Abstract. We formally analyze the family of entity authentication protocols defined by the ISO/IEC 9798 standard and find numerous weaknesses, both old and new, including some th...
Real-time statistics on smart meter consumption data must preserve consumer privacy and tolerate smart meter failures. Existing protocols for this private distributed aggregation m...
Many security properties are naturally expressed as indistinguishability between two versions of a protocol. In this paper, we show that computational proofs of indistinguishabili...
We promote an engineering approach to design of provably secure key exchange protocols. Using the model of Canetti and Krawczyk we present a systematic method to arrive at efficie...
Yiu Shing Terry Tin, Colin Boyd, Juanma Gonz&aacut...
We investigate the security of a generalization of HFE (multivariate and odd-characteristic variants). First, we propose an improved version of the basic Kipnis-Shamir key recovery...