In the multi-user with corruptions (muc) setting there are\(n\ge 1\) users, and the goal is to
prove that, even in the face of an adversary that adaptively corrupts users to expose their …

Motivated by applications to the internet of things (IoT), Cremers, Naor, Paz, and Ronen
(CRYPTO'22) recently considered a setting in which multiple parties share a common …

Weak forward secrecy (wFS) of authenticated key exchange (AKE) protocols is a passive
variant of (full) forward secrecy (FS). A natural mechanism to upgrade from wFS to FS is the …

A security proof for a key exchange protocol requires writing down a security definition.
Authors typically have a clear idea of the level of security they aim to achieve, eg, forward …

We analyse a two password-authenticated key exchange protocols, a variant of CPace and
a protocol related to the well-known SRP protocol. Our security results are tight. The first …

In this thesis, we describe and analyze several Diffie-Hellman-based key exchange
protocols, with an emphasis on giving tight security proofs. At the centre of our analysis is a …