{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,23]],"date-time":"2026-01-23T10:37:20Z","timestamp":1769164640570,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":42,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540608653","type":"print"},{"value":"9783540496526","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1996]]},"DOI":"10.1007\/3-540-60865-6_49","type":"book-chapter","created":{"date-parts":[[2012,2,26]],"date-time":"2012-02-26T21:01:01Z","timestamp":1330290061000},"page":"121-144","source":"Crossref","is-referenced-by-count":94,"title":["Unbalanced Feistel networks and block cipher design"],"prefix":"10.1007","author":[{"given":"Bruce","family":"Schneier","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"John","family":"Kelsey","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2005,6,2]]},"reference":[{"key":"13_CR1","doi-asserted-by":"crossref","unstructured":"R. Anderson and E. Biham, \u201cTwo Practical and Provably Secure Block Ciphers: BEAR and LION,\u201d Proceedings of the Cambridge Algorithms Workshop, 1996, to appear.","DOI":"10.1007\/3-540-60865-6_48"},{"key":"13_CR2","unstructured":"C.M. Adams and S.E. Tavares, \u201cDesigning S-boxes for Ciphers Resistant to Differential Cryptanalysis,\u201d Proceedings of the 3rd Symposium on State and Progress of Research in Cryptography, Rome, Italy, 15\u201316 Feb 1993, pp. 181\u2013190."},{"key":"13_CR3","unstructured":"I. Ben-Aroya and E. Biham, \u201cDifferential Cryptanalysis of Lucifer,\u201d Advances in Cryptology \u2014CRYPTO '93 Proceedings, Spinger-Verlag, 1994."},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"E. Biham, \u201cOn Matsui's Linear Cryptanalysis,\u201d Advances in Cryptology \u2014 EUROCRYPT '94 Proceedings, Springer-Verlag, 1995, to appear.","DOI":"10.1007\/BFb0053449"},{"key":"13_CR5","unstructured":"G. Bhattacharyya and R. Johnson, Statistical Concepts and Methods, John Wiley and Sons, 1977."},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.","DOI":"10.1007\/978-1-4613-9314-6"},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"M. Blaze and B. Schneier, \u201cThe MacGuffin Block Cipher Algorithm,\u201d Fast Software Encryption, Second International Workshop Proceedings, Springer-Verlag, 1995, pp. 97\u2013110.","DOI":"10.1007\/3-540-60590-8_8"},{"key":"13_CR8","doi-asserted-by":"crossref","unstructured":"L. Brown, M. Kwan, J. Pieprzyk, and J. Seberry, \u201cImproving Resistance to Differential Cryptanalysis and the Redesign of LOKI,\u201d Advances in Cryptology \u2014 ASIACRYPT '91 Proceedings, Springer-Verlag, 1993, pp. 36\u201350.","DOI":"10.1007\/3-540-57332-1_3"},{"key":"13_CR9","unstructured":"G. Carter, E. Dawson, and L. Nielsen, \u201cDESV: A Latin Square Variation of DES,\u201d Proceedings of the Workshop on Selected Areas in Cryptography, Ottawa, Canada, 1995."},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"J. Daemen, R. Govaerts, and J. Vandewalle, \u201cA New Approach to Block Cipher Design,\u201d Fast Software Encryption, Cambridge Security Workshop Proceedings, Springer-Verlag, 1994, pp. 18\u201332.","DOI":"10.1007\/3-540-58108-1_2"},{"key":"13_CR11","unstructured":"J. Daemen, \u201cCipher and Hash Function Design,\u201d Ph.D Thesis, Katholieke Universiteit Leuven, Mar 95."},{"issue":"n.5","key":"13_CR12","doi-asserted-by":"crossref","first-page":"15","DOI":"10.1038\/scientificamerican0573-15","volume":"228","author":"H. Feistel","year":"1973","unstructured":"H. Feistel, \u201cCryptography and Computer Privacy,\u201d Scientific American, v. 228, n. 5, May 1973, pp. 15\u201323.","journal-title":"Scientific American"},{"key":"13_CR13","unstructured":"GOST, Gosudarstvennyi Standard 28147-89, \u201cCryptographic Protection for Data Processing Systems,\u201d Government Committee of the USSR for Standards, 1989."},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"C. Harpes, G. Kramer, J. Massey, \u201cA Generalization of Linear Cryptanalysis and the Applicability f Matsui's Piling-up Lemma,\u201d Advances in Cryptology \u2014 EUROCRYPT '95 Proceedings, Springer, 1995, pp. 24\u201338.","DOI":"10.1007\/3-540-49264-X_3"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"L.R. Knudsen, \u201cIterative Characteristics of DES and s2 DES,\u201d Advances in Cryptology \u2014 CRYPTO '92, Springer-Verlag, 1993, pp. 497\u2013511.","DOI":"10.1007\/3-540-48071-4_35"},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"L.R. Knudsen, \u201cBlock Ciphers \u2014 Analysis, Design, Applications,\u201d Ph.D. dissertation, Aarhus University, Nov 1994.","DOI":"10.7146\/dpb.v23i485.6978"},{"key":"13_CR17","doi-asserted-by":"crossref","unstructured":"L.R. Knudsen, \u201cPractically Secure Feistel Ciphers,\u201d Fast Software Encryption, Cambridge Security Workshop Proceedings, Springer-Verlag, 1994, pp. 211\u2013221.","DOI":"10.1007\/3-540-58108-1_26"},{"key":"13_CR18","unstructured":"L.R. Knudsen, personal communication."},{"key":"13_CR19","unstructured":"R.C. Merkle, \u201cFast Software Encryption Functions,\u201d Advances in Cryptology \u2014 CRYPTO '90 Proceedings, Springer-Verlag, 1991, pp. 476\u2013501."},{"key":"13_CR20","unstructured":"National Bureau of Standards, NBS FIPS PUB 46, \u201cData Encryption Standard,\u201d National Bureau of Standards, U.S. Department of Commerce, Jan 1977."},{"key":"13_CR21","unstructured":"National Institute of Standards and Technology, NIST FIPS PUB 180, \u201cSecure Hash Standard,\u201d U.S. Department of Commerce, May 93."},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"K. Nyberg, \u201cPerfect Nonlinear S-boxes,\u201d Advances in Cryptology \u2014 EUROCRYPT '91 Proceedings, Springer-Verlag, 1991, pp. 378\u2013386.","DOI":"10.1007\/3-540-46416-6_32"},{"key":"13_CR23","doi-asserted-by":"crossref","unstructured":"K. Nyberg, \u201cOn the Construction of Highly Nonlinear Permutations,\u201d Advances in Cryptology \u2014 EUROCRYPT '92 Proceedings, Springer-Verlag, 1993, pp. 92\u201398.","DOI":"10.1007\/3-540-47555-9_8"},{"key":"13_CR24","doi-asserted-by":"crossref","unstructured":"K. Nyberg, \u201cDifferentially Uniform Mappings for Cryptography,\u201d Advances in Cryptology \u2014 EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 55\u201364.","DOI":"10.1007\/3-540-48285-7_6"},{"issue":"n.1","key":"13_CR25","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1007\/BF00204800","volume":"8","author":"K. Nyberg","year":"1995","unstructured":"K. Nyberg and L.R. Knudsen, \u201cProvable Security Against Differential Cryptanalysis,\u201d Journal of Cryptology, v. 8, n. 1, 1995, pp. 27\u201337.","journal-title":"Journal of Cryptology"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"L. O'Connor, \u201cEnumerating Nondegenerate Permutations,\u201d Advances in Cryptology \u2014 EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 368\u2013377.","DOI":"10.1007\/3-540-46416-6_31"},{"key":"13_CR27","doi-asserted-by":"crossref","unstructured":"L. O'Connor, \u201cOn the Distribution of Characteristics in Bijective Mappings,\u201d Advances in Cryptology \u2014 EUROCRYPT '93 Proceedings, Springer-Verlag, 1994, pp. 360\u2013370.","DOI":"10.1007\/3-540-48285-7_31"},{"key":"13_CR28","doi-asserted-by":"crossref","unstructured":"L. O'Connor, \u201cOn the Distribution of Characteristics in Composite Permutations,\u201d Advances in Cryptology \u2014 CRYPTO '93 Proceedings, Springer-Verlag, 1994, pp. 403\u2013412.","DOI":"10.1007\/3-540-48329-2_34"},{"key":"13_CR29","doi-asserted-by":"crossref","unstructured":"B. Preneel and V. Rijmen, \u201cCryptanalysis of MacGuffin,\u201d Fast Software Encryption, Second International Workshop Proceedings, Springer-Verlag, 1995, pp. 353\u2013358.","DOI":"10.1007\/3-540-60590-8_27"},{"key":"13_CR30","unstructured":"Research and Development in Advanced Communication Technologies in Europe, RIPE Integrity Primitives: Final Report of RACE Integrity Primitives Evaluation (R1040), RACE, June 1992."},{"key":"13_CR31","doi-asserted-by":"crossref","unstructured":"R.L. Rivest, \u201cThe MD4 Message Digest Algorithm,\u201d Advances in Cryptology \u2014 CRYPTO '90 Proceedings, Springer-Verlag, 1991, pp. 303\u2013311.","DOI":"10.1007\/3-540-38424-3_22"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"R.L. Rivest, \u201cThe MD5 Message Digest Algorithm,\u201d RFC 1321, Apr 1992.","DOI":"10.17487\/rfc1321"},{"key":"13_CR33","doi-asserted-by":"crossref","unstructured":"R.L. Rivest, \u201cThe RC5 Encryption Algorithm,\u201d Fast Software Encryption, Second International Workshop Proceedings, Springer-Verlag, 1995, pp. 86\u201396.","DOI":"10.1007\/3-540-60590-8_7"},{"key":"13_CR34","unstructured":"I. Schaumuller-Bichl, \u201cOn the Design and Analysis of New Cipher Systems Related to the DES,\u201d Technical Report, Linz University, 1983."},{"key":"13_CR35","unstructured":"B. Schneier, Applied Cryptography, Second Edition, John Wiley & Sons, 1996."},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"B. Schneier, \u201cDescription of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish),\u201d Fast Software Encryption, Cambridge Security Workshop Proceedings, Springer-Verlag, 1994, pp. 191\u2013204.","DOI":"10.1007\/3-540-58108-1_24"},{"issue":"n.4","key":"13_CR37","doi-asserted-by":"crossref","first-page":"379","DOI":"10.1002\/j.1538-7305.1948.tb01338.x","volume":"27","author":"C.E. Shannon","year":"1948","unstructured":"C.E. Shannon, \u201cCommunication Theory of Secrecy Systems,\u201d Bell Systems Technical Journal, v. 27, n. 4, 1948, pp. 379\u2013423.","journal-title":"Bell Systems Technical Journal"},{"key":"13_CR38","doi-asserted-by":"crossref","unstructured":"A. Shimizu and S. Miyaguchi, \u201cFast Data Encipherment Algorithm FEAL,\u201d Advances in Cryptology \u2014 EUROCRYPT '87 Proceedings, Springer-Verlag, 1988, pp. 267\u2013278.","DOI":"10.1007\/3-540-39118-5_24"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"S. Vaudenay, \u201cOn the Weak Keys in Blowfish,\u201d Proceedings of the Cambridge Algorithms Workshop, 1996, to appear.","DOI":"10.1007\/3-540-60865-6_39"},{"key":"13_CR40","unstructured":"D. Wagner, personal communication."},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"R.S. Winternitz, \u201cProducing One-Way Hash Functions from DES,\u201d Advances in Cryptology: Proceedings of Crypto 83, Plenum Press, 1984, pp. 203\u2013207.","DOI":"10.1007\/978-1-4684-4730-9_17"},{"key":"13_CR42","doi-asserted-by":"crossref","unstructured":"Y. Zheng, J. Pieprzyk, and J. Seberry, \u201cHAVAL \u2014 A One-Way Hashing Algorithm with Variable Length of Output,\u201d Advances in Cryptology \u2014 AUSCRYPT '92 Proceedings, Springer-Verlag, 1993, pp. 83\u2013104","DOI":"10.1007\/3-540-57220-1_54"}],"container-title":["Lecture Notes in Computer Science","Fast Software Encryption"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/3-540-60865-6_49.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,17]],"date-time":"2020-11-17T21:02:14Z","timestamp":1605646934000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/3-540-60865-6_49"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1996]]},"ISBN":["9783540608653","9783540496526"],"references-count":42,"URL":"https:\/\/doi.org\/10.1007\/3-540-60865-6_49","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[1996]]}}}