Chapter 1Introduction
Background
Structure
Part ⅠPreliminary
Chapter 2Cryptographic Primitives and Complexity Assumptions
2.1Notations
2.2Negligible Functions
2.3Key Exchange Protocols
2.4Digital Signature Schemes
2.5Public Key Encryption Schemes
2.6Key Encapsulation Mechanism Schemes
2.7Non-Interactive Key Exchange Protocols
2.8Tag-based Authentication Schemes
2.9Message Authentication Code
2.1Collision-Resistant Hash Functions
2.11Target Collision-Resistant Hash Functions
2.12Pseudo-Random Functions
2.13Double Pseudo-Random Functions
2.14Min-entropy and Strong Randomness Extractors
2.15Weak Programmable Hash Functions
2.16Bilinear Groups
2.17Multilinear Groups
2.18Complexity Assumptions
Part ⅡSecurity Model
Chapter 3Towards Modelling Perfect Forward Secrecy in Two-message
Authenticated Key Exchange
3.1Two-party Security Models
3.2New Results on Perfect Forward Secrecy for TMAKE
Chapter 4Randomized Authentication Primitive Problem in Key Exchange
4.1Security Definitions Revisit
4.2Randomized Authentication Primitive Problems
4.3Solutions for Avoiding RAP problem
Chapter 5A New Strong Security Model for Stateful Authenticated
Group Key Exchange
5.1Execution Environment
5.2Adversarial Model
5.3Secure AGKE Protocols
Part ⅢCryptanalysis of AKE Protocols
Chapter 6On Security Analysis of an After-the-fact Leakage Key
Exchange Protocol
6.1The ASB protocol
6.2Security Analysis of ASB
Chapter 7Cryptanalysis of a Generic TMAKE Protocol from KEM

7.1The KF Scheme
7.2On the Insecurity of the KF Scheme
7.3Incorrect Security Reduction of the KF Scheme
Chapter 8Cryptanalysis of a Generic TMAKE Protocol from NIKE
8.1The BJS Scheme
8.2The Insecurity and Improvement of the BJS scheme
8.3An Improvement Solution of the BJS Scheme
Part ⅣNew AKE Constructions
Chapter 9Simpler Generic Constructions for Strongly Secure One-round
Key Exchange from Weaker Assumptions
9.1Generic AKE from NIKE
9.2A Generic AKE Construction from simplified NIKE
9.3Efficiency Comparison
Chapter 1New Constructions for （Multiparty） One-round Key Exchange
with Strong Security
1.1A DDH-based ORKE Protocol
1.2An Efficient Multiparty ORKE Protocol
1.3Efficiency Comparison
Chapter 11Two-message Key Exchange with Strong Security from Ideal
Lattices
11.1A Generic TMAKE Construction from OTKEM
11.2An OTKEM from Ring-LWE
11.3Comparison
Chapter 12A Stateful Authenticated Group Key Exchange Protocol with
Strong Security
12.1A Strongly Secure stAGKE Protocol
Conclusions
Bibliography