Björn Tackmann

We propose a game-theoretic framework for designing rational cryptographic protocols under attack from an external entity, which provides theoretical groundwork for a study of cryptographic protocol design in this setting. Expand

We initiate the study of multi-user mu security of authenticated encryption AE schemes as a way to rigorously formulate, and answer, questions about the "randomized nonce" mechanism proposed for the use of the AE scheme GCM. Expand

A communication channel from an honest sender A to an honest receiver B can be described as a system with three interfaces labeled A, B, and E (the adversary), respectively, where the security properties of the channel are characterized by the capabilities provided at the E-interface. Expand

We propose a novel approach to defining synchrony in the UC framework by introducing functionalities exactly meant to model, respectively, bounded-delay networks and loosely synchronized clocks. Expand

We propose a new channel abstraction, an augmented secure channel, that allows a sender to send a receiver messages consisting of two parts, where one is privacy-protected and both are authenticity-protected. Expand

An updatable encryption scheme allows to periodically rotate the encryption key and move already existing ciphertexts from the old to the new key. Expand

We provide constructions of multi-bit CCA-secure PKE from single-bit PKE, based on weak and credible assumptions. Expand

TLS is one of the most widely deployed cryptographic protocols on the Internet; it is used to protect the condentiality and integrity of transmitted data in various client-server protocols. Expand

We take nonce-based cryptography beyond symmetric encryption, developing it as a broad and practical way to mitigate damage caused by failures in randomness, whether inadvertent bugs or malicious subversion. Expand

We analyze the security of a slightly modified version of TLS 1.3, which is designed to address several flaws inherent to previous versions. Expand