International Association for Cryptologic Research
TLS is the most important cryptographic protocol in the internet. At CRYPTO 2012, the researcher presented the first proof of the unmodified TLS with ephemeral Diffie-Hellman key Exchange (TLS-DHE) for mutual authentication. Since TLS cannot be proven secure under the classical definition of Authenticated Key Exchange (AKE), they introduce a new security model called Authenticated and Confidential Channel Establishment (ACCE) that captures the security properties expected from TLS in practice. The authors extend this result in two ways.