Doreen Riepel's research while affiliated with Ruhr-Universität Bochum and other places
What is this page?
This page lists the scientific contributions of an author, who either does not have a ResearchGate profile, or has not yet added these contributions to their profile.
It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.
If you're a ResearchGate member, you can follow this page to keep up with this author's work.
If you are this author, and you don't want us to display this page anymore, please let us know.
It was automatically created by ResearchGate to create a record of this author's body of work. We create such pages to advance our goal of creating and maintaining the most comprehensive scientific repository possible. In doing so, we process publicly available (personal) data relating to the author as a member of the scientific community.
If you're a ResearchGate member, you can follow this page to keep up with this author's work.
If you are this author, and you don't want us to display this page anymore, please let us know.
Publications (3)
We construct the first authenticated key exchange protocols that achieve tight security in the standard model. Previous works either relied on techniques that seem to inherently require a random oracle, or achieved only “Multi-Bit-Guess” security, which is not known to compose tightly, for instance, to build a secure channel.
We introduce new tightly-secure authenticated key exchange (AKE) protocols that are extremely efficient, yet have only a constant security loss and can be instantiated in the random oracle model both from the standard DDH assumption and a subgroup assumption over RSA groups. These protocols can be deployed with optimal parameters, independent of th...
The Hybrid Public Key Encryption (HPKE) scheme is an emerging standard currently under consideration by the Crypto Forum Research Group (CFRG) of the IETF as a candidate for formal approval. Of the four modes of HPKE, we analyse the authenticated mode HPKE_Auth in its single-shot encryption form as it contains what is, arguably, the most novel part...
Citations
... Security analysis in the authenticated-links adversarial model. This subsection is devoted to analysing further our key exchange protocol in a appropriate security model [1, 13,3]. In particular, we aim at proving that our protocol is session-key secure in the authenticated-links adversarial model (AM) of Canetti and Krawczyk [3], assuming the DDP assumption holds for F ↵ q . ...
![[object Object]](https://i1.rgstatic.net/ii/profile.image/1147279406837763-1650544134540_Q64/Sven-Schaege.jpg)
... Currently in MLS, the authors require an hybrid public key encryption (HPKE) scheme, as designed in [BBLW20] (which was recently studied in [ABH+21]), composed of a KEM to transmit a symmetric key k and an AEAD encryption scheme that encrypts the data under k, as well as a key derivation function. The security of this scheme is examined in [ABH+20]. In the rest of this work, we denote by Enc pk (m : r) the HPKE encryption of a message m under the public key pk using randomness r. ...
