• Publications
  • Influence
Universally composable security: a new paradigm for cryptographic protocols
  • R. Canetti
  • Computer Science
  • Proceedings IEEE International Conference on…
  • 14 October 2001
TLDR
We propose a novel paradigm for defining security of cryptographic protocols, called universally composable security, which guarantees security even when a secure protocol is composed of an arbitrary set of protocols. Expand
  • 2,592
  • 286
  • PDF
Keying Hash Functions for Message Authentication
TLDR
We present new, simple, and practical constructions of message authentication schemes based on a cryptographic hash function. Expand
  • 1,669
  • 178
  • PDF
HMAC: Keyed-Hashing for Message Authentication
TLDR
This document describes HMAC, a mechanism for message authentication using cryptographic hash functions, in combination with a secret key. Expand
  • 2,157
  • 176
  • PDF
Efficient authentication and signing of multicast streams over lossy channels
TLDR
We propose two efficient schemes, TESLA and EMSS, for secure lossy multicast streams. Expand
  • 1,080
  • 137
  • PDF
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
TLDR
We present a formalism for the analysis of key exchange protocols that combines previous definitional approaches and results in a definition of security that enjoys some important analytical benefits: (i) any key-exchange protocol that satisfies the security definition can be composed with symmetric encryption and authentication functions to provide provably secure communication channels (as defined here). Expand
  • 1,180
  • 132
  • PDF
The TESLA Broadcast Authentication Protocol
TLDR
We present the TESLA (Timed Efficient Stream Loss-tolerant Authentication) broadcast authentication protocol, an efficient protocol with low communication and computation overhead, which scales to large numbers of receivers, and tolerates packet loss. Expand
  • 959
  • 122
  • PDF
Security and Composition of Multiparty Cryptographic Protocols
  • R. Canetti
  • Computer Science, Mathematics
  • Journal of Cryptology
  • 2000
TLDR
We present general definitions of security for multiparty cryptographic protocols, with focus on the task of evaluating a probabilistic function of the parties' inputs. Expand
  • 1,144
  • 94
Chosen-Ciphertext Security from Identity-Based Encryption
TLDR
We propose a simple and efficient construction of a CCA-secure public-key encryption scheme from any CPA-secure identity-based encryption (IBE) scheme. Expand
  • 931
  • 82
  • PDF
Chosen-ciphertext secure proxy re-encryption
TLDR
In a proxy re-encryption (PRE) scheme, a proxy is given special information that allows it to translate a ciphertext under one key into ciphertext of the same message under a different key. Expand
  • 475
  • 67
  • PDF
Efficient and Secure Source Authentication for Multicast
TLDR
One of the main challenges of securing multicast communicationis source authentication,or enabling receivers of multicast data to verify that the received data originated with the claimed source and was not modified enroute. Expand
  • 752
  • 64
  • PDF