{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,20]],"date-time":"2025-04-20T04:30:41Z","timestamp":1745123441173},"publisher-location":"Berlin, Heidelberg","reference-count":92,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783540654742"},{"type":"electronic","value":"9783540492481"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1998]]},"DOI":"10.1007\/3-540-49248-8_4","type":"book-chapter","created":{"date-parts":[[2007,10,27]],"date-time":"2007-10-27T19:31:47Z","timestamp":1193513507000},"page":"105-130","source":"Crossref","is-referenced-by-count":11,"title":["Recent Developments in the Design of Conventional Cryptographic Algorithms"],"prefix":"10.1007","author":[{"given":"Bart","family":"Preneel","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vincent","family":"Rijmen","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Antoon","family":"Bosselaers","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[1999,1,15]]},"reference":[{"key":"4_CR1","unstructured":"C.M. Adams, \u201cSimple and effective key scheduling for symmetric ciphers,\u201d Proceedings of SAC\u201994, Workshop on Selected Areas in Cryptography, pp. 129\u2013133."},{"issue":"3","key":"4_CR2","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1023\/A:1008229029587","volume":"12","author":"C.M. Adams","year":"1997","unstructured":"C.M. Adams, \u201cConstructing symmetric ciphers using the CAST design procedure,\u201d Designs, Codes, and Cryptography, Vol. 12, No. 3, November 1997, pp. 71\u2013104.","journal-title":"Designs, Codes, and Cryptography"},{"issue":"1","key":"4_CR3","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/BF00203967","volume":"3","author":"C.M. Adams","year":"1990","unstructured":"C.M. Adams, S.E. Tavares, \u201cThe structured design of cryptographically good S-boxes,\u201d Journal of Cryptology, Vol. 3, No. 1, 1990, pp. 27\u201342.","journal-title":"Journal of Cryptology"},{"key":"4_CR4","unstructured":"C.M. Adams, S.E. Tavares, \u201cDesigning S-boxes for ciphers resistant to differential cryptanalysis,\u201d Proceedings of the 3rd Symposium on State and Progress of Research in Cryptography, W. Wolfowicz, Ed., Fondazione Ugo Bordoni, 1993, pp. 181\u2013190."},{"key":"4_CR5","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1007\/3-540-60865-6_46","volume-title":"Fast Software Encryption","author":"R. Anderson","year":"1996","unstructured":"R. Anderson, E. Biham, \u201cTiger: a fast new hash function,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 89\u201397."},{"key":"4_CR6","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"113","DOI":"10.1007\/3-540-60865-6_48","volume-title":"Fast Software Encryption","author":"R. Anderson","year":"1996","unstructured":"R. Anderson, E. Biham, \u201cTwo practical and provably secure block ciphers: BEAR and LION,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 113\u2013120."},{"key":"4_CR7","unstructured":"K. Aoki, K. Ohta, \u201cDifferential-linear cryptanalysis of FEAL-8,\u201d IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E79-A, No. 1, January 1996."},{"key":"4_CR8","doi-asserted-by":"crossref","unstructured":"E. Biham, A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.","DOI":"10.1007\/978-1-4613-9314-6"},{"key":"4_CR9","unstructured":"M. Blaze, W. Diffie, R.L. Rivest, B. Schneier, T. Shimomura, E. Thompson, M. Wiener, \u201cMinimal key lengths for symmetric ciphers to provide adequate commercial security,\u201d January 1996."},{"key":"4_CR10","series-title":"Lect Notes Comput Sci","first-page":"1","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201997","author":"J. Borst","year":"1997","unstructured":"J. Borst, L. R. Knudsen, V. Rijmen, \u201cTwo attacks on reduced IDEA,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201997, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 1\u201313."},{"key":"4_CR11","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"298","DOI":"10.1007\/3-540-68697-5_23","volume-title":"Advances in Cryptology, Proceedings Crypto\u201996","author":"A. Bosselaers","year":"1996","unstructured":"A. Bosselaers, R. Govaerts, J. Vandewalle, \u201cFast hashing on the Pentium,\u201d Advances in Cryptology, Proceedings Crypto\u201996, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 298\u2013312."},{"issue":"1","key":"4_CR12","first-page":"24","volume":"22","author":"A. Bosselaers","year":"1997","unstructured":"A. Bosselaers, H. Dobbertin, B. Preneel, \u201cThe RIPEMD-160 cryptographic hash function,\u201d Dr. Dobb\u2019s Journal, Vol. 22, No. 1, January 1997, pp. 24\u201328.","journal-title":"Dr. Dobb\u2019s Journal"},{"key":"4_CR13","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"348","DOI":"10.1007\/3-540-69053-0_24","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201997","author":"A. Bosselaers","year":"1997","unstructured":"A. Bosselaers, R. Govaerts, J. Vandewalle, \u201cSHA: a design for parallel architectures?,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201997, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 348\u2013362."},{"key":"4_CR14","unstructured":"A. Bosselaers, \u201cEven faster hashing on the Pentium,\u201d Presented at the rump session of Eurocrypt\u201997, Konstanz, Germany, May 12\u201315, 1997, and updated on November 13, 1997. Available from ftp:\/\/www.esat.kuleuven.ac.be\/pub\/COSIC\/bosselae\/pentiumplus.ps.gz ."},{"key":"4_CR15","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1007\/3-540-57332-1_3","volume-title":"Advances in Cryptology, Proceedings Asiacrypt\u201991","author":"L. Brown","year":"1993","unstructured":"L. Brown, M. Kwan, J. Pieprzyk, J. Seberry, \u201c Improving resistance to differential cryptanalysis and the redesign of LOKI,\u201d Advances in Cryptology, Proceedings Asiacrypt\u201991, LNCS 739, H. Imai, R.L. Rivest, and T. Matsumoto, Eds., Springer-Verlag, 1993, pp. 36\u201350."},{"key":"4_CR16","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"433","DOI":"10.1007\/BFb0053459","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201994","author":"C. Charnes","year":"1995","unstructured":"C. Charnes, L. O\u2019Connor, J. Pieprzyk, R. Safavi-Naini, and Y. Zheng, \u201cComments on Soviet encryption algorithm,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201994, LNCS 950, A. De Santis, Ed., Springer-Verlag, 1995, pp. 433\u2013438."},{"key":"4_CR17","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"192","DOI":"10.1007\/3-540-39799-X_16","volume-title":"Advances in Cryptology, Proceedings Crypto\u201985","author":"D. Chaum","year":"1985","unstructured":"D. Chaum, J.-H. Evertse, \u201cCryptanalysis of DES with a reduced number of rounds \u2014 sequences of linear factors in block ciphers,\u201d Advances in Cryptology, Proceedings Crypto\u201985, LNCS 218, H.C. Williams, Ed., Springer-Verlag, 1985, pp. 192\u2013211."},{"key":"4_CR18","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/BFb0052353","volume-title":"Fast Software Encryption","author":"C.S.K. Clapp","year":"1997","unstructured":"C.S.K. Clapp, \u201cOptimizing a fast stream cipher for VLIW, SIMD, and superscalar processors,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 273\u2013287."},{"issue":"10","key":"4_CR19","doi-asserted-by":"crossref","first-page":"49","DOI":"10.1109\/C-M.1981.220208","volume":"14","author":"D. Cohen","year":"1981","unstructured":"D. Cohen, \u201cOn holy wars and a plea for peace,\u201d IEEE Computer, Vol. 14, No. 10, October 1981, pp. 49\u201354.","journal-title":"IEEE Computer"},{"key":"4_CR20","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1147\/rd.402.0253","volume":"40","author":"D. Coppersmith","year":"1996","unstructured":"D. Coppersmith, D.B. Johnson, S.M. Matyas, \u201cA proposed mode for triple-DES encryption,\u201d IBM Journal of Research & Development, Vol. 40, 1996, pp. 253\u2013261.","journal-title":"IBM Journal of Research & Development"},{"key":"4_CR21","series-title":"Lect Notes Comput Sci","first-page":"545","volume-title":"Advances in Cryptology, Proceedings Crypto\u201990","author":"T. W. Cusick","year":"1991","unstructured":"T. W. Cusick, M. C. Wood, \u201cThe REDOC-II cryptosystem,\u201d Advances in Cryptology, Proceedings Crypto\u201990, LNCS 537, S. Vanstone, Ed., Springer-Verlag, 1991, pp. 545\u2013563."},{"key":"4_CR22","unstructured":"J. Daemen, \u201cCipher and Hash Function Design. Strategies Based on Linear and Differential Cryptanalysis,\u201d Doctoral Dissertation, Katholieke Universiteit Leuven, 1995."},{"key":"4_CR23","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1007\/3-540-48285-7_14","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201993","author":"J. Daemen","year":"1994","unstructured":"J. Daemen, R. Govaerts, J. Vandewalle, \u201cResynchronization weaknesses in synchronous stream ciphers,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201993, LNCS 765, T. Helleseth, Ed., Springer-Verlag, 1994, pp. 159\u2013169."},{"key":"4_CR24","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1007\/3-540-58108-1_2","volume-title":"Fast Software Encryption","author":"J. Daemen","year":"1994","unstructured":"J. Daemen, R. Govaerts, J. Vandewalle, \u201cA new approach to block cipher design,\u201d Fast Software Encryption, LNCS 809, R. Anderson, Ed., Springer-Verlag, 1994, pp. 18\u201332."},{"key":"4_CR25","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/BFb0052343","volume-title":"Fast Software Encryption","author":"J. Daemen","year":"1997","unstructured":"J. Daemen, L.R. Knudsen, V. Rijmen, \u201cThe block cipher Square,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 149\u2013165."},{"issue":"10","key":"4_CR26","first-page":"54","volume":"22","author":"J. Daemen","year":"1997","unstructured":"J. Daemen, L.R. Knudsen, V. Rijmen, \u201cThe block cipher Square algorithm,\u201d Dr. Dobb\u2019s Journal, Vol. 22, No. 10, October 1997, pp. 54\u201357.","journal-title":"Dr. Dobb\u2019s Journal"},{"key":"4_CR27","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1007\/3-540-60865-6_44","volume-title":"Fast Software Encryption","author":"H. Dobbertin","year":"1996","unstructured":"H. Dobbertin, A. Bosselaers, B. Preneel, \u201cRIPEMD-160, a strengthened version of RIPEMD,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 71\u201382."},{"issue":"5","key":"4_CR28","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1038\/scientificamerican0573-15","volume":"228","author":"H. Feistel","year":"1973","unstructured":"H. Feistel, \u201cCryptography and computer privacy,\u201d Scientific American, Vol. 228, No. 5, May 1973, pp. 15\u201323.","journal-title":"Scientific American"},{"key":"4_CR29","unstructured":"FIPS 46, \u201cData Encryption Standard,\u201d Federal Information Processing Standard (FIPS), Publication 46, National Bureau of Standards, U.S. Department of Commerce, Washington D.C., January 1977."},{"key":"4_CR30","unstructured":"FIPS 180-1, \u201cSecure Hash Standard,\u201d Federal Information Processing Standard (FIPS), Publication 180-1, National Institute of Standards and Technology, US Department of Commerce, Washington D.C., April 1995."},{"key":"4_CR31","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"359","DOI":"10.1007\/3-540-48658-5_33","volume-title":"Advances in Cryptology, Proceedings Crypto\u201994","author":"H. Gilbert","year":"1994","unstructured":"H. Gilbert, P. Chauvaud, \u201cA chosen plaintext attack of the 16-round Khufu cryptosystem,\u201d Advances in Cryptology, Proceedings Crypto\u201994, LNCS 839, Y. Desmedt, Ed., Springer-Verlag, 1994, pp. 359\u2013368."},{"key":"4_CR32","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"226","DOI":"10.1007\/3-540-69053-0_16","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201997","author":"J. Goli\u0107","year":"1997","unstructured":"J. Goli\u0107, \u201cLinear statistical weakness of alleged RC4 keystream generator,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201997, LNCS 1233, W. Fumy, Ed., Springer-Verlag, 1997, pp. 226\u2013238."},{"key":"4_CR33","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1007\/BFb0052345","volume-title":"Fast Software Encryption","author":"S. Halevi","year":"1997","unstructured":"S. Halevi, H. Krawczyk, \u201cMMH: Software message authentication in the Gbit\/second rates,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 172\u2013189."},{"key":"4_CR34","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/BFb0052330","volume-title":"Fast Software Encryption","author":"H. Handschuh","year":"1997","unstructured":"H. Handschuh, H. Gilbert, \u201c\u03c72 Cryptanalysis of the SEAL encryption algorithm,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 1\u201312."},{"key":"4_CR35","unstructured":"ISO\/IEC 10116, \u201cInformation technology-Security techniques-Modes of operation of an n-bit block cipher algorithm,\u201d IS 10116, 1991."},{"key":"4_CR36","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1007\/BFb0052332","volume-title":"Fast Software Encryption","author":"T. Jakobsen","year":"1997","unstructured":"T. Jakobsen, L. Knudsen, \u201cThe interpolation attack on block ciphers,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 28\u201340."},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"B. S. Kaliski, \u201cThe MD2 Message-Digest algorithm,\u201d Request for Comments (RFC) 1319, Internet Activities Board, Internet Privacy Task Force, April 1992.","DOI":"10.17487\/rfc1319"},{"key":"4_CR38","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"237","DOI":"10.1007\/3-540-68697-5_19","volume-title":"Advances in Cryptology, Proceedings Crypto\u201996","author":"J. Kelsey","year":"1996","unstructured":"J. Kelsey, B. Schneier, D. Wagner, \u201cKey-schedule cryptanalysis of IDEA, G-DES, GOST, SAFER, and Triple-DES,\u201d Advances in Cryptology, Proceedings Crypto\u201996, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 237\u2013252."},{"key":"4_CR39","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"252","DOI":"10.1007\/3-540-68697-5_20","volume-title":"Advances in Cryptology, Proceedings Crypto\u201996","author":"J. Kilian","year":"1996","unstructured":"J. Kilian, P. Rogaway, \u201cHow to protect DES against exhaustive key search,\u201d Advances in Cryptology, Proceedings Crypto\u201996, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 252\u2013267."},{"key":"4_CR40","doi-asserted-by":"crossref","unstructured":"L.R. Knudsen, \u201cBlock ciphers-analysis, design and applications,\u201d PhD. Thesis, DAIMI PB 485, Aarhus University, 1994.","DOI":"10.7146\/dpb.v23i485.6978"},{"key":"4_CR41","unstructured":"L.R. Knudsen, \u201cBlock ciphers-a survey,\u201d This Volume, pp. 19\u201349."},{"key":"4_CR42","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"274","DOI":"10.1007\/3-540-44750-4_22","volume-title":"Advances in Cryptology, Proceedings Crypto\u201995","author":"L.R. Knudsen","year":"1995","unstructured":"L.R. Knudsen, \u201cA key-schedule weakness in SAFER-K64,\u201d Advances in Cryptology, Proceedings Crypto\u201995, LNCS 963, D. Coppersmith, Ed., Springer-Verlag, 1995, pp. 274\u2013286."},{"key":"4_CR43","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1007\/3-540-60865-6_38","volume-title":"Fast Software Encryption","author":"L.R. Knudsen","year":"1996","unstructured":"L.R. Knudsen, T.A. Berson, \u201cTruncated differentials of SAFER,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 15\u201326."},{"key":"4_CR44","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"216","DOI":"10.1007\/3-540-68697-5_17","volume-title":"Advances in Cryptology, Proceedings Crypto\u201996","author":"L.R. Knudsen","year":"1996","unstructured":"L.R. Knudsen, W. Meier, \u201cImproved differential attack on RC5,\u201d Advances in Cryptology, Proceedings Crypto\u201996, LNCS 1109, N. Koblitz, Ed., Springer-Verlag, 1996, pp. 216\u2013228."},{"key":"4_CR45","unstructured":"L.R. Knudsen, \u201cOn the security of Bear & Lion & ladder-DES,\u201d Presented at the rump session of the Fast Software Encryption Workshop, Haifa, Israel, January 20\u201322, 1997."},{"key":"4_CR46","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1007\/3-540-46416-6_2","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201991","author":"X. Lai","year":"1991","unstructured":"X. Lai, J.L. Massey, S. Murphy, \u201cMarkov ciphers and differential cryptanalysis,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201991, LNCS 547, D. W. Davies, Ed., Springer-Verlag, 1991, pp. 17\u201338."},{"issue":"4","key":"4_CR47","doi-asserted-by":"publisher","first-page":"51","DOI":"10.1109\/40.526925","volume":"16","author":"R. Lee","year":"1996","unstructured":"R. Lee, \u201cSubword parallelism with MAX-2,\u201d IEEE Micro, Vol. 16, No. 4, August 1996, pp. 51\u201359.","journal-title":"IEEE Micro"},{"key":"4_CR48","series-title":"Lect Notes Comput Sci","volume-title":"Selected Areas in Cryptography","author":"H. Lipmaa","year":"1999","unstructured":"H. Lipmaa, \u201cIDEA: A cipher for multimedia architectures?,\u201d Selected Areas in Cryptography, LNCS, Springer-Verlag, 199"},{"issue":"2","key":"4_CR49","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1137\/0217022","volume":"17","author":"M. Luby","year":"1988","unstructured":"M. Luby, C. Rackoff, \u201cHow to construct pseudorandom permutations from pseudorandom functions,\u201d SIAM Journal on Computing, Vol 17, No. 2, April 1988, pp. 373\u2013386.","journal-title":"SIAM Journal on Computing"},{"key":"4_CR50","series-title":"Lect Notes Comput Sci","first-page":"1","volume-title":"Fast Software Encryption","author":"J.L. Massey","year":"1994","unstructured":"J.L. Massey, \u201cSAFER-K64: A byte oriented block-ciphering algorithm,\u201d Fast Software Encryption, LNCS 890, R. Anderson, Ed., Springer-Verlag, 1994, pp. 1\u201317."},{"key":"4_CR51","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"212","DOI":"10.1007\/3-540-60590-8_17","volume-title":"Fast Software Encryption","author":"J.L. Massey","year":"1995","unstructured":"J.L. Massey, \u201cSAFER K-64: One year later,\u201d Fast Software Encryption, LNCS 1008, B. Preneel, Ed., Springer-Verlag, 1995, pp. 212\u2013241."},{"key":"4_CR52","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"386","DOI":"10.1007\/3-540-48285-7_33","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201993","author":"M. Matsui","year":"1994","unstructured":"M. Matsui, \u201cLinear cryptanalysis method for DES cipher,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201993, LNCS 765, T. Helleseth, Ed., Springer-Verlag, 1994, pp. 386\u2013397."},{"key":"4_CR53","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"54","DOI":"10.1007\/BFb0052334","volume-title":"Fast Software Encryption","author":"M. Matsui","year":"1997","unstructured":"M. Matsui, \u201cNew block encryption algorithm MISTY,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 54\u201368."},{"key":"4_CR54","unstructured":"A.J. Menezes, P.C. van Oorschot, S.A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1997."},{"key":"4_CR55","volume-title":"Secrecy, Authentication, and Public Key Systems","author":"R.C. Merkle","year":"1979","unstructured":"R.C. Merkle, Secrecy, Authentication, and Public Key Systems, UMI Research Press, Ann Arbor, Michigan, 1979."},{"key":"4_CR56","series-title":"Lect Notes Comput Sci","first-page":"476","volume-title":"Advances in Cryptology, Proceedings Crypto\u201990","author":"R. Merkle","year":"1991","unstructured":"R. Merkle, \u201cFast software encryption functions,\u201d Advances in Cryptology, Proceedings Crypto\u201990, LNCS 537, S. Vanstone, Ed., Springer-Verlag, 1991, pp. 476\u2013501."},{"issue":"1","key":"4_CR57","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/BF00203968","volume":"3","author":"R. Merkle","year":"1990","unstructured":"R. Merkle, \u201cA fast software one-way hash function,\u201d Journal of Cryptology, Vol. 3, No. 1, 1990, pp. 43\u201358.","journal-title":"Journal of Cryptology"},{"key":"4_CR58","unstructured":"\u201cMIPS extension for digital media with 3D,\u201d MIPS Technologies, Inc., March 12, 1997."},{"key":"4_CR59","series-title":"Lect Notes Comput Sci","first-page":"627","volume-title":"Advances in Cryptology, Proceedings Crypto\u201990","author":"S. Miyaguchi","year":"1991","unstructured":"S. Miyaguchi, \u201cThe FEAL cipher family,\u201d Advances in Cryptology, Proceedings Crypto\u201990, LNCS 537, S. Vanstone, Ed., Springer-Verlag, 1991, pp. 627\u2013638."},{"key":"4_CR60","unstructured":"S. Moriai, K. Aoki, K. Ohta, \u201cThe best linear expression search of FEAL,\u201d IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E79-A, No. 1, January 1996."},{"key":"4_CR61","doi-asserted-by":"crossref","unstructured":"M. Naor, O. Reingold, \u201cOn the construction of pseudo-random permutations: Luby-Rackoff revisited,\u201d Security in Communication Networks, Amalfi (I), September 16\u201317, 1996.","DOI":"10.1145\/258533.258581"},{"issue":"1","key":"4_CR62","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/BF00204800","volume":"8","author":"K. Nyberg","year":"1995","unstructured":"K. Nyberg, L.R. Knudsen, \u201cProvable security against a differential attack,\u201d Journal of Cryptology, Vol. 8, No. 1, 1995, pp. 27\u201338.","journal-title":"Journal of Cryptology"},{"key":"4_CR63","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1007\/BFb0034838","volume-title":"Advances in Cryptology, Proceedings Asiacrypt\u201996","author":"K. Nyberg","year":"1996","unstructured":"K. Nyberg, \u201cGeneralized Feistel networks,\u201d Advances in Cryptology, Proceedings Asiacrypt\u201996, LNCS 1163, K. Kim and T. Matsumoto, Eds., Springer-Verlag, 1996, pp. 91\u2013104."},{"issue":"4","key":"4_CR64","doi-asserted-by":"publisher","first-page":"42","DOI":"10.1109\/40.526924","volume":"16","author":"A. Peleg","year":"1996","unstructured":"A. Peleg, U. Weiser, \u201cMMX technology extension to the Intel architecture,\u201d IEEE Micro, Vol. 16, No. 4, August 1996, pp. 42\u201350.","journal-title":"IEEE Micro"},{"key":"4_CR65","unstructured":"B. Preneel, \u201cHash functions and MACs: state of the art,\u201d This Volume, pp. 50\u2013105."},{"key":"4_CR66","unstructured":"V. Rijmen, \u201cCryptanalysis and design of iterated block ciphers,\u201d Doctoral Dissertation, Katholieke Universiteit Leuven, 1997."},{"key":"4_CR67","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1007\/3-540-60865-6_47","volume-title":"Fast Software Encryption","author":"V. Rijmen","year":"1996","unstructured":"V. Rijmen, J. Daemen, B. Preneel, A. Bosselaers, E. De Win, \u201cThe cipher SHARK,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 99\u2013111."},{"key":"4_CR68","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"139","DOI":"10.1007\/BFb0052342","volume-title":"Fast Software Encryption","author":"V. Rijmen","year":"1997","unstructured":"V. Rijmen, B. Preneel, \u201cA family of trapdoor ciphers,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 139\u2013148."},{"issue":"3","key":"4_CR69","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1023\/A:1008224928678","volume":"12","author":"V. Rijmen","year":"1997","unstructured":"V. Rijmen, B. Preneel, E. De Win, \u201cOn weaknesses of non-surjective round functions,\u201d Designs, Codes, and Cryptography, Vol. 12, No. 3, November 1997, pp. 251\u2013264.","journal-title":"Designs, Codes, and Cryptography"},{"key":"4_CR70","doi-asserted-by":"crossref","unstructured":"R.L. Rivest, \u201cThe MD4 message-digest algorithm,\u201d Request for Comments (RFC) 1320, Internet Activities Board, Internet Privacy Task Force, April 1992.","DOI":"10.17487\/rfc1320"},{"key":"4_CR71","doi-asserted-by":"crossref","unstructured":"R.L. Rivest, \u201cThe MD5 message-digest algorithm,\u201d Request for Comments (RFC) 1321, Internet Activities Board, Internet Privacy Task Force, April 1992.","DOI":"10.17487\/rfc1321"},{"key":"4_CR72","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"86","DOI":"10.1007\/3-540-60590-8_7","volume-title":"Fast Software Encryption","author":"R.L. Rivest","year":"1995","unstructured":"R.L. Rivest, \u201cThe RC5 encryption algorithm,\u201d Fast Software Encryption, LNCS 1008, B. Preneel, Ed., Springer-Verlag, 1995, pp. 86\u201396."},{"key":"4_CR73","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"210","DOI":"10.1007\/BFb0052348","volume-title":"Fast Software Encryption","author":"R.L. Rivest","year":"1997","unstructured":"R.L. Rivest, \u201cAll-or-nothing encryption and the package transform,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 210\u2013218."},{"key":"4_CR74","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"56","DOI":"10.1007\/3-540-58108-1_8","volume-title":"Fast Software Encryption","author":"Ph. Rogaway","year":"1994","unstructured":"Ph. Rogaway, D. Coppersmith, \u201cA software-optimized encryption algorithm,\u201d Fast Software Encryption, LNCS 809, R. Anderson, Ed., Springer-Verlag, 1994, pp. 56\u201363."},{"key":"4_CR75","unstructured":"Ph. Rogaway, D. Coppersmith, \u201cA software-optimized encryption algorithm,\u201d Journal of Cryptology, to appear. Available from http:\/\/www.cs.ucdavis.edu\/~rogaway\/papers\/seal.ps ."},{"key":"4_CR76","unstructured":"A. Roos, \u201cA class of weak keys in the RC4 stream cipher,\u201d preliminary draft, 1996."},{"key":"4_CR77","unstructured":"P. Rubinfeld, B. Rose, M. McCallig, \u201cMotion Video Instruction Extensions for Alpha,\u201d Digital Equipment Corporation, October 18, 1996."},{"key":"4_CR78","unstructured":"R.A. Rueppel, \u201cStream ciphers,\u201d in \u201cContemporary Cryptology: The Science of Information Integrity,\u201d G.J. Simmons, Ed., IEEE Press, 1991, pp. 65\u2013134."},{"key":"4_CR79","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"114","DOI":"10.1007\/BFb0052340","volume-title":"Fast Software Encryption","author":"K. Sakurai","year":"1997","unstructured":"K. Sakurai, S. Furuya, \u201cImproving linear cryptanalysis of LOKI91 by probabilistic counting method,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 114\u2013133."},{"key":"4_CR80","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"191","DOI":"10.1007\/3-540-58108-1_24","volume-title":"Fast Software Encryption","author":"B. Schneier","year":"1994","unstructured":"B. Schneier, \u201cDescription of a new variable-length key, 64-bit block cipher (Blowfish),\u201d Fast Software Encryption, LNCS 809, R. Anderson, Ed., Springer-Verlag, 1994, pp. 191\u2013204."},{"key":"4_CR81","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"121","DOI":"10.1007\/3-540-60865-6_49","volume-title":"Fast Software Encryption","author":"B. Schneier","year":"1996","unstructured":"B. Schneier, J. Kelsey, \u201cUnbalanced Feistel networks and block cipher design,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 121\u2013144."},{"key":"4_CR82","series-title":"Lect Notes Comput Sci","doi-asserted-by":"publisher","first-page":"242","DOI":"10.1007\/BFb0052351","volume-title":"Fast Software Encryption","author":"B. Schneier","year":"1997","unstructured":"B. Schneier, D. Whiting, \u201cFast software encryption: designing encryption algorithms for optimal software speed on the Intel Pentium processor,\u201d Fast Software Encryption, LNCS 1267, E. Biham, Ed., Springer-Verlag, 1997, pp. 242\u2013259."},{"issue":"4","key":"4_CR83","doi-asserted-by":"crossref","first-page":"656","DOI":"10.1002\/j.1538-7305.1949.tb00928.x","volume":"28","author":"C.E. Shannon","year":"1949","unstructured":"C.E. Shannon, \u201cCommunication theory of secrecy systems,\u201d Bell System Technical Journal, Vol. 28, No. 4, 1949, pp. 656\u2013715.","journal-title":"Bell System Technical Journal"},{"key":"4_CR84","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"267","DOI":"10.1007\/3-540-39118-5_24","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201987","author":"A. Shimizu","year":"1988","unstructured":"A. Shimizu, S. Miyaguchi, \u201cFast data encipherment algorithm FEAL,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201987, LNCS 304, D. Chaum and W.L. Price, Eds., Springer-Verlag, 1988, pp. 267\u2013278."},{"key":"4_CR85","volume-title":"Hot Chips VIII Conference","author":"G.A. Slavenburg","year":"1996","unstructured":"G.A. Slavenburg, S. Rathnam, H. Dijkstra, \u201cThe Trimedia TM-1 PCI VLIW media processor,\u201d Hot Chips VIII Conference, Stanford University, Palo Alto, CA, 1996."},{"issue":"4","key":"4_CR86","doi-asserted-by":"publisher","first-page":"10","DOI":"10.1109\/40.526921","volume":"16","author":"M. Tremblay","year":"1996","unstructured":"M. Tremblay, J.M. O\u2019Connor, V. Narayanan, L. He, \u201cVIS speeds new media processing,\u201d IEEE Micro, Vol. 16, No. 4, August 1996, pp. 10\u201320.","journal-title":"IEEE Micro"},{"key":"4_CR87","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/MSPEC.1979.6368160","volume":"16","author":"W. Tuchman","year":"1979","unstructured":"W. Tuchman, \u201cHellman presents no shortcut solutions to DES,\u201d IEEE Spectrum, Vol. 16, No. 7, July 1979, pp. 40\u201341.","journal-title":"IEEE Spectrum"},{"key":"4_CR88","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"318","DOI":"10.1007\/3-540-46877-3_29","volume-title":"Advances in Cryptology, Proceedings Eurocrypt\u201990","author":"P.C. Oorschot van","year":"1991","unstructured":"P.C. van Oorschot, M. Wiener, \u201cA known-plaintext attack on two-key triple encryption,\u201d Advances in Cryptology, Proceedings Eurocrypt\u201990, LNCS 473, I.B. Damg\u00e5rd, Ed., Springer-Verlag, 1991, pp. 318\u2013325."},{"key":"4_CR89","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1007\/3-540-60865-6_39","volume-title":"Fast Software Encryption","author":"S. Vaudenay","year":"1996","unstructured":"S. Vaudenay, \u201cOn the weak keys of Blowfish,\u201d Fast Software Encryption, LNCS 1039, D. Gollmann, Ed., Springer-Verlag, 1996, pp. 27\u201332."},{"key":"4_CR90","series-title":"Lect Notes Comput Sci","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1007\/3-540-58108-1_16","volume-title":"Fast Software Encryption","author":"D.J. Wheeler","year":"1994","unstructured":"D.J. Wheeler, \u201cA bulk data encryption algorithm,\u201d Fast Software Encryption, LNCS 809, R. Anderson, Ed., Springer-Verlag, 1994, pp. 127\u2013134."},{"key":"4_CR91","unstructured":"D. Whiting, personal communication, May 1997."},{"key":"4_CR92","volume-title":"Technical Report TR-244","author":"M.J. Wiener","year":"1994","unstructured":"M.J. Wiener, \u201cEfficient DES key search,\u201d Technical Report TR-244, School of Computer Science, Carleton University, Ottawa, Canada, May 1994. Presented at the rump session of Crypto\u201993 and reprinted in W. Stallings, Practical Cryptography for Data Internetworks, IEEE Computer Society Press, 1996, pp. 31\u201379."}],"container-title":["Lecture Notes in Computer Science","State of the Art in Applied Cryptography"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-49248-8_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,3]],"date-time":"2019-05-03T22:20:35Z","timestamp":1556922035000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-49248-8_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1998]]},"ISBN":["9783540654742","9783540492481"],"references-count":92,"URL":"https:\/\/doi.org\/10.1007\/3-540-49248-8_4","relation":{},"ISSN":["0302-9743"],"issn-type":[{"type":"print","value":"0302-9743"}],"subject":[],"published":{"date-parts":[[1998]]}}}