A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is
We study the security of the widely deployed Secure Session Layer/Transport Layer Security (TLS) key agreement protocol. Our analysis identifies, justifies, and exploits the modularity present in the design of the protocol: the application keys offered to higher level applications are obtained from a master key, which in turn is derived, through interaction, from a pre-master key. We define models (following well-established paradigms) that clarify the security level enjoyed by each of thesedoi:10.1007/s00145-009-9052-3 fatcat:vjht4j55wjcm5ltnhnos5sbds4