit\u00e9 de Rennes, Rennes, France"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-4465-3150","authenticated-orcid":false,"given":"Charlie","family":"Jacomme","sequence":"additional","affiliation":[{"name":"Universit\u00e9 de Lorraine, CNRS, Inria, LORIA, Nancy, France"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2497-8770","authenticated-orcid":false,"given":"Guilhem","family":"Niot","sequence":"additional","affiliation":[{"name":"Universit\u00e9 de Rennes, CNRS, IRISA, PQShield, Rennes, France"}]},{"ORCID":"https:\/\/orcid.org\/0009-0009-4638-0639","authenticated-orcid":false,"given":"Cristina","family":"Onete","sequence":"additional","affiliation":[{"name":"Universit\u00e9 de Limoges, XLIM, CNRS 7252, Limoges, France"}]}],"member":"320","published-online":{"date-parts":[[2025,11,22]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2014. The Heartbleed vulnerability. CVE-2014-0160. https:\/\/www.heartbleed. com\/"},{"key":"e_1_3_2_1_2_1","unstructured":"2019. ChaCha20-Poly1305 with Long Nonces. CVE-2019--1543. https:\/\/www.cve.org\/CVERecord?id=CVE-2019--1543"},{"key":"e_1_3_2_1_3_1","unstructured":"2022. Timing-based side-channel in OpenSSL RSA Decryption. CVE-2022--4304. https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2022--4304"},{"key":"e_1_3_2_1_4_1","unstructured":"2024. Backdoor in upstream xz\/liblzma leading to SSH server compromise. CVE- 2024--3094. https:\/\/www.openwall.com\/lists\/oss-security\/2024\/03\/29\/4"},{"key":"e_1_3_2_1_5_1","unstructured":"Carlos Aguilar Melchor Nicolas Aragon Slim Bettaieb Lo\u00efc Bidoux Olivier Blazy Jurjen Bos Jean-Christophe Deneuville Arnaud Dion Philippe Gaborit J\u00e9r\u00f4me Lacan Edoardo Persichetti Jean-Marc Robert Pascal V\u00e9ron and Gilles Z\u00e9mor. 2025. Hamming Quasi-Cyclic (HQC). https:\/\/pqc-hqc.org\/index.html"},{"key":"e_1_3_2_1_6_1","unstructured":"Roberto Avanzi Joppe Bos L\u00e9o Ducas Eike Kiltz Tancr\u00e8de Lepoint Vadim Lyubashevsky JohnMSchanck Peter Schwabe Gregor Seiler and Damien Stehl\u00e9. 2022. CRYSTALS-Kyber. https:\/\/pq-crystals.org\/kyber\/index.shtml"},{"key":"e_1_3_2_1_7_1","volume-title":"An Interactive Prover for Protocol Verification in the Computational Model. In 42nd IEEE Symposium on Security and Privacy, SP 2021","author":"Baelde David","year":"2021","unstructured":"David Baelde, St\u00e9phanie Delaune, Charlie Jacomme, Adrien Koutsos, and Sol\u00e8ne Moreau. 2021. An Interactive Prover for Protocol Verification in the Computational Model. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24--27 May 2021. IEEE, 537--554."},{"key":"e_1_3_2_1_8_1","volume-title":"Proceedings (Lecture Notes in Computer Science","volume":"90","author":"Barthe Gilles","year":"2011","unstructured":"Gilles Barthe, Benjamin Gr\u00e9goire, Sylvain Heraud, and Santiago Zanella B\u00e9guelin. 2011. Computer-Aided Security Proofs for the Working Cryptographer. In Advances in Cryptology - CRYPTO 2011 - 31st Annual Cryptology Conference, Santa Barbara, CA, USA, August 14--18, 2011. Proceedings (Lecture Notes in Computer Science, Vol. 6841), Phillip Rogaway (Ed.). Springer, 71--90."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-44371-2_1"},{"key":"e_1_3_2_1_10_1","volume-title":"Proceedings of PKC. 627--658","author":"Bemmann Pascal","year":"2021","unstructured":"Pascal Bemmann, Rongmao Chen, and Tibor Jager. 2021. Subversion-Resilient Public Key Encryption with PracticalWatchdogs. In Proceedings of PKC. 627--658."},{"key":"e_1_3_2_1_11_1","first-page":"256","article-title":"Dual EC","volume":"9100","author":"Bernstein Daniel J.","year":"2015","unstructured":"Daniel J. Bernstein, Tanja Lange, and Ruben Niederhagen. 2015. Dual EC: A Standardized Back Door. In LNCS Essays on The New Codebreakers - Volume 9100. 256--281.","journal-title":"A Standardized Back Door. In LNCS Essays on The New Codebreakers -"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2017.26"},{"key":"e_1_3_2_1_13_1","volume-title":"33rd USENIX Security Symposium (USENIX Security 24)","author":"Bhargavan Karthikeyan","year":"2024","unstructured":"Karthikeyan Bhargavan, Charlie Jacomme, Franziskus Kiefer, and Rolfe Schmidt. 2024. Formal verification of the PQXDH Post-Quantum key agreement protocol for end-to-end secure messaging. In 33rd USENIX Security Symposium (USENIX Security 24). 469--486."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2007.1005"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF61375.2024.00050"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP.2018.00032"},{"key":"e_1_3_2_1_17_1","volume-title":"ESORICS 2020, Guildford, UK, September 14--18, 2020, Proceedings, Part I 25","author":"Bossuat Ang\u00e8le","year":"2020","unstructured":"Ang\u00e8le Bossuat, Xavier Bultel, Pierre-Alain Fouque, Cristina Onete, and Thyla van Der Merwe. 2020. Designing reverse firewalls for the real world. In Computer Security--ESORICS 2020: 25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14--18, 2020, Proceedings, Part I 25. Springer, 193--213."},{"key":"e_1_3_2_1_18_1","first-page":"4","article-title":"From Computationally-Proved Protocol Specifications to Implementations and Application to SSH","volume":"4","author":"Cad\u00e9 David","year":"2013","unstructured":"David Cad\u00e9 and Bruno Blanchet. 2013. From Computationally-Proved Protocol Specifications to Implementations and Application to SSH. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl. 4, 1 (2013), 4--31.","journal-title":"J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3-030--17253--4_8"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--662--53018--4_13"},{"key":"e_1_3_2_1_22_1","unstructured":"K\u00e9vin Duverger Pierre-Alain Fouque Charlie Jacomme Guilhem Niot and Cristina Onete. 2025. CryptoVerif models. https:\/\/github.com\/charlie-j\/ subversion-resilient-pqke"},{"key":"e_1_3_2_1_23_1","volume-title":"Subversion-resilient Key-exchange in the Post-quantum World. In CCS 2025 - 32nd ACM Conference on Computer and Communications Security","author":"Duverger K\u00e9vin","year":"2025","unstructured":"K\u00e9vin Duverger, Pierre-Alain Fouque, Charlie Jacomme, Guilhem Niot, and Cristina Onete. 2025. Subversion-resilient Key-exchange in the Post-quantum World. In CCS 2025 - 32nd ACM Conference on Computer and Communications Security. Taipei, Taiwan. https:\/\/inria.hal.science\/hal-05242187"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","unstructured":"Taher ElGamal. 1984. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms. 10--18. doi:10.1007\/3--540--39568--7_2","DOI":"10.1007\/3--540--39568--7_2"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2018.00013"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"crossref","unstructured":"Eiichiro Fujisaki and Tatsuaki Okamoto. 1999. Secure Integration of Asymmetric and Symmetric Encryption Schemes. In Advances in Cryptology -- CRYPTO. 537-- 554.","DOI":"10.1007\/3-540-48405-1_34"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-981-96-0957-4_10"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978--3--662--46803--6_22"},{"volume-title":"RSA Cryptography Standard. RSA Data Security","author":"PKCS","key":"e_1_3_2_1_29_1","unstructured":"PKCS1 1998. PKCS #1: RSA Cryptography Standard. RSA Data Security, Inc. Version 2.0."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","unstructured":"Alexander Russell Qiang Tang Moti Yung and Hong-Sheng Zhou. 2016. Cliptography: Clipping the Power of Kleptographic Attacks. In Advances in Cryptology - ASIACRYPT 2016 - 22nd International Conference on the Theory and Application of Cryptology and Information Security Hanoi Vietnam December 4--8 2016 Proceedings Part II (Lecture Notes in Computer Science Vol. 10032) Jung Hee Cheon and Tsuyoshi Takagi (Eds.). 34--64. doi:10.1007\/978--3--662--53890--6_2","DOI":"10.1007\/978--3--662--53890--6_2"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133993"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--39799-X_5"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/3--540--69053-0_6"}],"event":{"name":"CCS '25: ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Taipei Taiwan","acronym":"CCS '25"},"container-title":["Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3719027.3765165","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,22]],"date-time":"2025-12-22T22:27:03Z","timestamp":1766442423000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3719027.3765165"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,11,19]]},"references-count":33,"alternative-id":["10.1145\/3719027.3765165","10.1145\/3719027"],"URL":"https:\/\/doi.org\/10.1145\/3719027.3765165","relation":{},"subject":[],"published":{"date-parts":[[2025,11,19]]},"assertion":[{"value":"2025-11-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}