, Triple Handshakes and Cookie Cutters: Breaking and Fixing Authentication over TLS, 2014 IEEE Symposium on Security and Privacy, pp.2014-98
DOI : 10.1109/SP.2014.14
URL : https://hal.archives-ouvertes.fr/hal-01102259
, How Secure is TextSecure?, 2016 IEEE European Symposium on Security and Privacy (EuroS&P), 2016.
DOI : 10.1109/EuroSP.2016.41
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.689.6003
, Modeling and Verifying Security Protocols with the Applied Pi Calculus and ProVerif, Foundations and Trends?? in Privacy and Security, vol.1, issue.1-2, pp.1-135, 2016.
DOI : 10.1561/3300000004
URL : https://hal.archives-ouvertes.fr/hal-01423760
, On the security of public key protocols, IEEE Transactions on Information Theory, vol.29, issue.2, pp.198-207, 1983.
DOI : 10.1109/TIT.1983.1056650
, A Computationally Sound Mechanized Prover for Security Protocols, IEEE Transactions on Dependable and Secure Computing, vol.5, issue.4, pp.193-207, 2008.
DOI : 10.1109/TDSC.2007.1005
, Language-based defenses against untrusted browser origins, USENIX Security Symposium, pp.653-670, 2013.
URL : https://hal.archives-ouvertes.fr/hal-00863372
, Defensive JavaScript -building and verifying secure web components, Foundations of Security Analysis and Design (FOSAD VII), pp.88-123, 2013.
URL : https://hal.archives-ouvertes.fr/hal-01102144
, Mobile values, new names, and secure communication, 28th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL'01)
DOI : 10.1145/360204.360213
URL : https://hal.archives-ouvertes.fr/hal-01423924
, HMQV: A High-Performance Secure Diffie-Hellman Protocol, International Conference on Advances in Cryptology (CRYPTO), ser. Lecture Notes in Computer Science, pp.546-566, 2005.
DOI : 10.1007/11535218_33
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.59.3027
, SoK: Secure Messaging, 2015 IEEE Symposium on Security and Privacy, p.2015
DOI : 10.1109/SP.2015.22
, Telegram MTProto protocol, 2015.
, The number field sieve for integers of low weight, Mathematics of Computation, vol.79, issue.269, pp.583-602, 2010.
DOI : 10.1090/S0025-5718-09-02198-X
, Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS), p.7919, 2016.
DOI : 10.17487/RFC7919
, Verified Contributive Channel Bindings for Compound Authentication, Proceedings 2015 Network and Distributed System Security Symposium, 2015.
DOI : 10.14722/ndss.2015.23277
URL : https://hal.archives-ouvertes.fr/hal-01114248
, A 2?64 attack on Telegram, and why a super villain doesn't need it to read your telegram chats, 2015.
, On the CCA (in)Security of MTProto, Proceedings of the 6th Workshop on Security and Privacy in Smartphones and Mobile Devices , SPSM'16, 1177.
DOI : 10.1145/2994459.2994468
, Off-the-record communication, or, why not to use PGP, Proceedings of the 2004 ACM workshop on Privacy in the electronic society , WPES '04, pp.77-84, 2004.
DOI : 10.1145/1029179.1029200
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.308.8199
, Towards a program logic for JavaScript, ACM SIGPLAN Notices, vol.47, issue.1, pp.31-44, 2012.
DOI : 10.1145/2103621.2103663
, Verified interoperable implementations of security protocols, ACM Transactions on Programming Languages and Systems, vol.31, issue.1, 2008.
, Cryptographic extraction and key derivation: The HKDF scheme, " in Advances in Cryptology (CRYPTO), ser. Lecture Notes in Computer Science, pp.631-648, 2010.
, SP code repository, " https://github.com/inriaprosecco/proscript-messaging, 2017.
, Sequences of games: a tool for taming complexity in security proofs, IACR Cryptology ePrint Archive, vol.332, 2004.
, The Security of Triple Encryption and a Framework??for??Code-Based??Game-Playing??Proofs, Advances in Cryptology (Eurocrypt), ser. Lecture Notes in Computer Science, S. Vaudenay, pp.409-426, 2006.
DOI : 10.1002/j.1538-7305.1949.tb00928.x
, The Gap-Problems: A New Class of Problems for the Security of Cryptographic Schemes, Practice and Theory in Public Key Cryptography (PKC), ser. Lecture Notes in Computer Science, pp.104-118, 1992.
DOI : 10.1007/3-540-44586-2_8
, Designing Efficient Authenticated Key Exchange Resilient to Leakage of Ephemeral Secret Keys, Topics in Cryptology (CT-RSA), ser. Lecture Notes in Computer Science, A. Kiayias, pp.121-141, 2011.
DOI : 10.1007/978-3-642-04642-1_16
, Curve25519: New Diffie-Hellman Speed Records, Public Key Cryptography (PKC), pp.207-228, 2006.
DOI : 10.1007/11745853_14
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.101.4634
, A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks, SIAM Journal on Computing, vol.17, issue.2, pp.281-308, 1988.
DOI : 10.1137/0217017
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.20.8353
, Merkle-Damg??rd Revisited: How to Construct a Hash Function, Advances in Cryptology (CRYPTO), pp.430-448, 2005.
DOI : 10.1007/11535218_26
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.365.1590
, New proofs for NMAC and HMAC: Security without collision-resistance, Advances in Cryptology (CRYPTO), ser. Lecture Notes in Computer Science, pp.602-619, 2006.
DOI : 10.1007/11818175_36
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.116.59
, The Security and Performance of the Galois/Counter Mode (GCM) of Operation, Progress in Cryptology -INDOCRYPT 2004, ser. Lecture Notes in Computer Science, pp.343-355, 2004.
DOI : 10.1007/978-3-540-30556-9_27
, Authenticated-encryption with associated-data, Proceedings of the 9th ACM conference on Computer and communications security , CCS '02, pp.98-107, 2002.
DOI : 10.1145/586110.586125
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.65.2212
, Signal for the browser, 2015.
, Electron framework, 2016.
, The Java SPI Framework for Security Protocol Implementation, 2011 Sixth International Conference on Availability, Reliability and Security, pp.746-751, 2011.
DOI : 10.1109/ARES.2011.117
, Understanding Type- Script, ECOOP 2014 Object-Oriented Programming, ser. Lecture Notes in Computer Science, pp.257-281, 2014.
, Flow, a static type checker for JavaScript
, Fully abstract compilation to JavaScript, ACM SIGPLAN Notices, vol.48, issue.1, pp.371-384, 2013.
DOI : 10.1109/SP.2011.39
URL : https://hal.archives-ouvertes.fr/hal-00780803
, Discovering Concrete Attacks on Website Authorization by Formal Analysis, 2012 IEEE 25th Computer Security Foundations Symposium, pp.601-657, 2014.
DOI : 10.1109/CSF.2012.27
URL : https://hal.archives-ouvertes.fr/hal-01102202
, AUTHSCAN: automatic extraction of web authentication protocols from implementations, Network and Distributed System Security Symposium (NDSS), 2013.
, An Expressive Model for the Web Infrastructure: Definition and Application to the Browser ID SSO System, 2014 IEEE Symposium on Security and Privacy, pp.673-688, 2014.
DOI : 10.1109/SP.2014.49
, On Post-compromise Security, 2016 IEEE 29th Computer Security Foundations Symposium (CSF), pp.164-178, 2016.
DOI : 10.1109/CSF.2016.19
URL : https://ora.ox.ac.uk/objects/uuid:241da365-1c73-4b6a-826c-f122c4c1e1b8/datastreams/ATTACHMENT01
, A Formal Security Analysis of the Signal Messaging Protocol, 2017 IEEE European Symposium on Security and Privacy (EuroS&P), 2017.
DOI : 10.1109/EuroSP.2017.27