{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,4]],"date-time":"2026-02-04T16:39:15Z","timestamp":1770223155866,"version":"3.49.0"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030778699","type":"print"},{"value":"9783030778705","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-77870-5_25","type":"book-chapter","created":{"date-parts":[[2021,6,15]],"date-time":"2021-06-15T23:11:50Z","timestamp":1623798710000},"page":"711-740","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":31,"title":["Improved Linear Approximations to ARX Ciphers and Attacks Against ChaCha"],"prefix":"10.1007","author":[{"given":"Murilo","family":"Coutinho","sequence":"first","affiliation":[]},{"given":"Tertuliano C.","family":"Souza Neto","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,6,16]]},"reference":[{"key":"25_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"470","DOI":"10.1007\/978-3-540-71039-4_30","volume-title":"Fast Software Encryption","author":"J-P Aumasson","year":"2008","unstructured":"Aumasson, J.-P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of Latin dances: analysis of Salsa, ChaCha, and Rumba. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 470\u2013488. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-71039-4_30"},{"key":"25_CR2","unstructured":"Aumasson, J.P., Henzen, L., Meier, W., Phan, R.C.W.: SHA-3 proposal blake. Submission to NIST 92 (2008)"},{"key":"25_CR3","doi-asserted-by":"crossref","unstructured":"Beierle, C., et al.: Schwaemm and Esch: lightweight authenticated encryption and hashing using the Sparkle permutation family (2019)","DOI":"10.46586\/tosc.v2020.iS1.208-261"},{"key":"25_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/978-3-030-56877-1_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2020","author":"C Beierle","year":"2020","unstructured":"Beierle, C., Leander, G., Todo, Y.: Improved differential-linear attacks with applications to ARX ciphers. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 329\u2013358. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-56877-1_12"},{"key":"25_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/11502760_3","volume-title":"Fast Software Encryption","author":"DJ Bernstein","year":"2005","unstructured":"Bernstein, D.J.: The poly1305-AES message-authentication code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32\u201349. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11502760_3"},{"key":"25_CR6","unstructured":"Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC, vol. 8, 3\u20135 (2008)"},{"key":"25_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"84","DOI":"10.1007\/978-3-540-68351-3_8","volume-title":"New Stream Cipher Designs","author":"DJ Bernstein","year":"2008","unstructured":"Bernstein, D.J.: The Salsa20 family of stream ciphers. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 84\u201397. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-68351-3_8"},{"issue":"3","key":"25_CR8","doi-asserted-by":"publisher","first-page":"859","DOI":"10.1007\/s00145-016-9237-5","volume":"30","author":"C Blondeau","year":"2016","unstructured":"Blondeau, C., Leander, G., Nyberg, K.: Differential-linear cryptanalysis revisited. J. Cryptol. 30(3), 859\u2013888 (2016). https:\/\/doi.org\/10.1007\/s00145-016-9237-5","journal-title":"J. Cryptol."},{"key":"25_CR9","doi-asserted-by":"crossref","unstructured":"Choudhuri, A.R., Maitra, S.: Significantly improved multi-bit differentials for reduced round Salsa and Chacha. IACR Transa. Symmetric Cryptol. 261\u2013287 (2016)","DOI":"10.46586\/tosc.v2016.i2.261-287"},{"key":"25_CR10","unstructured":"Coutinho, M., Neto, T.S.: New multi-bit differentials to improve attacks against ChaCha. IACR Cryptology ePrint Archive 2020, 350 (2020)"},{"key":"25_CR11","unstructured":"Crowley, P.: Truncated differential cryptanalysis of five rounds of Salsa20. In: The State of the Art of Stream Ciphers SASC 2006, pp. 198\u2013202 (2006)"},{"issue":"4","key":"25_CR12","doi-asserted-by":"publisher","first-page":"689","DOI":"10.3934\/amc.2019041","volume":"13","author":"S Dey","year":"2019","unstructured":"Dey, S., Roy, T., Sarkar, S.: Revisiting design principles of Salsa and ChaCha. Adv. Math. Commun. 13(4), 689 (2019)","journal-title":"Adv. Math. Commun."},{"key":"25_CR13","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1016\/j.dam.2017.04.034","volume":"227","author":"S Dey","year":"2017","unstructured":"Dey, S., Sarkar, S.: Improved analysis for reduced round Salsa and Chacha. Discrete Appl. Math. 227, 58\u201369 (2017)","journal-title":"Discrete Appl. Math."},{"key":"25_CR14","doi-asserted-by":"publisher","first-page":"30197","DOI":"10.1109\/ACCESS.2019.2892647","volume":"7","author":"L Ding","year":"2019","unstructured":"Ding, L.: Improved related-cipher attack on Salsa20 stream cipher. IEEE Access 7, 30197\u201330202 (2019)","journal-title":"IEEE Access"},{"key":"25_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"484","DOI":"10.1007\/978-3-662-53887-6_18","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"D Dinu","year":"2016","unstructured":"Dinu, D., Perrin, L., Udovenko, A., Velichkov, V., Gro\u00dfsch\u00e4dl, J., Biryukov, A.: Design strategies for ARX with provable bounds: Sparx and LAX. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 484\u2013513. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_18"},{"key":"25_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1007\/11941378_2","volume-title":"Progress in Cryptology - INDOCRYPT 2006","author":"S Fischer","year":"2006","unstructured":"Fischer, S., Meier, W., Berbain, C., Biasse, J.-F., Robshaw, M.J.B.: Non-randomness in eSTREAM Candidates Salsa20 and TSC-4. In: Barua, R., Lange, T. (eds.) INDOCRYPT 2006. LNCS, vol. 4329, pp. 2\u201316. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11941378_2"},{"key":"25_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"462","DOI":"10.1007\/978-3-540-71039-4_29","volume-title":"Fast Software Encryption","author":"JC Hernandez-Castro","year":"2008","unstructured":"Hernandez-Castro, J.C., Tapiador, J.M.E., Quisquater, J.-J.: On the Salsa20 core function. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 462\u2013469. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-71039-4_29"},{"key":"25_CR18","unstructured":"IANIX: ChaCha usage & deployment (2020). https:\/\/ianix.com\/pub\/chacha-deployment.html. Accessed 13 Jan 2020"},{"key":"25_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"255","DOI":"10.1007\/978-3-642-25243-3_21","volume-title":"Information and Communications Security","author":"T Ishiguro","year":"2011","unstructured":"Ishiguro, T., Kiyomoto, S., Miyake, Y.: Latin dances revisited: new analytic results of Salsa20 and ChaCha. In: Qing, S., Susilo, W., Wang, G., Liu, D. (eds.) ICICS 2011. LNCS, vol. 7043, pp. 255\u2013266. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25243-3_21"},{"key":"25_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/3-540-48658-5_3","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201994","author":"SK Langford","year":"1994","unstructured":"Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17\u201325. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48658-5_3"},{"key":"25_CR21","doi-asserted-by":"crossref","unstructured":"Langley, A., Chang, W., Mavrogiannopoulos, N., Strombergson, J., Josefsson, S.: ChaCha20-Poly1305 cipher suites for transport layer security (TLS). RFC 7905 (10) (2016)","DOI":"10.17487\/RFC7905"},{"key":"25_CR22","unstructured":"Maitra, S., Paul, G., Meier, W.: Salsa20 cryptanalysis: new moves and revisiting old styles. In: The Ninth International Workshop on Coding and Cryptography (2015)"},{"key":"25_CR23","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1016\/j.dam.2016.02.020","volume":"208","author":"S Maitra","year":"2016","unstructured":"Maitra, S.: Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discrete Appl. Math. 208, 88\u201397 (2016)","journal-title":"Discrete Appl. Math."},{"key":"25_CR24","unstructured":"Mouha, N., Preneel, B.: A proof that the ARX cipher Salsa20 is secure against differential cryptanalysis. IACR Cryptology ePrint Archive 2013, 328 (2013)"},{"key":"25_CR25","unstructured":"Muller, S.: Documentation and analysis of the Linux random number generator - federal office for information security (Germany\u2019s) (2019). https:\/\/www.bsi.bund.de\/SharedDocs\/Downloads\/EN\/BSI\/Publications\/Studies\/LinuxRNG\/LinuxRNG_EN.pdf;jsessionid=6B0F8D7795B80F5EADA3DB3DB3E4043B.1_cid360?__blob=publicationFile&v=19"},{"key":"25_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-68351-3","volume-title":"New Stream Cipher Designs","year":"2008","unstructured":"Robshaw, M., Billet, O. (eds.): New Stream Cipher Designs. LNCS, vol. 4986. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-68351-3"},{"key":"25_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1007\/978-3-642-37682-5_24","volume-title":"Information Security and Cryptology \u2013 ICISC 2012","author":"Z Shi","year":"2013","unstructured":"Shi, Z., Zhang, B., Feng, D., Wu, W.: Improved key recovery attacks on reduced-round Salsa20 and ChaCha. In: Kwon, T., Lee, M.-K., Kwon, D. (eds.) ICISC 2012. LNCS, vol. 7839, pp. 337\u2013351. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-37682-5_24"},{"key":"25_CR28","unstructured":"Torvalds, L.: Linux kernel source tree (2016). https:\/\/git.kernel.org\/pub\/scm\/linux\/kernel\/git\/torvalds\/linux.git\/commit\/?id=818e607b57c94ade9824dad63a96c2ea6b21baf3"},{"key":"25_CR29","unstructured":"Tsunoo, Y., Saito, T., Kubo, H., Suzaki, T., Nakashima, H.: Differential cryptanalysis of Salsa20\/8. In: Workshop Record of SASC, vol. 28 (2007)"},{"key":"25_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1007\/978-3-540-39887-5_20","volume-title":"Fast Software Encryption","author":"J Wall\u00e9n","year":"2003","unstructured":"Wall\u00e9n, J.: Linear approximations of addition modulo 2n. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 261\u2013273. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-39887-5_20"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2021"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-77870-5_25","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,6,16]],"date-time":"2024-06-16T00:14:02Z","timestamp":1718496842000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-77870-5_25"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030778699","9783030778705"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-77870-5_25","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"16 June 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zagreb","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Croatia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"17 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"21 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"40","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2021\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"400","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"78","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"at least 3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}