{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,5]],"date-time":"2025-04-05T21:40:05Z","timestamp":1743889205048,"version":"3.40.3"},"publisher-location":"Cham","reference-count":50,"publisher":"Springer Nature Switzerland","isbn-type":[{"type":"print","value":"9783031886607"},{"type":"electronic","value":"9783031886614"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-88661-4_1","type":"book-chapter","created":{"date-parts":[[2025,4,5]],"date-time":"2025-04-05T20:59:07Z","timestamp":1743886747000},"page":"3-26","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["The Window Heuristic: Automating Differential Trail Search in ARX Ciphers with Partial Linearization Trade-offs"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2349-0247","authenticated-orcid":false,"given":"Emanuele","family":"Bellini","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8583-0668","authenticated-orcid":false,"given":"David","family":"Gerault","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3863-3714","authenticated-orcid":false,"given":"Juan","family":"Grados","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2690-9197","authenticated-orcid":false,"given":"Thomas","family":"Peyrin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,4,4]]},"reference":[{"key":"1_CR1","unstructured":"Aaraj, N., Caullery, F., Manzano, M.: MILP-aided Cryptanalysis of Round Reduced ChaCha. Cryptology ePrint Archive, Report 2017\/1163 (2017). https:\/\/ia.cr\/2017\/1163"},{"key":"1_CR2","doi-asserted-by":"crossref","unstructured":"Aumasson, J.P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of latin dances: analysis of salsa, ChaCha, and rumba. In: Nyberg, K. (ed.) Fast Software Encryption, pp. 470\u2013488. Springer (2008)","DOI":"10.1007\/978-3-540-71039-4_30"},{"key":"1_CR3","unstructured":"Bagherzadeh, E., Ahmadian, Z.: MILP-Based Automatic Differential Searches for LEA and HIGHT. Cryptology ePrint Archive, Report 2018\/948 (2018). https:\/\/ia.cr\/2018\/948"},{"key":"1_CR4","unstructured":"Bellini, E., et al.: CLAASP: a cryptographic library for the automated analysis of symmetric primitives. Cryptology ePrint Archive, Paper 2023\/622 (2023). https:\/\/eprint.iacr.org\/2023\/622"},{"key":"1_CR5","unstructured":"Bellini, E., Gerault, D., Grados, J., Peyrin, T.: The window heuristic: automating differential trail search in ARX ciphers with partial linearization trade-offs. Cryptology ePrint Archive, Paper 2024\/1743 (2024). https:\/\/eprint.iacr.org\/2024\/1743"},{"key":"1_CR6","doi-asserted-by":"crossref","unstructured":"Bellini, E., G\u00e9rault, D., Protopapa, M., Rossi, M.: Monte Carlo tree search for automatic differential characteristics search: application to SPECK. In: Isobe, T., Sarkar, S. (eds.) INDOCRYPT 2022. LNCS, vol. 13774, pp. 373\u2013397. Springer (2022)","DOI":"10.1007\/978-3-031-22912-1_17"},{"key":"1_CR7","unstructured":"Bellini, E., Vasquez, J.D.C.G., Makarim, R., Sanna, C.: Finding differential trails on ChaCha by means of state functions. Int. J. Appl. Cryptogr. (IJACT) (2023)"},{"key":"1_CR8","unstructured":"Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC, vol.\u00a08, pp.\u00a03\u20135 (2008)"},{"issue":"1","key":"1_CR9","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/BF00630563","volume":"4","author":"E Biham","year":"1991","unstructured":"Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptol. 4(1), 3\u201372 (1991)","journal-title":"J. Cryptol."},{"key":"1_CR10","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: CT-RSA 2014, pp. 227\u2013250. Springer (2014)","DOI":"10.1007\/978-3-319-04852-9_12"},{"key":"1_CR11","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Canni\u00e8re, C.D., Dellkrantz, G.: Cryptanalysis of SAFER++. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 195\u2013211. Springer (2003)","DOI":"10.1007\/978-3-540-45146-4_12"},{"key":"1_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-10366-7_1","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"A Biryukov","year":"2009","unstructured":"Biryukov, A., Khovratovich, D.: Related-key cryptanalysis of the full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 1\u201318. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_1"},{"key":"1_CR13","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Roy, A., Velichkov, V.: Differential analysis of block ciphers SIMON and SPECK. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 546\u2013570. Springer, Heidelberg (2015)","DOI":"10.1007\/978-3-662-46706-0_28"},{"key":"1_CR14","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol.\u00a08366, pp. 227\u2013250. Springer (2014)","DOI":"10.1007\/978-3-319-04852-9_12"},{"key":"1_CR15","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Velichkov, V., Corre, Y.L.: Automatic search for the best trails in arx: application to block cipher Speck. Cryptology ePrint Archive, Report 2016\/409 (2016). https:\/\/ia.cr\/2016\/409","DOI":"10.1007\/978-3-662-52993-5_15"},{"key":"1_CR16","doi-asserted-by":"crossref","unstructured":"Bittner, P.M., Th\u00fcm, T., Schaefer, I.: Sat encodings of the at-most-k constraint: a case study on configuring university courses. In: SEFM 2019, pp. 127\u2013144. Springer (2019)","DOI":"10.1007\/978-3-030-30446-1_7"},{"key":"1_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1007\/BFb0055720","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201998","author":"F Chabaud","year":"1998","unstructured":"Chabaud, F., Joux, A.: Differential collisions in SHA-0. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 56\u201371. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0055720"},{"key":"1_CR18","doi-asserted-by":"publisher","unstructured":"Coutinho, M., de\u00a0Sousa\u00a0J\u00fanior, R.T., Borges, F.: Continuous diffusion analysis. IEEE Access 8, 123735\u2013123745 (2020). https:\/\/doi.org\/10.1109\/ACCESS.2020.3005504","DOI":"10.1109\/ACCESS.2020.3005504"},{"key":"1_CR19","doi-asserted-by":"crossref","unstructured":"De Canni\u00e8re, C., Rechberger, C.: Finding SHA-1 characteristics: general results and applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1\u201320. Springer, Heidelberg (2006)","DOI":"10.1007\/11935230_1"},{"key":"1_CR20","doi-asserted-by":"crossref","unstructured":"Dinur, I.: Improved differential cryptanalysis of round-reduced speck. IACR Cryptol. ePrint Arch., p.\u00a0320 (2014). http:\/\/eprint.iacr.org\/2014\/320","DOI":"10.1007\/978-3-319-13051-4_9"},{"key":"1_CR21","unstructured":"Dunkelman, O.: Efficient construction of the boomerang connection table. IACR Cryptol. ePrint Arch., p.\u00a0631 (2018). https:\/\/eprint.iacr.org\/2018\/631"},{"key":"1_CR22","doi-asserted-by":"crossref","unstructured":"Dunkelman, O., Keller, N., Shamir, A.: A practical-time related-key attack on the KASUMI cryptosystem used in GSM and 3G telephony. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol.\u00a06223, pp. 393\u2013410. Springer (2010)","DOI":"10.1007\/978-3-642-14623-7_21"},{"key":"1_CR23","doi-asserted-by":"publisher","first-page":"79105","DOI":"10.1109\/ACCESS.2018.2881130","volume":"6","author":"AD Dwivedi","year":"2018","unstructured":"Dwivedi, A.D., Srivastava, G.: Differential cryptanalysis of round-reduced LEA. IEEE Access 6, 79105\u201379113 (2018)","journal-title":"IEEE Access"},{"key":"1_CR24","doi-asserted-by":"crossref","unstructured":"Fischer, S., Meier, W., Berbain, C., Biasse, J.F., Robshaw, M.J.B.: Non-randomness in eSTREAM candidates Salsa20 and TSC-4. In: Barua, R., Lange, T. (eds.) Progress in Cryptology - INDOCRYPT 2006, pp. 2\u201316. Springer (2006)","DOI":"10.1007\/11941378_2"},{"key":"1_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"268","DOI":"10.1007\/978-3-662-52993-5_14","volume-title":"Fast Software Encryption","author":"K Fu","year":"2016","unstructured":"Fu, K., Wang, M., Guo, Y., Sun, S., Hu, L.: MILP-based automatic search algorithms for differential and linear trails for speck. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 268\u2013288. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-52993-5_14"},{"key":"1_CR26","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1016\/j.ipl.2018.07.001","volume":"139","author":"D G\u00e9rault","year":"2018","unstructured":"G\u00e9rault, D., Lafourcade, P., Minier, M., Solnon, C.: Revisiting AES related-key differential attacks with constraint programming. Inf. Process. Lett. 139, 24\u201329 (2018)","journal-title":"Inf. Process. Lett."},{"key":"1_CR27","doi-asserted-by":"crossref","unstructured":"Gilbert, H., Peyrin, T.: Super-sbox cryptanalysis: improved attacks for AES-like permutations. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 365\u2013383. Springer, Heidelberg (2010)","DOI":"10.1007\/978-3-642-13858-4_21"},{"key":"1_CR28","doi-asserted-by":"crossref","unstructured":"Iwamoto, M., Peyrin, T., Sasaki, Y.: Limited-birthday distinguishers for hash functions - collisions beyond the birthday bound can be meaningful. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part II. LNCS, vol. 8270, pp. 504\u2013523. Springer, Heidelberg (2013)","DOI":"10.1007\/978-3-642-42045-0_26"},{"key":"1_CR29","doi-asserted-by":"crossref","unstructured":"Leurent, G.: Analysis of differential attacks in ARX constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol.\u00a07658, pp. 226\u2013243. Springer (2012)","DOI":"10.1007\/978-3-642-34961-4_15"},{"key":"1_CR30","doi-asserted-by":"crossref","unstructured":"Leurent, G.: Construction of differential characteristics in ARX designs application to Skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 241\u2013258. Springer, Heidelberg (2013)","DOI":"10.1007\/978-3-642-40041-4_14"},{"key":"1_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1007\/978-3-030-92062-3_10","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"G Leurent","year":"2021","unstructured":"Leurent, G., Pernot, C., Schrottenloher, A.: Clustering effect in\u00a0Simon and\u00a0Simeck. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13090, pp. 272\u2013302. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92062-3_10"},{"key":"1_CR32","doi-asserted-by":"crossref","unstructured":"Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: FSE 2001, LNCS. vol.\u00a02355, pp. 336\u2013350. Springer (2001)","DOI":"10.1007\/3-540-45473-X_28"},{"key":"1_CR33","doi-asserted-by":"crossref","unstructured":"Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336\u2013350. Springer, Heidelberg (2002)","DOI":"10.1007\/3-540-45473-X_28"},{"issue":"2","key":"1_CR34","doi-asserted-by":"publisher","first-page":"1054","DOI":"10.1109\/TIT.2020.3040543","volume":"67","author":"Z Liu","year":"2021","unstructured":"Liu, Z., Li, Y., Jiao, L., Mingsheng, W.: A new method for searching optimal differential and linear trails in ARX ciphers. IEEE Trans. Inf. Theory 67(2), 1054\u20131068 (2021). https:\/\/doi.org\/10.1109\/TIT.2020.3040543","journal-title":"IEEE Trans. Inf. Theory"},{"key":"1_CR35","doi-asserted-by":"crossref","unstructured":"Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT\u201993. LNCS, vol.\u00a0765, pp. 386\u2013397. Springer (1993)","DOI":"10.1007\/3-540-48285-7_33"},{"key":"1_CR36","unstructured":"Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: Application to Salsa20. Cryptology ePrint Archive, Report 2013\/328 (2013). https:\/\/eprint.iacr.org\/2013\/328"},{"key":"1_CR37","doi-asserted-by":"publisher","unstructured":"Murphy, S.: The return of the cryptographic boomerang. IEEE Trans. Inf. Theory 57(4), 2517\u20132521 (2011). https:\/\/doi.org\/10.1109\/TIT.2011.2111091","DOI":"10.1109\/TIT.2011.2111091"},{"key":"1_CR38","doi-asserted-by":"crossref","unstructured":"Nethercote, N., Stuckey, P.J., Becket, R., Brand, S., Duck, G.J., Tack, G.: MiniZinc: towards a standard CP modelling language. In: Bessi\u00e8re, C. (ed.) CP 2007, pp. 529\u2013543. Springer (2007)","DOI":"10.1007\/978-3-540-74970-7_38"},{"key":"1_CR39","unstructured":"Perron, L., Furnon, V.: OR-Tools. https:\/\/developers.google.com\/optimization\/"},{"key":"1_CR40","doi-asserted-by":"publisher","unstructured":"Qin, H., Wu, B.: Towards non-independence of modular additions in searching differential trails of ARX ciphers: new automatic methods with application to SPECK and Chaskey. CoRR abs\/2203.09741 (2022). https:\/\/doi.org\/10.48550\/arXiv.2203.09741","DOI":"10.48550\/arXiv.2203.09741"},{"issue":"9","key":"1_CR41","doi-asserted-by":"publisher","first-page":"2113","DOI":"10.1007\/s10623-021-00904-5","volume":"89","author":"S Sadeghi","year":"2021","unstructured":"Sadeghi, S., Rijmen, V., Bagheri, N.: Proposing an MILP-based method for the experimental verification of difference-based trails: application to SPECK. SIMECK. Des. Codes Cryptogr. 89(9), 2113\u20132155 (2021)","journal-title":"SIMECK. Des. Codes Cryptogr."},{"key":"1_CR42","doi-asserted-by":"crossref","unstructured":"Song, L., Huang, Z., Yang, Q.: Automatic differential analysis of ARX block ciphers with application to SPECK and LEA. In: Liu, J.K., Steinfeld, R. (eds.) ACISP 2016. LNCS, vol.\u00a09723, pp. 379\u2013394. Springer (2016)","DOI":"10.1007\/978-3-319-40367-0_24"},{"key":"1_CR43","doi-asserted-by":"crossref","unstructured":"Soos, M., Nohl, K., Castelluccia, C.: Extending SAT solvers to cryptographic problems. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol.\u00a05584, pp. 244\u2013257. Springer (2009)","DOI":"10.1007\/978-3-642-02777-2_24"},{"key":"1_CR44","doi-asserted-by":"crossref","unstructured":"Su, Y., Gao, Y., Kavehei, O., Ranasinghe, D.C.: Hash functions and benchmarks for resource constrained passive devices: a preliminary study. In: 2019 IEEE PerCom Workshop, pp. 1020\u20131025 (2019)","DOI":"10.1109\/PERCOMW.2019.8730835"},{"key":"1_CR45","doi-asserted-by":"crossref","unstructured":"Sun, L., Wang, W., Wang, M.: Accelerating the search of differential and linear characteristics with the SAT method. IACR Trans. Symmetric Cryptol. 2021(1), 269-315 (2021). https:\/\/tosc.iacr.org\/index.php\/ToSC\/article\/view\/8840","DOI":"10.46586\/tosc.v2021.i1.269-315"},{"key":"1_CR46","doi-asserted-by":"crossref","unstructured":"Wagner, D.A.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE \u201999. LNCS, vol.\u00a01636, pp. 156\u2013170. Springer (1999)","DOI":"10.1007\/3-540-48519-8_12"},{"key":"1_CR47","doi-asserted-by":"crossref","unstructured":"Wang, D., Wang, B., Sun, S.: SAT-aided automatic search of boomerang distinguishers for ARX ciphers (Long Paper). IACR Cryptol. ePrint Arch. p.\u00a0202 (2023). https:\/\/eprint.iacr.org\/2023\/202","DOI":"10.46586\/tosc.v2023.i1.152-191"},{"key":"1_CR48","doi-asserted-by":"crossref","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17\u201336. Springer, Heidelberg (2005)","DOI":"10.1007\/11535218_2"},{"key":"1_CR49","doi-asserted-by":"crossref","unstructured":"Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19\u201335. Springer, Heidelberg (May 2005)","DOI":"10.1007\/11426639_2"},{"key":"1_CR50","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Sun, S., Cai, J., Hu, L.: Speeding up milp aided differential characteristic search with matsui\u2019s strategy. In: Chen, L., Manulis, M., Schneider, S. (eds.) Information Security, pp. 101\u2013115. Springer International Publishing, Cham (2018)","DOI":"10.1007\/978-3-319-99136-8_6"}],"container-title":["Lecture Notes in Computer Science","Topics in Cryptology \u2013 CT-RSA 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-88661-4_1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,4,5]],"date-time":"2025-04-05T20:59:19Z","timestamp":1743886759000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-88661-4_1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031886607","9783031886614"],"references-count":50,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-88661-4_1","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"4 April 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CT-RSA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Cryptographers\u2019 Track at the RSA Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"San Francisco, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 April 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1 May 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"ctrsa2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/ct-rsa-2025.csa.iisc.ac.in","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}