{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:40:27Z","timestamp":1767321627753,"version":"3.48.0"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783032105356","type":"print"},{"value":"9783032105363","type":"electronic"}],"license":[{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2026,1,1]],"date-time":"2026-01-01T00:00:00Z","timestamp":1767225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2026]]},"DOI":"10.1007\/978-3-032-10536-3_7","type":"book-chapter","created":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:38:25Z","timestamp":1767321505000},"page":"179-208","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Multiforked Iterated Even-Mansour and\u00a0a\u00a0Note on\u00a0the\u00a0Tightness of\u00a0IEM Proofs"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0964-8711","authenticated-orcid":false,"given":"Elena","family":"Andreeva","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0843-4885","authenticated-orcid":false,"given":"Amit Singh","family":"Bhati","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0007-4176-9405","authenticated-orcid":false,"given":"Andreas","family":"Weninger","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2026,1,2]]},"reference":[{"issue":"3","key":"7_CR1","first-page":"1","volume":"2021","author":"E Andreeva","year":"2021","unstructured":"Andreeva, E., Bhati, A.S., Preneel, B., Viz\u00e1r, D.: 1, 2, 3, fork: Counter mode variants based on a generalized forkcipher. IACR Trans. Symm. Cryptol. 2021(3), 1\u201335 (2021)","journal-title":"IACR Trans. Symm. Cryptol."},{"key":"7_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"512","DOI":"10.1007\/978-3-030-81652-0_20","volume-title":"Selected Areas in Cryptography","author":"E Andreeva","year":"2021","unstructured":"Andreeva, E., Bhati, A.S., Viz\u00e1r, D.: Nonce-misuse security of the SAEF authenticated encryption mode. In: Dunkelman, O., Jacobson, Jr., M.J., O\u2019Flynn, C. (eds.) SAC 2020. LNCS, vol. 12804, pp. 512\u2013534. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-81652-0_20"},{"key":"7_CR3","unstructured":"Andreeva, E., Deprez, A., Pittevils, J., Roy, A., Bhati, A.S., Viz\u00e1r, D.: New results and insighs on forkae, In: NIST LWC workshop (2020)"},{"key":"7_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1007\/978-3-030-34621-8_6","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2019","author":"E Andreeva","year":"2019","unstructured":"Andreeva, E., Lallemand, V., Purnal, A., Reyhanitabar, R., Roy, A., Viz\u00e1r, D.: Forkcipher: a new primitive for authenticated encryption of very short messages. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11922, pp. 153\u2013182. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-34621-8_6"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Andreeva, E., Weninger, A.: A forkcipher-based pseudo-random number generator. In: Tibouchi, M., Wang, X. (eds.) Applied Cryptography and Network Security, pp. 3\u201331. Springer, Cham (2023)","DOI":"10.1007\/978-3-031-33491-7_1"},{"key":"7_CR6","doi-asserted-by":"crossref","unstructured":"Bhati, A.S., Andreeva, E., M\u00fcller, S., Vizar, D.: Sonikku: Gotta Speed, Keed! A Family of Fast and Secure MACs. Cryptology ePrint Archive, Paper 2024\/1980 (2024)","DOI":"10.1007\/978-981-95-4434-9_6"},{"key":"7_CR7","doi-asserted-by":"publisher","unstructured":"Bhati, A.S., Andreeva, E., Viz\u00e1r, D.: OAE-RUP: a strong online AEAD security notion and its application to SAEF. In: International Conference on Security and Cryptography for Networks, pp. 117\u2013139. Springer, Heidelberg (2024). https:\/\/doi.org\/10.1007\/978-3-031-71073-5_6","DOI":"10.1007\/978-3-031-71073-5_6"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Bhattacharjee, A., Bhaumik, R., Dutta, A., List, E.: PAE: Towards more efficient and bbb-secure ae from a single public permutation. Cryptology ePrint Archive, Paper 2023\/978 (2023). https:\/\/eprint.iacr.org\/2023\/978","DOI":"10.1007\/978-981-99-7356-9_5"},{"key":"7_CR9","doi-asserted-by":"crossref","unstructured":"Bhati, A.S., Dufka, A., Andreeva, E., Roy, A., Preneel, B.: Skye: an expanding PRF based fast KDF and its applications. In: Proceedings of the 19th ACM Asia Conference on Computer and Communications Security, pp. 1082\u20131098 (2024)","DOI":"10.1145\/3634737.3637673"},{"key":"7_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/978-3-642-29011-4_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"A Bogdanov","year":"2012","unstructured":"Bogdanov, A., Knudsen, L.R., Leander, G., Standaert, F.-X., Steinberger, J., Tischhauser, E.: Key-alternating ciphers in a provable setting: encryption using a small number of public permutations. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 45\u201362. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-29011-4_5"},{"key":"7_CR11","doi-asserted-by":"crossref","unstructured":"Bhati, A.S., Pohle, E., Abidin, A., Andreeva, E., Preneel, B.: Let\u2019s go eevee! a friendly and suitable family of AEAD modes for IoT-to-cloud secure computation. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, pp. 2546\u20132560 (2023)","DOI":"10.1145\/3576915.3623091"},{"key":"7_CR12","unstructured":"Bhati, A.S., Verbauwhede, M., Andreeva, E.: Breaking, Repairing and Enhancing XCBv2 into the Tweakable Enciphering Mode GEM. Cryptology ePrint Archive (2024). https:\/\/eprint.iacr.org\/2024\/1554"},{"key":"7_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/978-3-662-47989-6_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"B Cogliati","year":"2015","unstructured":"Cogliati, B., Lampe, R., Seurin, Y.: Tweaking even-mansour ciphers. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 189\u2013208. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_9"},{"key":"7_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-642-55220-5_19","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"S Chen","year":"2014","unstructured":"Chen, S., Steinberger, J.: Tight security bounds for key-alternating ciphers. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 327\u2013350. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-642-55220-5_19"},{"key":"7_CR15","unstructured":"Dutta, A., Guo, J., List, E.: Forking sums of permutations for optimally secure and highly efficient prfs. Cryptology ePrint Archive, Paper 2022\/1609 (2022). https:\/\/eprint.iacr.org\/2022\/1609"},{"issue":"3","key":"7_CR16","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/s001459900025","volume":"10","author":"S Even","year":"1997","unstructured":"Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. J. Cryptol. 10(3), 151\u2013162 (1997)","journal-title":"J. Cryptol."},{"key":"7_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1007\/978-3-642-40041-4_30","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"P Ga\u017ei","year":"2013","unstructured":"Ga\u017ei, P.: Plain versus randomized cascading-based key-length extension for block ciphers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 551\u2013570. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_30"},{"key":"7_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"482","DOI":"10.1007\/978-3-540-45146-4_28","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"S Halevi","year":"2003","unstructured":"Halevi, S., Rogaway, P.: A tweakable enciphering mode. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 482\u2013499. Springer, Heidelberg (2003). https:\/\/doi.org\/10.1007\/978-3-540-45146-4_28"},{"key":"7_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/978-3-540-24660-2_23","volume-title":"Topics in Cryptology \u2013 CT-RSA 2004","author":"S Halevi","year":"2004","unstructured":"Halevi, S., Rogaway, P.: A parallelizable enciphering mode. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 292\u2013304. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-24660-2_23"},{"key":"7_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/978-3-662-53018-4_1","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"VT Hoang","year":"2016","unstructured":"Hoang, V.T., Tessaro, S.: Key-alternating ciphers and key-length extension: exact bounds and multi-user security. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 3\u201332. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_1"},{"issue":"4","key":"7_CR21","doi-asserted-by":"publisher","first-page":"71","DOI":"10.46586\/tosc.v2020.i4.71-87","volume":"2020","author":"H Kim","year":"2020","unstructured":"Kim, H., Lee, Y., Lee, J.: Forking tweakable even-mansour ciphers. IACR Trans. Symm. Cryptol. 2020(4), 71\u201387 (2020)","journal-title":"IACR Trans. Symm. Cryptol."},{"key":"7_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-642-34961-4_18","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"R Lampe","year":"2012","unstructured":"Lampe, R., Patarin, J., Seurin, Y.: An asymptotically tight security analysis of the iterated even-mansour cipher. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 278\u2013295. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_18"},{"key":"7_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-45708-9_3","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"M Liskov","year":"2002","unstructured":"Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31\u201346. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/3-540-45708-9_3"},{"key":"7_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1007\/978-3-642-32009-5_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"W Landecker","year":"2012","unstructured":"Landecker, W., Shrimpton, T., Terashima, R.S.: Tweakable blockciphers with beyond birthday-bound security. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 14\u201330. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_2"},{"key":"7_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1007\/978-3-642-04159-4_21","volume-title":"Selected Areas in Cryptography","author":"J Patarin","year":"2009","unstructured":"Patarin, J.: The \u201cCoefficients H\u2019\u2019 technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328\u2013345. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04159-4_21"},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Rogaway, P., Bellare, M., Black, J., Krovetz, T.: OCB: a block-cipher mode of operation for efficient authenticated encryption. In: Reiter, M.K., Samarati, P. (eds.) ACM CCS 2001, Philadelphia, PA, USA,\u00a05\u20138 November 2001, pp. 196\u2013205. ACM Press (2001)","DOI":"10.1145\/501983.502011"},{"key":"7_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-30539-2_2","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"P Rogaway","year":"2004","unstructured":"Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16\u201331. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30539-2_2"},{"key":"7_CR28","unstructured":"Steinberger, J.: Improved security bounds for key-alternating ciphers via hellinger distance. Cryptology ePrint Archive, Report 2012\/481 (2012). https:\/\/eprint.iacr.org\/2012\/481"}],"container-title":["Lecture Notes in Computer Science","Selected Areas in Cryptography \u2013 SAC 2025"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-032-10536-3_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T02:38:27Z","timestamp":1767321507000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-032-10536-3_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2026]]},"ISBN":["9783032105356","9783032105363"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-032-10536-3_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2026]]},"assertion":[{"value":"2 January 2026","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SAC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Selected Areas in Cryptography","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Toronto, ON","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Canada","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2025","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 August 2025","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15 August 2025","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"32","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"sacrypt2025","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/sacworkshop.org\/SAC25\/index.html","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}