{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:48:06Z","timestamp":1754160486235,"version":"3.41.2"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031385476"},{"type":"electronic","value":"9783031385483"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-38548-3_20","type":"book-chapter","created":{"date-parts":[[2023,8,8]],"date-time":"2023-08-08T19:02:27Z","timestamp":1691521347000},"page":"607-627","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["On the\u00a0Security of\u00a0Keyed Hashing Based on\u00a0Public Permutations"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5468-7846","authenticated-orcid":false,"given":"Jonathan","family":"Fuchs","sequence":"first","affiliation":[]},{"given":"Yann","family":"Rotella","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4102-0775","authenticated-orcid":false,"given":"Joan","family":"Daemen","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,8,9]]},"reference":[{"key":"20_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-68697-5_1","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"M Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1\u201315. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_1"},{"key":"20_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/3-540-48658-5_32","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201994","author":"M Bellare","year":"1994","unstructured":"Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341\u2013358. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48658-5_32"},{"issue":"3","key":"20_CR3","doi-asserted-by":"publisher","first-page":"185","DOI":"10.1007\/s001459900051","volume":"12","author":"DJ Bernstein","year":"1999","unstructured":"Bernstein, D.J.: How to stretch random functions: The security of protected counter sums. J. Cryptol. 12(3), 185\u2013192 (1999). https:\/\/doi.org\/10.1007\/s001459900051","journal-title":"J. Cryptol."},{"key":"20_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"32","DOI":"10.1007\/11502760_3","volume-title":"Fast Software Encryption","author":"DJ Bernstein","year":"2005","unstructured":"Bernstein, D.J.: The Poly1305-AES message-authentication code. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 32\u201349. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11502760_3"},{"key":"20_CR5","doi-asserted-by":"crossref","unstructured":"Bertoni, G., Daemen, J., Hoffert, S., Peeters, M., Van Assche, G., Van Keer, R.: Farfalle: parallel permutation-based cryptography. IACR Trans. Symmetric Cryptol. 2017(4), 1\u201338 (2017). https:\/\/tosc.iacr.org\/index.php\/ToSC\/article\/view\/801","DOI":"10.46586\/tosc.v2017.i4.1-38"},{"key":"20_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/978-3-540-78967-3_11","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"G Bertoni","year":"2008","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: On the indifferentiability of the sponge construction. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 181\u2013197. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_11"},{"key":"20_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"384","DOI":"10.1007\/3-540-46035-7_25","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"J Black","year":"2002","unstructured":"Black, J., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384\u2013397. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-46035-7_25"},{"key":"20_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"337","DOI":"10.1007\/978-3-030-84252-9_12","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"N Bordes","year":"2021","unstructured":"Bordes, N., Daemen, J., Kuijsters, D., Van Assche, G.: Thinking outside the superbox. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12827, pp. 337\u2013367. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_12"},{"key":"20_CR9","unstructured":"Daemen, J.: Cipher and hash function design, strategies based on linear and differential cryptanalysis, PhD Thesis. K.U.Leuven (1995). http:\/\/jda.noekeon.org\/"},{"key":"20_CR10","unstructured":"Daemen, J., Hoffert, S., Peeters, M., Assche, G.V., Keer, R.V.: Xoodoo cookbook. Cryptology ePrint Archive, Paper 2018\/767 (2018). https:\/\/eprint.iacr.org\/2018\/767"},{"key":"20_CR11","unstructured":"Daemen, J., Hoffert, S., Van Assche, G., Van Keer, R.: DC-Xoodoo-3r.txt (2018). https:\/\/github.com\/KeccakTeam\/Xoodoo\/blob\/master\/XooTools\/Trails\/DC-Xoodoo-3r.txt\/"},{"key":"20_CR12","doi-asserted-by":"crossref","unstructured":"Daemen, J., Hoffert, S., Van Assche, G., Van Keer, R.: The design of Xoodoo and Xoofff. IACR Trans. Symmetric Cryptol. 2018(4), 1\u201338 (2018), https:\/\/doi.org\/10.13154\/tosc.v2018.i4.1-38","DOI":"10.46586\/tosc.v2018.i4.1-38"},{"key":"20_CR13","unstructured":"Daemen, J., Mella, S., Van Assche, G.: Tighter trail bounds for Xoodoo. Cryptology ePrint Archive, Paper 2022\/1088 (2022). https:\/\/eprint.iacr.org\/2022\/1088"},{"key":"20_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"606","DOI":"10.1007\/978-3-319-70697-9_21","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"J Daemen","year":"2017","unstructured":"Daemen, J., Mennink, B., Van Assche, G.: Full-State Keyed Duplex with Built-In Multi-user Support. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10625, pp. 606\u2013637. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70697-9_21"},{"key":"20_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11502760_1","volume-title":"Fast Software Encryption","author":"J Daemen","year":"2005","unstructured":"Daemen, J., Rijmen, V.: A new MAC construction ALRED and a specific instance ALPHA-MAC. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 1\u201317. Springer, Heidelberg (2005). https:\/\/doi.org\/10.1007\/11502760_1"},{"key":"20_CR16","unstructured":"Daemen, J., Rijmen, V.: The Pelican MAC Function. IACR Cryptol. ePrint Arch. 2005, 88 (2005). http:\/\/eprint.iacr.org\/2005\/088"},{"issue":"3","key":"20_CR17","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1049\/iet-ifs.2010.0015","volume":"4","author":"J Daemen","year":"2010","unstructured":"Daemen, J., Rijmen, V.: Refinements of the ALRED construction and MAC security claims. IET Inf. Secur. 4(3), 149\u2013157 (2010). https:\/\/doi.org\/10.1049\/iet-ifs.2010.0015","journal-title":"IET Inf. Secur."},{"key":"20_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"422","DOI":"10.1007\/978-3-642-34047-5_24","volume-title":"Fast Software Encryption","author":"J Daemen","year":"2012","unstructured":"Daemen, J., Van Assche, G.: Differential propagation analysis of keccak. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 422\u2013441. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34047-5_24"},{"key":"20_CR19","doi-asserted-by":"crossref","unstructured":"Dobraunig, C., Mennink, B.: Security of the Suffix Keyed Sponge. IACR Trans. Symmetric Cryptol. 2019(4), 223\u2013248 (2019). https:\/\/doi.org\/10.13154\/tosc.v2019.i4.223-248","DOI":"10.46586\/tosc.v2019.i4.223-248"},{"issue":"3","key":"20_CR20","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/s001459900025","volume":"10","author":"S Even","year":"1997","unstructured":"Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. J. Cryptol. 10(3), 151\u2013162 (1997). https:\/\/doi.org\/10.1007\/s001459900025","journal-title":"J. Cryptol."},{"key":"20_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-540-39887-5_11","volume-title":"Fast Software Encryption","author":"T Iwata","year":"2003","unstructured":"Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129\u2013153. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-39887-5_11"},{"key":"20_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/978-3-662-52993-5_3","volume-title":"Fast Software Encryption","author":"A Luykx","year":"2016","unstructured":"Luykx, A., Preneel, B., Tischhauser, E., Yasuda, K.: A MAC mode for lightweight block ciphers. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 43\u201359. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-52993-5_3"},{"key":"20_CR23","doi-asserted-by":"crossref","unstructured":"McGrew, D.A., Viega, J.: The use of galois message authentication code (GMAC) in IPsec ESP and AH. RFC 4543, 1\u201314 (2006). https:\/\/doi.org\/10.17487\/RFC4543","DOI":"10.17487\/rfc4543"},{"key":"20_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/3-540-68697-5_24","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"V Shoup","year":"1996","unstructured":"Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313\u2013328. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_24"},{"key":"20_CR25","unstructured":"Stinson, D.R.: On the connections between universal hashing, combinatorial designs and error-correcting codes. Electron. Colloquium Comput. Complex. 2(52) (1995). http:\/\/eccc.hpi-web.de\/eccc-reports\/1995\/TR95-052\/index.html"},{"issue":"3","key":"20_CR26","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1016\/0022-0000(81)90033-7","volume":"22","author":"MN Wegman","year":"1981","unstructured":"Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265\u2013279 (1981). https:\/\/doi.org\/10.1016\/0022-0000(81)90033-7","journal-title":"J. Comput. Syst. Sci."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-38548-3_20","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,26]],"date-time":"2025-07-26T22:02:40Z","timestamp":1753567360000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-38548-3_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031385476","9783031385483"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-38548-3_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"9 August 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 August 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 August 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"43","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"479","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"124","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}