{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,8]],"date-time":"2026-05-08T21:26:57Z","timestamp":1778275617715,"version":"3.51.4"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540259107","type":"print"},{"value":"9783540320555","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2005]]},"DOI":"10.1007\/11426639_28","type":"book-chapter","created":{"date-parts":[[2010,7,14]],"date-time":"2010-07-14T15:02:36Z","timestamp":1279119756000},"page":"474-490","source":"Crossref","is-referenced-by-count":184,"title":["Second Preimages on n-Bit Hash Functions for Much Less than 2 n Work"],"prefix":"10.1007","author":[{"given":"John","family":"Kelsey","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bruce","family":"Schneier","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"28_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","DOI":"10.1007\/3-540-61996-8","volume-title":"Fast Software Encryption","author":"R.J. Anderson","year":"1996","unstructured":"Anderson, R.J., Biham, E.: Tiger\u2014A Fast New Hash Function. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol.\u00a01039, Springer, Heidelberg (1996)"},{"key":"28_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/978-3-540-30144-8_12","volume-title":"Information Security","author":"C.M. Adams","year":"2004","unstructured":"Adams, C.M., Kramer, G., Mister, S., Zuccherato, R.J.: On the security of key derivation functions. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol.\u00a03225, pp. 134\u2013145. Springer, Heidelberg (2004) (to appear)"},{"key":"28_CR3","unstructured":"Baldwin: Preliminary Analysis of the BSAFE 3.x Pseudorandom Number Generators, RSA Laboratories Bulletin No. 8, RSA Laboratories (1998)"},{"key":"28_CR4","unstructured":"Barreto, P.S.L.M., Rijmen, V.: The Whirlpool Hashing Function. In: First open NESSIE Workshop, Leuven, Belgium, November 13\u201314 (2000)"},{"key":"28_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"320","DOI":"10.1007\/3-540-45708-9_21","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"J.A. Black","year":"2002","unstructured":"Black, J.A., Rogaway, P., Shrimpton, T.: Black-box analysis of the block-cipher-based hash-function constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, p. 320. Springer, Heidelberg (2002)"},{"key":"28_CR6","doi-asserted-by":"crossref","DOI":"10.1007\/978-1-4613-9314-6","volume-title":"Differential Cryptanalysis of the Data Encryption Standard","author":"E. Biham","year":"1993","unstructured":"Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)"},{"key":"28_CR7","series-title":"Lecture Notes in Computer Science","volume-title":"Fast Software Encryption","author":"H. Dobbertin","year":"1996","unstructured":"Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160, A Strengthened Version of RIPEMD. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol.\u00a01039, Springer, Heidelberg (1996)"},{"key":"28_CR8","unstructured":"Dean, R.D.: Formal Aspects of Mobile Code Security, Ph.D Dissertation, Princeton University (January 1999)"},{"key":"28_CR9","series-title":"Lecture Notes in Computer Science","first-page":"416","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"I.B. Damg\u00e5rd","year":"1989","unstructured":"Damg\u00e5rd, I.B.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 416\u2013427. Springer, Heidelberg (1989)"},{"key":"28_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/3-540-46035-7_24","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"A. Desai","year":"2002","unstructured":"Desai, A., Hevia, A., Yin, Y.L.: A Practice-Oriented Treatment of Pseudorandom Number Generators. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, p. 368. Springer, Heidelberg (2002)"},{"key":"28_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"306","DOI":"10.1007\/978-3-540-28628-8_19","volume-title":"CRYPTO 2004","author":"A. Joux","year":"2004","unstructured":"Joux, A.: Multicollisions in Iterated Hash Functions. Applications to Cascaded Constructions. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol.\u00a03152, pp. 306\u2013316. Springer, Heidelberg (2004)"},{"key":"28_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"13","DOI":"10.1007\/3-540-46513-8_2","volume-title":"Selected Areas in Cryptography","author":"J. Kelsey","year":"1999","unstructured":"Kelsey, J., Schneier, B., Ferguson, N.: Yarrow-160: Notes on the Design and Analysis of the Yarrow Cryptographic Pseudorandom Number Generator. In: Heys, H.M., Adams, C.M. (eds.) SAC 1999. LNCS, vol.\u00a01758, p. 13. Springer, Heidelberg (1999)"},{"key":"28_CR13","unstructured":"Lucks, S.: Design Principles for Iterated Hash Functions, IACR preprint archive (2004), http:\/\/eprint.iacr.org\/2004\/253.pdf"},{"key":"28_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1007\/BFb0011626","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"R.C. Merkle","year":"1989","unstructured":"Merkle, R.C.: One Way Hash Functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 428\u2013446. Springer, Heidelberg (1989)"},{"issue":"1","key":"28_CR15","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/BF00203968","volume":"3","author":"R.C. Merkle","year":"1990","unstructured":"Merkle, R.C.: A Fast Software One-Way Hash Function. Journal of Cryptology\u00a03(1), 43\u201358 (1990)","journal-title":"Journal of Cryptology"},{"key":"28_CR16","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - CRYPTO \u201990","author":"S. Miyaguchi","year":"1990","unstructured":"Miyaguchi, S., Ohta, K., Iwata, M.: Confirmation that Some Hash Functions are Not Collision Free. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol.\u00a0537, Springer, Heidelberg (1990)"},{"key":"28_CR17","doi-asserted-by":"publisher","DOI":"10.1201\/9781439821916","volume-title":"Handbook of Applied Cryptography","author":"W. Menezes","year":"1996","unstructured":"Menezes, W., van Oorschot, P.C., Vanstone: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)"},{"key":"28_CR18","unstructured":"NIST Special Publication 800-56, Recommendations on Key Establishment Schemes, Draft 2.0 (January 2003), available from http:\/\/csrc.nist.gov\/CryptoToolkit\/kms\/keyschemes-jan02.pdf"},{"key":"28_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"368","DOI":"10.1007\/3-540-57341-0","volume-title":"Advances in Cryptology - CRYPTO \u201993","author":"B. Preneel","year":"1993","unstructured":"Preneel, B., Govaerts, R., Vandewalle, J.: Hash Functions Based on Block Ciphers: A Synthetic Approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol.\u00a0773, pp. 368\u2013378. Springer, Heidelberg (1993)"},{"key":"28_CR20","unstructured":"Preneel, B.: Personal Communication (March 2005)"},{"key":"28_CR21","doi-asserted-by":"crossref","unstructured":"Rivest: The MD5 Message-Digest Algorithm, RFC1321 (April 1992)","DOI":"10.17487\/rfc1321"},{"key":"28_CR22","unstructured":"National Institute of Standards and Technology, Secure Hash Standard, FIPS180-2 (August 2002)"},{"key":"28_CR23","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/PL00003816","volume":"12","author":"P.C. Oorschot van","year":"1999","unstructured":"van Oorschot, P.C., Wiener, M.: Parallel Collision Search with Cryptanalytic Applications. J. of Cryptology\u00a012, 1\u201328 (1999)","journal-title":"J. of Cryptology"},{"key":"28_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1007\/3-540-68697-5_18","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"P.C. Oorschot van","year":"1996","unstructured":"van Oorschot, P.C., Wiener, M.: Improving Implementable Meet-in-the-Middle Attacks by Orders of Magnitude. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 229\u2013236. Springer, Heidelberg (1996)"},{"key":"28_CR25","unstructured":"ANSI X9.63\u2014Public Key Cryptography for the Financial Services Industry: Key Agreement and Transport Using Elliptic Curve Cryptography, American Bankers Association, Working Draft (1999)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2005"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/11426639_28.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T19:55:35Z","timestamp":1605642935000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/11426639_28"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2005]]},"ISBN":["9783540259107","9783540320555"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/11426639_28","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2005]]}}}