Paper 2015/394

Augmented Secure Channels and the Goal of the TLS 1.3 Record Layer

Christian Badertscher, Christian Matt, Ueli Maurer, Phillip Rogaway, and Björn Tackmann


Motivated by the wide adoption of authenticated encryption and TLS, we suggest a basic channel abstraction, an augmented secure channel (ASC), that allows a sender to send a receiver messages consisting of two parts, where one is privacy-protected and both are authenticity-protected. Working in the tradition of constructive cryptography, we formalize this idea and provide a construction of this kind of channel using the lower-level tool authenticated-encryption. We look at recent proposals on TLS 1.3 and suggest that the criterion by which their security can be judged is quite simple: do they construct an ASC? Due to this precisely defined goal, we are able to give a natural construction that comes with a rigorous security proof and directly leads to a proposal on TLS 1.3 that is provably secure.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. ProvSec 2015
Authenticated EncryptionTLS 1.3 Record LayerComposable Security
Contact author(s)
christian badertscher @ inf ethz ch
2018-09-28: last of 4 revisions
2015-05-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Christian Badertscher and Christian Matt and Ueli Maurer and Phillip Rogaway and Björn Tackmann},
      title = {Augmented Secure Channels and the Goal of the TLS 1.3 Record Layer},
      howpublished = {Cryptology ePrint Archive, Paper 2015/394},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.