{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T08:12:59Z","timestamp":1771488779210,"version":"3.50.1"},"publisher-location":"Cham","reference-count":64,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031229626","type":"print"},{"value":"9783031229633","type":"electronic"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-22963-3_10","type":"book-chapter","created":{"date-parts":[[2023,1,24]],"date-time":"2023-01-24T11:48:42Z","timestamp":1674560922000},"page":"287-317","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Mind the TWEAKEY Schedule: Cryptanalysis on SKINNYe-64-256"],"prefix":"10.1007","author":[{"given":"Lingyue","family":"Qin","sequence":"first","affiliation":[]},{"given":"Xiaoyang","family":"Dong","sequence":"additional","affiliation":[]},{"given":"Anyu","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Jialiang","family":"Hua","sequence":"additional","affiliation":[]},{"given":"Xiaoyun","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,1,25]]},"reference":[{"key":"10_CR1","unstructured":"Adomnicai, A.: Lilliput-AE: a new lightweight tweakable block cipher for authenticated encryption with associated data. Submission to NIST Lightweight Cryptography Project (2019)"},{"key":"10_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"191","DOI":"10.1007\/978-3-662-53887-6_7","volume-title":"Advances in Cryptology","author":"M Albrecht","year":"2016","unstructured":"Albrecht, M., Grassi, L., Rechberger, C., Roy, A., Tiessen, T.: MiMC: efficient encryption and cryptographic hashing with minimal multiplicative complexity. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 191\u2013219. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_7"},{"key":"10_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"430","DOI":"10.1007\/978-3-662-46800-5_17","volume-title":"Advances in Cryptology","author":"MR Albrecht","year":"2015","unstructured":"Albrecht, M.R., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 430\u2013454. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_17"},{"key":"10_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1007\/978-3-319-61204-1_11","volume-title":"Applied Cryptography and Network Security","author":"R Ankele","year":"2017","unstructured":"Ankele, R., et al.: Related-key impossible-differential attack on\u00a0reduced-round Skinny. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 208\u2013228. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-61204-1_11"},{"key":"10_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/978-3-642-04159-4_7","volume-title":"Selected Areas in Cryptography","author":"K Aoki","year":"2009","unstructured":"Aoki, K., Sasaki, Yu.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 103\u2013119. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04159-4_7"},{"key":"10_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-319-66787-4_16","volume-title":"Cryptographic Hardware and Embedded Systems","author":"S Banik","year":"2017","unstructured":"Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Yu., Sim, S.M., Todo, Y.: GIFT: a small present. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 321\u2013345. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_16"},{"key":"10_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"771","DOI":"10.1007\/978-3-030-77870-5_27","volume-title":"Advances in Cryptology","author":"Z Bao","year":"2021","unstructured":"Bao, Z., Dong, X., Guo, J., Li, Z., Shi, D., Sun, S., Wang, X.: Automatic search of meet-in-the-middle preimage attacks on AES-like hashing. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 771\u2013804. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77870-5_27"},{"key":"10_CR8","doi-asserted-by":"publisher","unstructured":"Bao, Z., Guo, J., Shi, D., Tu, Y.: Superposition meet-in-the-middle attacks: updates on fundamental security of AES-like hashing. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology \u2013 CRYPTO 2022, CRYPTO 2022, Lecture Notes in Computer Science, vol. 13507, pp. 64\u201393, Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15802-5_3","DOI":"10.1007\/978-3-031-15802-5_3"},{"key":"10_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/978-3-662-53008-5_5","volume-title":"Advances in Cryptology","author":"C Beierle","year":"2016","unstructured":"Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 123\u2013153. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_5"},{"key":"10_CR10","doi-asserted-by":"crossref","unstructured":"Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. Cryptology ePrint Archive, Report 2016\/660 (2016)","DOI":"10.1007\/978-3-662-53008-5_5"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Beierle, C., Leander, G., Moradi, A., Rasoolzadeh, S.: CRAFT: lightweight tweakable block cipher with efficient protection against DFA attacks. IACR Trans. Symmetric Cryptology 2019(1), 5\u201345 (2019)","DOI":"10.46586\/tosc.v2019.i1.5-45"},{"key":"10_CR12","doi-asserted-by":"crossref","unstructured":"Bellizia, D., et al.: Spook: sponge-based leakage-resistant authenticated encryption with a masked tweakable block cipher. IACR Trans. Symmetric Cryptology 2020(S1), 295\u2013349 (2020)","DOI":"10.46586\/tosc.v2020.iS1.295-349"},{"key":"10_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"79","DOI":"10.1007\/978-3-319-69453-5_5","volume-title":"Selected Areas in Cryptography","author":"T Beyne","year":"2017","unstructured":"Beyne, T., Bilgin, B.: Uniform first-order threshold implementations. In: Avanzi, R., Heys, H. (eds.) SAC 2016. LNCS, vol. 10532, pp. 79\u201398. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-69453-5_5"},{"key":"10_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1007\/3-540-48910-X_2","volume-title":"Advances in Cryptology","author":"E Biham","year":"1999","unstructured":"Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12\u201323. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48910-X_2"},{"key":"10_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1007\/11935230_27","volume-title":"Advances in Cryptology","author":"E Biham","year":"2006","unstructured":"Biham, E., Dunkelman, O., Keller, N.: New cryptanalytic results on IDEA. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 412\u2013427. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11935230_27"},{"key":"10_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45661-9_1","volume-title":"Fast Software Encryption","author":"E Biham","year":"2002","unstructured":"Biham, E., Dunkelman, O., Keller, N.: New results on boomerang and rectangle attacks. In: Daemen, J., Rijmen, V. (eds.) FSE 2002. LNCS, vol. 2365, pp. 1\u201316. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45661-9_1"},{"key":"10_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"340","DOI":"10.1007\/3-540-44987-6_21","volume-title":"Advances in Cryptology","author":"E Biham","year":"2001","unstructured":"Biham, E., Dunkelman, O., Keller, N.: The rectangle attack \u2014 rectangling the serpent. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 340\u2013357. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_21"},{"key":"10_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"507","DOI":"10.1007\/11426639_30","volume-title":"Advances in Cryptology","author":"E Biham","year":"2005","unstructured":"Biham, E., Dunkelman, O., Keller, N.: Related-key boomerang and rectangle attacks. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 507\u2013525. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11426639_30"},{"key":"10_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-10366-7_1","volume-title":"Advances in Cryptology","author":"A Biryukov","year":"2009","unstructured":"Biryukov, A., Khovratovich, D.: Related-key cryptanalysis of the full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 1\u201318. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_1"},{"key":"10_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/978-3-642-19574-7_16","volume-title":"Selected Areas in Cryptography","author":"A Bogdanov","year":"2011","unstructured":"Bogdanov, A., Rechberger, C.: A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 229\u2013240. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19574-7_16"},{"issue":"3","key":"10_CR21","doi-asserted-by":"publisher","first-page":"290","DOI":"10.46586\/tosc.v2018.i3.290-310","volume":"2018","author":"C Boura","year":"2018","unstructured":"Boura, C., Canteaut, A.: On the boomerang uniformity of cryptographic sboxes. IACR Trans. Symmetric Cryptology 2018(3), 290\u2013310 (2018)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1007\/978-3-642-40041-4_13","volume-title":"Advances in Cryptology","author":"A Canteaut","year":"2013","unstructured":"Canteaut, A., Naya-Plasencia, M., Vayssi\u00e8re, B.: Sieve-in-the-middle: improved MITM attacks. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 222\u2013240. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_13"},{"key":"10_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"683","DOI":"10.1007\/978-3-319-78375-8_22","volume-title":"Advances in Cryptology","author":"C Cid","year":"2018","unstructured":"Cid, C., Huang, T., Peyrin, T., Sasaki, Yu., Song, L.: Boomerang connectivity table: a new cryptanalysis tool. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 683\u2013714. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_22"},{"issue":"4","key":"10_CR24","doi-asserted-by":"publisher","first-page":"104","DOI":"10.46586\/tosc.v2020.i4.104-129","volume":"2020","author":"S Delaune","year":"2020","unstructured":"Delaune, S., Derbez, P., Vavrille, M.: Catching the fastest boomerangs application to SKINNY. IACR Trans. Symmetric Cryptology 2020(4), 104\u2013129 (2020)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1007\/978-3-662-53008-5_6","volume-title":"Advances in Cryptology","author":"P Derbez","year":"2016","unstructured":"Derbez, P., Fouque, P.-A.: Automatic search of meet-in-the-middle and impossible differential attacks. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 157\u2013184. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_6"},{"key":"10_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/978-3-642-38348-9_23","volume-title":"Advances in Cryptology","author":"P Derbez","year":"2013","unstructured":"Derbez, P., Fouque, P.-A., Jean, J.: Improved key recovery attacks on reduced-round , in the single-key setting. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 371\u2013387. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_23"},{"key":"10_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"719","DOI":"10.1007\/978-3-642-32009-5_42","volume-title":"Advances in Cryptology","author":"I Dinur","year":"2012","unstructured":"Dinur, I., Dunkelman, O., Keller, N., Shamir, A.: Efficient dissection of composite problems, with applications to cryptanalysis, knapsacks, and combinatorial search problems. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 719\u2013740. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_42"},{"issue":"1","key":"10_CR28","doi-asserted-by":"publisher","first-page":"80","DOI":"10.46586\/tosc.v2017.i1.80-105","volume":"2017","author":"C Dobraunig","year":"2017","unstructured":"Dobraunig, C., Eichlseder, M., Mangard, S., Mendel, F., Unterluggauer, T.: ISAP - towards side-channel secure authenticated encryption. IACR Trans. Symmetric Cryptology 2017(1), 80\u2013105 (2017)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-030-84252-9_10","volume-title":"Advances in Cryptology","author":"X Dong","year":"2021","unstructured":"Dong, X., Hua, J., Sun, S., Li, Z., Wang, X., Hu, L.: Meet-in-the-middle attacks revisited: key-recovery, collision, and preimage attacks. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021, Part III. LNCS, vol. 12827, pp. 278\u2013308. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_10"},{"key":"10_CR30","doi-asserted-by":"crossref","unstructured":"Dong, X., Qin, L., Sun, S., Wang, X.: Key guessing strategies for linear key-schedule algorithms in rectangle attacks. In: EUROCRYPT 2022, Proceedings, Part III, vol. 13277 of LNCS, pp. 3\u201333 (2022)","DOI":"10.1007\/978-3-031-07082-2_1"},{"key":"10_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-030-49785-9_1","volume-title":"Cyber Security Cryptography and Machine Learning","author":"O Dunkelman","year":"2020","unstructured":"Dunkelman, O., Huang, S., Lambooij, E., Perle, S.: Single tweakey cryptanalysis of\u00a0reduced-round SKINNY-64. In: Dolev, S., Kolesnikov, V., Lodha, S., Weiss, G. (eds.) CSCML 2020. LNCS, vol. 12161, pp. 1\u201317. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-49785-9_1"},{"issue":"3","key":"10_CR32","doi-asserted-by":"publisher","first-page":"910","DOI":"10.1007\/s00145-019-09333-z","volume":"33","author":"O Dunkelman","year":"2020","unstructured":"Dunkelman, O., Keller, N., Lambooij, E., Sasaki, Yu.: A practical forgery attack on Lilliput-AE. J. Cryptol. 33(3), 910\u2013916 (2020)","journal-title":"J. Cryptol."},{"key":"10_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/978-3-642-17373-8_10","volume-title":"Advances in Cryptology","author":"O Dunkelman","year":"2010","unstructured":"Dunkelman, O., Keller, N., Shamir, A.: Improved single-key attacks on 8-round AES-192 and AES-256. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 158\u2013176. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_10"},{"issue":"4","key":"10_CR34","doi-asserted-by":"publisher","first-page":"824","DOI":"10.1007\/s00145-013-9154-9","volume":"27","author":"O Dunkelman","year":"2014","unstructured":"Dunkelman, O., Keller, N., Shamir, A.: A practical-time related-key attack on the KASUMI cryptosystem used in GSM and 3G telephony. J. Cryptology 27(4), 824\u2013849 (2014)","journal-title":"J. Cryptology"},{"key":"10_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/978-3-662-46706-0_4","volume-title":"Fast Software Encryption","author":"T Fuhr","year":"2015","unstructured":"Fuhr, T., Minaud, B.: Match box meet-in-the-middle attack against KATAN. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 61\u201381. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46706-0_4"},{"key":"10_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"433","DOI":"10.1007\/978-3-030-12612-4_22","volume-title":"Topics in Cryptology","author":"S Gao","year":"2019","unstructured":"Gao, S., Roy, A., Oswald, E.: Constructing TI-friendly substitution boxes using shift-invariant permutations. In: Matsui, M. (ed.) CT-RSA 2019. LNCS, vol. 11405, pp. 433\u2013452. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-12612-4_22"},{"key":"10_CR37","doi-asserted-by":"publisher","first-page":"140","DOI":"10.46586\/tosc.v2021.i2.140-198","volume":"2","author":"H Hadipour","year":"2021","unstructured":"Hadipour, H., Bagheri, N., Song, L.: Improved rectangle attacks on SKINNY and CRAFT. IACR Trans. Symmetric Cryptology 2, 140\u2013198 (2021)","journal-title":"IACR Trans. Symmetric Cryptology"},{"issue":"2","key":"10_CR38","doi-asserted-by":"publisher","first-page":"63","DOI":"10.46586\/tosc.v2022.i2.63-91","volume":"2022","author":"J Hua","year":"2022","unstructured":"Hua, J., Dong, X., Sun, S., Zhang, Z., Lei, H., Wang, X.: Improved MITM cryptanalysis on Streebog. IACR Trans. Symmetric Cryptology 2022(2), 63\u201391 (2022)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR39","doi-asserted-by":"crossref","unstructured":"Hua, J., Liu, T., Cui, Y., Qin, L., Dong, X., Cui, H.: Low-data cryptanalysis on SKINNY block cipher. Comput. J. (2022)","DOI":"10.1093\/comjnl\/bxab208"},{"key":"10_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"463","DOI":"10.1007\/978-3-540-45146-4_27","volume-title":"Advances in Cryptology","author":"Y Ishai","year":"2003","unstructured":"Ishai, Y., Sahai, A., Wagner, D.: Private circuits: securing hardware against probing attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463\u2013481. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_27"},{"key":"10_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"290","DOI":"10.1007\/978-3-642-21702-9_17","volume-title":"Fast Software Encryption","author":"T Isobe","year":"2011","unstructured":"Isobe, T.: A single-key attack on the full GOST block cipher. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 290\u2013305. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21702-9_17"},{"key":"10_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1007\/978-3-662-45608-8_15","volume-title":"Advances in Cryptology","author":"J Jean","year":"2014","unstructured":"Jean, J., Nikoli\u0107, I., Peyrin, T.: Tweaks and keys for block ciphers: the TWEAKEY framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 274\u2013288. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45608-8_15"},{"key":"10_CR43","unstructured":"Jean, J., Nikoli\u0107, I., Peyrin, T., Seurin, Y.: Submission to CAESAR : Deoxys v1.41, October 2016"},{"key":"10_CR44","first-page":"75","volume":"1978","author":"J Kelsey","year":"2000","unstructured":"Kelsey, J., Kohno, T., Schneier, B.: Amplified boomerang attacks against reduced-round MARS and Serpent. FSE 1978, 75\u201393 (2000)","journal-title":"FSE"},{"issue":"2","key":"10_CR45","first-page":"216","volume":"258","author":"LR Knudsen","year":"1998","unstructured":"Knudsen, L.R.: DEAL - a 128-bit block cipher. Complexity 258(2), 216 (1998)","journal-title":"Complexity"},{"key":"10_CR46","doi-asserted-by":"publisher","first-page":"37","DOI":"10.46586\/tosc.v2017.i3.37-72","volume":"3","author":"G Liu","year":"2017","unstructured":"Liu, G., Ghosh, M., Song, L.: Security analysis of SKINNY under related-tweakey settings. IACR Trans. Symmetric Cryptology 3, 37\u201372 (2017)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"630","DOI":"10.1007\/978-3-030-64837-4_21","volume-title":"Advances in Cryptology","author":"B Mennink","year":"2020","unstructured":"Mennink, B.: Beyond birthday bound secure fresh rekeying: application to authenticated encryption. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 630\u2013661. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64837-4_21"},{"key":"10_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"705","DOI":"10.1007\/978-3-030-45724-2_24","volume-title":"Advances in Cryptology","author":"Y Naito","year":"2020","unstructured":"Naito, Y., Sasaki, Yu., Sugawara, T.: Lightweight authenticated encryption mode suitable for threshold implementation. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part II. LNCS, vol. 12106, pp. 705\u2013735. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45724-2_24"},{"key":"10_CR49","doi-asserted-by":"publisher","unstructured":"Naito, Y., Sasaki, Y., Sugawara, T.: Secret can be public: low-memory AEAD mode for high-order masking. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology \u2013 CRYPTO 2022, CRYPTO 2022. Lecture Notes in Computer Science, vol. 13509, pp. 315\u2013345. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15982-4_11","DOI":"10.1007\/978-3-031-15982-4_11"},{"key":"10_CR50","doi-asserted-by":"crossref","unstructured":"Naito, Y., Sasaki, Y., Sugawara, T.: Lightweight authenticated encryption mode suitable for threshold implementation. Cryptol. ePrint Arch. (2020)","DOI":"10.1007\/978-3-030-45724-2_24"},{"issue":"1","key":"10_CR51","first-page":"66","volume":"2020","author":"Y Naito","year":"2020","unstructured":"Naito, Y., Sugawara, T.: Lightweight authenticated encryption mode of operation for tweakable block ciphers. IACR Trans. Cryptographic Hardware Embed. Syst. 2020(1), 66\u201394 (2020)","journal-title":"IACR Trans. Cryptographic Hardware Embed. Syst."},{"key":"10_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"529","DOI":"10.1007\/11935308_38","volume-title":"Information and Communications Security","author":"S Nikova","year":"2006","unstructured":"Nikova, S., Rechberger, C., Rijmen, V.: Threshold implementations against side-channel attacks and glitches. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 529\u2013545. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11935308_38"},{"key":"10_CR53","doi-asserted-by":"crossref","unstructured":"Qin, L., Dong, X., Wang, A., Hua, J., Wang, X.: Mind the tweakey schedule: cryptanalysis on skinnye-64-256. Cryptology ePrint Archive, Paper 2022\/789, 2022. https:\/\/eprint.iacr.org\/2022\/789","DOI":"10.1007\/978-3-031-22963-3_10"},{"key":"10_CR54","doi-asserted-by":"publisher","first-page":"249","DOI":"10.46586\/tosc.v2021.i2.249-291","volume":"2","author":"L Qin","year":"2021","unstructured":"Qin, L., Dong, X., Wang, X., Jia, K., Liu, Y.: Automated search oriented to key recovery on ciphers with linear key schedule applications to boomerangs in SKINNY and ForkSkinny. IACR Trans. Symmetric Cryptology 2, 249\u2013291 (2021)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR55","doi-asserted-by":"crossref","unstructured":"Rotman, J.J.: Advanced modern algebra. American Mathematical Soc., (2010)","DOI":"10.1090\/gsm\/114"},{"issue":"3","key":"10_CR56","doi-asserted-by":"publisher","first-page":"124","DOI":"10.46586\/tosc.v2018.i3.124-162","volume":"2018","author":"S Sadeghi","year":"2018","unstructured":"Sadeghi, S., Mohammadi, T., Bagheri, N.: Cryptanalysis of reduced round SKINNY block cipher. IACR Trans. Symmetric Cryptology 2018(3), 124\u2013162 (2018)","journal-title":"IACR Trans. Symmetric Cryptology"},{"key":"10_CR57","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-319-97916-8_15","volume-title":"Advances in Information and Computer Security","author":"Yu Sasaki","year":"2018","unstructured":"Sasaki, Yu.: Integer linear programming for three-subset meet-in-the-middle attacks: application to GIFT. In: Inomata, A., Yasuda, K. (eds.) IWSEC 2018. LNCS, vol. 11049, pp. 227\u2013243. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-97916-8_15"},{"key":"10_CR58","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1007\/978-3-642-21702-9_22","volume-title":"Fast Software Encryption","author":"Yu Sasaki","year":"2011","unstructured":"Sasaki, Yu.: Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 378\u2013396. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21702-9_22"},{"key":"10_CR59","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/978-3-642-01001-9_8","volume-title":"Advances in Cryptology","author":"Yu Sasaki","year":"2009","unstructured":"Sasaki, Yu., Aoki, K.: Finding preimages in full MD5 faster than exhaustive search. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 134\u2013152. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-01001-9_8"},{"key":"10_CR60","doi-asserted-by":"crossref","unstructured":"Schrottenloher, A., Stevens, M.: Simplified MITM modeling for permutations: new (quantum) attacks. In: CRYPTO (2022)","DOI":"10.1007\/978-3-031-15982-4_24"},{"key":"10_CR61","doi-asserted-by":"crossref","unstructured":"Song, L., Qin, X., Hu, L.: Boomerang connectivity table revisited. application to SKINNY and AES. IACR Trans. Symmetric Cryptology 2019(1), 118\u2013141 (2019)","DOI":"10.46586\/tosc.v2019.i1.118-141"},{"key":"10_CR62","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1007\/978-3-319-57339-7_7","volume-title":"Progress in Cryptology","author":"M Tolba","year":"2017","unstructured":"Tolba, M., Abdelkhalek, A., Youssef, A.M.: Impossible differential cryptanalysis of reduced-round SKINNY. In: Joye, M., Nitaj, A. (eds.) AFRICACRYPT 2017. LNCS, vol. 10239, pp. 117\u2013134. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-57339-7_7"},{"key":"10_CR63","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"156","DOI":"10.1007\/3-540-48519-8_12","volume-title":"Fast Software Encryption","author":"D Wagner","year":"1999","unstructured":"Wagner, D.: The boomerang attack. In: Knudsen, L. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156\u2013170. Springer, Heidelberg (1999). https:\/\/doi.org\/10.1007\/3-540-48519-8_12"},{"key":"10_CR64","doi-asserted-by":"crossref","unstructured":"Wang, H., Peyrin, T.: Boomerang switch in multiple rounds. application to AES variants and Deoxys. IACR Trans. Symmetric Cryptology 2019(1), 142\u2013169 (2019)","DOI":"10.46586\/tosc.v2019.i1.142-169"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2022"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-22963-3_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T01:03:02Z","timestamp":1769216582000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-22963-3_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031229626","9783031229633"],"references-count":64,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-22963-3_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"25 January 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taipei","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Taiwan","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"5 December 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 December 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2022\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"364","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"98","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}