{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T00:47:54Z","timestamp":1777337274183,"version":"3.51.4"},"publisher-location":"Cham","reference-count":52,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031587153","type":"print"},{"value":"9783031587160","type":"electronic"}],"license":[{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,1,1]],"date-time":"2024-01-01T00:00:00Z","timestamp":1704067200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024]]},"DOI":"10.1007\/978-3-031-58716-0_13","type":"book-chapter","created":{"date-parts":[[2024,4,28]],"date-time":"2024-04-28T03:01:57Z","timestamp":1714273317000},"page":"368-397","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Massive Superpoly Recovery with\u00a0a\u00a0Meet-in-the-Middle Framework"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-4033-588X","authenticated-orcid":false,"given":"Jiahui","family":"He","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3552-7200","authenticated-orcid":false,"given":"Kai","family":"Hu","sequence":"additional","affiliation":[]},{"given":"Hao","family":"Lei","sequence":"additional","affiliation":[]},{"given":"Meiqin","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,4,29]]},"reference":[{"key":"13_CR1","unstructured":"eSTREAM: the ECRYPT stream cipher project (2018). https:\/\/www.ecrypt.eu.org\/stream\/. Accessed 23 Mar 2021"},{"key":"13_CR2","unstructured":"Gurobi Optimization. https:\/\/www.gurobi.com"},{"key":"13_CR3","unstructured":"ISO\/IEC 29192-3:2012: Information technology - Security techniques - Lightweight cryptography - Part 3: stream ciphers. https:\/\/www.iso.org\/standard\/56426.html"},{"key":"13_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-03317-9_1","volume-title":"Fast Software Encryption","author":"J-P Aumasson","year":"2009","unstructured":"Aumasson, J.-P., Dinur, I., Meier, W., Shamir, A.: Cube testers and key recovery attacks on reduced-round MD6 and Trivium. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 1\u201322. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-03317-9_1"},{"issue":"4","key":"13_CR5","doi-asserted-by":"publisher","first-page":"120","DOI":"10.46586\/tosc.v2022.i4.120-144","volume":"2022","author":"J Baudrin","year":"2022","unstructured":"Baudrin, J., Canteaut, A., Perrin, L.: Practical cube attack against nonce-misused Ascon. IACR Trans. Symmetric Cryptol. 2022(4), 120\u2013144 (2022)","journal-title":"IACR Trans. Symmetric Cryptol."},{"issue":"3","key":"13_CR6","doi-asserted-by":"publisher","first-page":"327","DOI":"10.46586\/tosc.v2020.i3.327-361","volume":"2020","author":"C Boura","year":"2020","unstructured":"Boura, C., Coggia, D.: Efficient MILP modelings for sboxes and linear layers of SPN ciphers. IACR Trans. Symmetric Cryptol. 2020(3), 327\u2013361 (2020)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"244","DOI":"10.1007\/978-3-540-68351-3_18","volume-title":"New Stream Cipher Designs","author":"C De Canni\u00e8re","year":"2008","unstructured":"De Canni\u00e8re, C., Preneel, B.: Trivium. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 244\u2013266. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-68351-3_18"},{"issue":"3","key":"13_CR8","doi-asserted-by":"publisher","first-page":"885","DOI":"10.1007\/s00145-017-9273-9","volume":"31","author":"A Canteaut","year":"2018","unstructured":"Canteaut, A., Carpov, S., Fontaine, C., Lepoint, T., Naya-Plasencia, M., Paillier, P., Sirdey, R.: Stream Ciphers: a practical solution for efficient homomorphic-ciphertext compression. J. Cryptol. 31(3), 885\u2013916 (2018)","journal-title":"J. Cryptol."},{"key":"13_CR9","doi-asserted-by":"publisher","unstructured":"Che, C., Tian, T.: An experimentally verified attack on 820-round trivium. In: Deng, Y., Yung, M., editors, Information Security and Cryptology - 18th International Conference, Inscrypt 2022, Beijing, China, December 11-13, 2022, Revised Selected Papers, volume 13837 of Lecture Notes in Computer Science, pp. 357\u2013369. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-26553-2_19","DOI":"10.1007\/978-3-031-26553-2_19"},{"key":"13_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/978-3-030-99277-4_13","volume-title":"Selected Areas in Cryptography","author":"S Delaune","year":"2022","unstructured":"Delaune, S., Derbez, P., Gontier, A., Prud\u2019homme, C.: A simpler model for recovering superpoly on trivium. In: AlTawy, R., H\u00fclsing, A. (eds.) SAC 2021. LNCS, vol. 13203, pp. 266\u2013285. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-030-99277-4_13"},{"key":"13_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"374","DOI":"10.1007\/978-3-030-77870-5_14","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2021","author":"I Dinur","year":"2021","unstructured":"Dinur, I.: Cryptanalytic applications of the polynomial method for solving multivariate equation systems over GF(2). In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 374\u2013403. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77870-5_14"},{"key":"13_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"733","DOI":"10.1007\/978-3-662-46800-5_28","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"I Dinur","year":"2015","unstructured":"Dinur, I., Morawiecki, P., Pieprzyk, J., Srebrny, M., Straus, M.: Cube attacks and cube-attack-like cryptanalysis on the round-reduced Keccak sponge function. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 733\u2013761. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_28"},{"key":"13_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-642-01001-9_16","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"I Dinur","year":"2009","unstructured":"Dinur, I., Shamir, A.: Cube attacks on tweakable black box polynomials. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 278\u2013299. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-01001-9_16"},{"key":"13_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1007\/978-3-642-21702-9_10","volume-title":"Fast Software Encryption","author":"I Dinur","year":"2011","unstructured":"Dinur, I., Shamir, A.: Breaking grain-128 with dynamic cube attacks. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 167\u2013187. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21702-9_10"},{"key":"13_CR15","doi-asserted-by":"crossref","unstructured":"Dobraunig, C., Eichlseder, M., Mendel, F., Schl\u00e4ffer, M.: Ascon v1.2: lightweight authenticated encryption and hashing. J. Cryptol. 34(3), 33 (2021)","DOI":"10.1007\/s00145-021-09398-9"},{"key":"13_CR16","doi-asserted-by":"publisher","unstructured":"Fan, H., Hao, Y., Wang, Q., Gong, X., Jiao, L.: Key filtering in cube attacks from the implementation aspect. In: Deng, J., Kolesnikov, V., Schwarzmann, A.A., editors, Cryptology and Network Security - 22nd International Conference, CANS 2023, Augusta, GA, USA, October 31 - November 2, 2023, Proceedings, vol. 14342 of Lecture Notes in Computer Science, pp. 293\u2013317. Springer, Singapore (2023). https:\/\/doi.org\/10.1007\/978-981-99-7563-1_14","DOI":"10.1007\/978-981-99-7563-1_14"},{"key":"13_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1007\/978-3-662-43933-3_26","volume-title":"Fast Software Encryption","author":"P-A Fouque","year":"2014","unstructured":"Fouque, P.-A., Vannet, T.: Improving key recovery to 784 and 799 rounds of trivium using optimized cube attacks. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 502\u2013517. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-43933-3_26"},{"key":"13_CR18","first-page":"363","volume":"2017","author":"Y Funabiki","year":"2017","unstructured":"Funabiki, Y., Todo, Y., Isobe, T., Morii, M.: Improved integral attack on HIGHT. ACISP 2017, 363\u2013383 (2017)","journal-title":"ACISP"},{"issue":"1","key":"13_CR19","doi-asserted-by":"publisher","first-page":"363","DOI":"10.46586\/tosc.v2020.i1.363-395","volume":"2020","author":"Y Hao","year":"2020","unstructured":"Hao, Y., Jiao, L., Li, C., Meier, W., Todo, Y., Wang, Q.: Links between division property and other cube attack variants. IACR Trans. Symmetric Cryptol. 2020(1), 363\u2013395 (2020)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"466","DOI":"10.1007\/978-3-030-45721-1_17","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2020","author":"Y Hao","year":"2020","unstructured":"Hao, Y., Leander, G., Meier, W., Todo, Y., Wang, Q.: Modeling for three-subset division property without unknown subset. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12105, pp. 466\u2013495. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45721-1_17"},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"He, J., Hu, K., Lei, H., Wang, M.: Massive superpoly recovery with a meet-in-the-middle framework \u2013 improved cube attacks on trivium and kreyvium. Cryptology ePrint Archive, Paper 2024\/342 (2024). https:\/\/eprint.iacr.org\/2024\/342","DOI":"10.1007\/978-3-031-58716-0_13"},{"key":"13_CR22","doi-asserted-by":"publisher","unstructured":"He, J., Hu, K., Preneel, B., Wang, M.: Stretching cube attacks: improved methods to recover massive superpolies. In: Agrawal, S., Lin, D., editors, Advances in Cryptology - ASIACRYPT 2022 - 28th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, December 5\u20139, 2022, Proceedings, Part IV, volume 13794 of Lecture Notes in Computer Science, pp. 537\u2013566. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-22972-5_19","DOI":"10.1007\/978-3-031-22972-5_19"},{"key":"13_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"392","DOI":"10.1007\/978-3-030-92062-3_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"K Hu","year":"2021","unstructured":"Hu, K., Sun, S., Todo, Y., Wang, M., Wang, Q.: Massive superpoly recovery with\u00a0nested monomial predictions. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13090, pp. 392\u2013421. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92062-3_14"},{"key":"13_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/978-3-030-64837-4_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2020","author":"K Hu","year":"2020","unstructured":"Hu, K., Sun, S., Wang, M., Wang, Q.: An algebraic formulation of the division property: revisiting degree evaluations, cube attacks, and key-independent sums. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12491, pp. 446\u2013476. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-64837-4_15"},{"key":"13_CR25","doi-asserted-by":"crossref","unstructured":"Huang, S., Wang, X., Xu, G., Wang, M., Zhao, J.: Conditional cube attack on reduced-round keccak sponge function. In: Coron, J.-S., Nielsen, J.B., editors, Advances in Cryptology - EUROCRYPT 2017 - 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Paris, France, April 30 - May 4, 2017, Proceedings, Part II, volume 10211 of Lecture Notes in Computer Science, pp. 259\u2013288 (2017)","DOI":"10.1007\/978-3-319-56614-6_9"},{"key":"13_CR26","doi-asserted-by":"crossref","unstructured":"Lei, H., He, J., Hu, K., Wang, M.: More balanced polynomials: cube attacks on 810- and 825-round trivium with practical complexities. IACR Cryptol. ePrint Arch., 1237 (2023)","DOI":"10.1007\/978-3-031-53368-6_1"},{"key":"13_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"99","DOI":"10.1007\/978-3-319-70694-8_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"Z Li","year":"2017","unstructured":"Li, Z., Bi, W., Dong, X., Wang, X.: Improved conditional cube attacks on keccak keyed modes with MILP method. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 99\u2013127. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70694-8_4"},{"issue":"1","key":"13_CR28","doi-asserted-by":"publisher","first-page":"175","DOI":"10.46586\/tosc.v2017.i1.175-202","volume":"2017","author":"Z Li","year":"2017","unstructured":"Li, Z., Dong, X., Wang, X.: Conditional cube attack on round-reduced ASCON. IACR Trans. Symmetric Cryptol. 2017(1), 175\u2013202 (2017)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-319-63697-9_8","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"M Liu","year":"2017","unstructured":"Liu, M.: Degree evaluation of NFSR-based cryptosystems. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 227\u2013249. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_8"},{"key":"13_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"715","DOI":"10.1007\/978-3-319-78375-8_23","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"M Liu","year":"2018","unstructured":"Liu, M., Yang, J., Wang, W., Lin, D.: Correlation Cube Attacks: from weak-key distinguisher to key recovery. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 715\u2013744. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78375-8_23"},{"issue":"3\u20134","key":"13_CR31","doi-asserted-by":"publisher","first-page":"309","DOI":"10.3233\/FI-2012-631","volume":"114","author":"P Mroczkowski","year":"2012","unstructured":"Mroczkowski, P., Szmidt, J.: The cube attack on stream cipher Trivium and quadraticity tests. Fundam. Informaticae 114(3\u20134), 309\u2013318 (2012)","journal-title":"Fundam. Informaticae"},{"issue":"1","key":"13_CR32","doi-asserted-by":"publisher","first-page":"130","DOI":"10.46586\/tosc.v2021.i1.130-155","volume":"2021","author":"R Rohit","year":"2021","unstructured":"Rohit, R., Kai, H., Sarkar, S., Sun, S.: Misuse-free key-recovery and distinguishing attacks on 7-round ascon. IACR Trans. Symmetric Cryptol. 2021(1), 130\u2013155 (2021)","journal-title":"IACR Trans. Symmetric Cryptol."},{"issue":"4","key":"13_CR33","doi-asserted-by":"publisher","first-page":"74","DOI":"10.46586\/tosc.v2021.i4.74-99","volume":"2021","author":"R Rohit","year":"2021","unstructured":"Rohit, R., Sarkar, S.: Diving deep into the weak keys of round reduced ascon. IACR Trans. Symmetric Cryptol. 2021(4), 74\u201399 (2021)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR34","doi-asserted-by":"crossref","unstructured":"Salam, I., Bartlett, H., Dawson, E., Pieprzyk, J., Simpson, L., Wong, K.K.-H.: Investigating cube attacks on the authenticated encryption stream cipher ACORN. In: Batten, L., Li, G., editors, ATIS 2016, volume 651 of Communications in Computer and Information Science, pp. 15\u201326 (2016)","DOI":"10.1007\/978-981-10-2741-3_2"},{"key":"13_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"150","DOI":"10.1007\/978-3-319-69284-5_11","volume-title":"Innovative Security Solutions for Information Technology and Communications","author":"Yu Sasaki","year":"2017","unstructured":"Sasaki, Yu., Todo, Y.: New algorithm for modeling S-box in MILP based differential and division trail search. In: Farshim, P., Simion, E. (eds.) SecITC 2017. LNCS, vol. 10543, pp. 150\u2013165. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-69284-5_11"},{"key":"13_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1007\/978-3-030-03329-3_3","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2018","author":"L Song","year":"2018","unstructured":"Song, L., Guo, J., Shi, D., Ling, S.: New MILP Modeling: improved conditional cube attacks on keccak-based constructions. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11273, pp. 65\u201395. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-03329-3_3"},{"key":"13_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"128","DOI":"10.1007\/978-3-319-70694-8_5","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"L Sun","year":"2017","unstructured":"Sun, L., Wang, W., Wang, M.: Automatic search of bit-based division property for ARX ciphers and word-based division property. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 128\u2013157. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70694-8_5"},{"issue":"1","key":"13_CR38","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1049\/iet-ifs.2018.5283","volume":"14","author":"L Sun","year":"2020","unstructured":"Sun, L., Wang, W., Wang, M.: MILP-aided bit-based division property for primitives with non-bit-permutation linear layers. IET Inf. Secur. 14(1), 12\u201320 (2020)","journal-title":"IET Inf. Secur."},{"key":"13_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/978-3-662-45611-8_9","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"S Sun","year":"2014","unstructured":"Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (Related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158\u2013178. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_9"},{"issue":"4","key":"13_CR40","doi-asserted-by":"publisher","first-page":"100","DOI":"10.46586\/tosc.v2021.i4.100-123","volume":"2021","author":"Y Sun","year":"2021","unstructured":"Sun, Y.: Automatic search of cubes for attacking stream ciphers. IACR Trans. Symmetric Cryptol. 2021(4), 100\u2013123 (2021)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Todo, Y.: Integral cryptanalysis on full MISTY1. In: Gennaro, R., Robshaw, M., editors, CRYPTO 2015, LNCS, vol. 9215, pp. 413\u2013432 (2015)","DOI":"10.1007\/978-3-662-47989-6_20"},{"key":"13_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"287","DOI":"10.1007\/978-3-662-46800-5_12","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"Y Todo","year":"2015","unstructured":"Todo, Y.: Structural evaluation by generalized integral property. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 287\u2013314. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_12"},{"key":"13_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"250","DOI":"10.1007\/978-3-319-63697-9_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"Y Todo","year":"2017","unstructured":"Todo, Y., Isobe, T., Hao, Y., Meier, W.: Cube attacks on non-blackbox polynomials based on division property. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 250\u2013279. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_9"},{"key":"13_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"357","DOI":"10.1007\/978-3-662-52993-5_18","volume-title":"Fast Software Encryption","author":"Y Todo","year":"2016","unstructured":"Todo, Y., Morii, M.: Bit-based division property and application to Simon family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357\u2013377. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-52993-5_18"},{"key":"13_CR45","doi-asserted-by":"crossref","unstructured":"Wang, J., Qin, L., Wu, B.: Correlation cube attack revisited: improved cube search and superpoly recovery techniques. Cryptology ePrint Archive, Paper 2023\/1408 (2023). https:\/\/eprint.iacr.org\/2023\/1408","DOI":"10.1007\/978-981-99-8727-6_7"},{"key":"13_CR46","unstructured":"Wang, J., Wu, B., Liu, Z.: Improved degree evaluation and superpoly recovery methods with application to trivium. CoRR, abs\/2201.06394 (2022)"},{"key":"13_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"279","DOI":"10.1007\/978-3-319-76953-0_15","volume-title":"Topics in Cryptology \u2013 CT-RSA 2018","author":"Q Wang","year":"2018","unstructured":"Wang, Q., Grassi, L., Rechberger, C.: Zero-sum partitions of PHOTON permutations. In: Smart, N.P. (ed.) CT-RSA 2018. LNCS, vol. 10808, pp. 279\u2013299. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-76953-0_15"},{"key":"13_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/978-3-319-96884-1_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"Q Wang","year":"2018","unstructured":"Wang, Q., Hao, Y., Todo, Y., Li, C., Isobe, T., Meier, W.: Improved division property based cube attacks exploiting algebraic properties of superpoly. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 275\u2013305. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96884-1_10"},{"key":"13_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"398","DOI":"10.1007\/978-3-030-34618-8_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2019","author":"S Wang","year":"2019","unstructured":"Wang, S., Hu, B., Guan, J., Zhang, K., Shi, T.: MILP-aided method of searching division property using three subsets\u00a0and applications. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11923, pp. 398\u2013427. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-34618-8_14"},{"key":"13_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"648","DOI":"10.1007\/978-3-662-53887-6_24","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"Z Xiang","year":"2016","unstructured":"Xiang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 648\u2013678. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_24"},{"key":"13_CR51","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1007\/978-3-319-93638-3_11","volume-title":"Information Security and Privacy","author":"C Ye","year":"2018","unstructured":"Ye, C., Tian, T.: A new framework for finding nonlinear superpolies in cube attacks against trivium-like ciphers. In: Susilo, W., Yang, G. (eds.) ACISP 2018. LNCS, vol. 10946, pp. 172\u2013187. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-93638-3_11"},{"key":"13_CR52","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/978-3-030-92062-3_7","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"C-D Ye","year":"2021","unstructured":"Ye, C.-D., Tian, T.: A practical key-recovery attack on\u00a0805-round trivium. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13090, pp. 187\u2013213. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92062-3_7"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-58716-0_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,4,28]],"date-time":"2026-04-28T00:02:39Z","timestamp":1777334559000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-58716-0_13"}},"subtitle":["Improved Cube Attacks on Trivium and Kreyvium"],"short-title":[],"issued":{"date-parts":[[2024]]},"ISBN":["9783031587153","9783031587160"],"references-count":52,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-58716-0_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024]]},"assertion":[{"value":"29 April 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EUROCRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Conference on the Theory and Applications of Cryptographic Techniques","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zurich","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Switzerland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 May 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30 May 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"43","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eurocrypt2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eurocrypt.iacr.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}