[1]

B. Barak, Constant-Round Coin-Tossing with a Man in the Middle or Realizing the Shared Random String Model, in *IEEE Symposium on Foundations of Computer Science* (2002), pp. 345–355

[2]

M. Bellare, D. Pointcheval, P. Rogaway, Authenticated Key Exchange Secure against Dictionary Attacks, in

*Advances in Cryptology—Eurocrypt 2000 Proceedings*. Lecture Notes in Computer Science, vol. 1807 (Springer, Berlin, 2000), pp. 139–155

CrossRef[3]

M. Bellare, P. Rogaway, Entity Authentication and Key Distribution, in

*Advances in Cryptology—Crypto 93 Proceedings*. Lecture Notes in Computer Science, vol. 773 (Springer, Berlin, 1994), pp. 232–249

CrossRef[4]

S. Bellovin, M. Merritt, Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks, in *ACM/IEEE Symposium on Research in Security and Privacy* (1992), pp. 72–84

[5]

S. Bellovin, M. Merritt, Augmented Encrypted Key Exchange: A Password-Based Protocol Secure against Dictionary Attacks and Password File Compromise, in *ACM Conference on Computer and Communications Security* (1993), pp. 244–250

[6]

M. Boyarsky, Public-Key Cryptography and Password Protocols: The Multi-User Case, in *ACM Conference on Computer and Communications Security* (1999), pp. 63–72

[7]

V. Boyko, P. MacKenzie, S. Patel, Provably Secure Password-Authenticated Key Exchange Using Diffie–Hellman, in

*Advances in Cryptology—Eurocrypt 2000 Proceedings*. Lecture Notes in Computer Science, vol. 1807 (Springer, Berlin, 2000), pp. 156–171

CrossRef[8]

R. Canetti, Universally Composable Security: A New Paradigm for Cryptographic Protocols, in *IEEE Symposium on Foundations of Computer Science* (2001), pp. 136–145

[9]

B. Chor, O. Goldreich, Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity, SIAM J. Comput.

**17**(2), 230–261 (1988)

MATHCrossRefMathSciNet[10]

W. Diffie, M. Hellman, New Directions in Cryptography, IEEE Trans. Inf. Theory

**22**(6), 644–654 (1976)

MATHCrossRefMathSciNet[11]

Y. Dodis, R. Oliveira, On Extracting Private Randomness over a Public Channel. Approximation, Randomization, and Combinatorial Optimization, in *Proc. of APPROX 2003 and RANDOM 2003*. Lecture Notes in Computer Science, vol. 2764 (Springer, Berlin, 2003), pp. 252–263

[12]

Y. Dodis, A. Elbaz, R. Raz, R. Oliveira, Improved Randomness Extraction from Two Independent Sources. Approximation, Randomization, and Combinatorial Optimization, in *Proc. of APPROX 2004 and RANDOM 2004*. Lecture Notes in Computer Science, vol. 3122 (Springer, Berlin, 2004)

[13]

R. Gennaro, Y. Lindell, A Framework for Password-Based Authenticated Key Exchange, in

*Advances in Cryptology—Eurocrypt 2003 Proceedings*. Lecture Notes in Computer Science, vol. 2656 (Springer, Berlin, 2003), pp. 524–543

CrossRef[14]

O. Goldreich, Foundations of Cryptography, vol. 2 (Cambridge University Press, Cambridge, 2004)

[15]

O. Goldreich, Y. Lindell, Session-Key Generation Using Human Passwords Only, in

*Advances in Cryptology—Crypto 2001 Proceedings*. Lecture Notes in Computer Science, vol. 2139 (Springer, Berlin, 2001), pp. 408–432. Full version to appear in Journal of Cryptology

CrossRef[16]

S. Goldwasser, S. Micali, Probabilistic Encryption, J. Comput. Syst. Sci.

**28**(2), 270–299 (1984)

MATHCrossRefMathSciNet[17]

S. Halevi, H. Krawczyk, Public-Key Cryptography and Password Protocols, in *ACM Conference on Computer and Communications Security* (1998), pp. 122–131

[18]

J. Katz, R. Ostrovsky, M. Yung, Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords, in Advances in Cryptology—Eurocrypt 2001 Proceedings. Lecture Notes in Computer Science, vol. 2045 (Springer, Berlin, 2001), pp. 475–494

CrossRef[19]

P. MacKenzie, S. Patel, R. Swaminathan, Password Authenticated Key Exchange Based on RSA, in *ASIACRYPT* (2000), pp. 599–613

[20]

S. Micali, C. Rackoff, B. Sloan, The Notion of Security for Probabilistic Cryptosystems, SIAM J. Comput. 17, 412–426 (1988)

MATHCrossRefMathSciNet[21]

M. Naor, B. Pinkas, Oblivious Transfer and Polynomial Evaluation, in *ACM Symposium on Theory of Computing* (1999), pp. 245–254

[22]

M.-H. Nguyen, S. Vadhan, Simpler Session-Key Generation from Short Random Passwords, in *Proceedings of the First Theory of Cryptography Conference (TCC ’04)*. Lecture Notes in Computer Science, vol. 2951 (Springer, Berlin, 2004), pp. 428–445

[23]

N. Nisan, D. Zuckerman, Randomness is Linear in Space, J. Comput. Syst. Sci.

**52**(1), 43–52 (1996)

MATHCrossRefMathSciNet[24]

R. Richardson, J. Kilian, On the Concurrent Composition of Zero-Knowledge Proofs, in *Advances in Cryptology—Eurocrypt 99 Proceedings*. Lecture Notes in Computer Science, vol. 1592 (Springer, Berlin, 1999), pp. 415–431

[25]

V. Shoup, On Formal Models for Secure Key Exchange, Cryptology ePrint Archive Report 1999/012 (1999)

[26]

A. Srinivasan, D. Zuckerman, Computing with Very Weak Random Sources, SIAM J. Comput.

**28**(4), 1453–1459 (1999)

CrossRefMathSciNet[27]

M. Steiner, G. Tsudik, M. Waidner, Refinement and Extension of Encrypted Key Exchange, Oper. Syst. Rev.

**29**(3), 22–30 (1995)

CrossRef[28]

A. Yao, How to Generate and Exchange Secrets, in *IEEE Symposium on Foundations of Computer Science* (1986), pp. 162–167