{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T04:23:20Z","timestamp":1780633400718,"version":"3.54.1"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319636962","type":"print"},{"value":"9783319636979","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-63697-9_2","type":"book-chapter","created":{"date-parts":[[2017,8,1]],"date-time":"2017-08-01T04:07:12Z","timestamp":1501560432000},"page":"34-65","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":44,"title":["ZMAC: A Fast Tweakable Block Cipher Mode for Highly Secure Message Authentication"],"prefix":"10.1007","author":[{"given":"Tetsu","family":"Iwata","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Kazuhiko","family":"Minematsu","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Thomas","family":"Peyrin","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yannick","family":"Seurin","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2017,8,2]]},"reference":[{"key":"2_CR1","unstructured":"Bellare, M., Impagliazzo, R.: A tool for obtaining tighter security analyses of pseudorandom function based constructions, with applications to PRP to PRF conversion. IACR Cryptology ePrint Archive, Report 1999\/024 (1999). http:\/\/eprint.iacr.org\/1999\/024"},{"key":"2_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/978-3-662-53008-5_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"C Beierle","year":"2016","unstructured":"Beierle, C., Jean, J., K\u00f6lbl, S., Leander, G., Moradi, A., Peyrin, T., Sasaki, Y., Sasdrich, P., Sim, S.M.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 123\u2013153. Springer, Heidelberg (2016). doi:10.1007\/978-3-662-53008-5_5"},{"key":"2_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"231","DOI":"10.1007\/978-3-642-03356-8_14","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"A Biryukov","year":"2009","unstructured":"Biryukov, A., Khovratovich, D., Nikoli\u0107, I.: Distinguisher and related-key attack on the full AES-256. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 231\u2013249. Springer, Heidelberg (2009). doi:10.1007\/978-3-642-03356-8_14"},{"issue":"3","key":"2_CR4","doi-asserted-by":"publisher","first-page":"362","DOI":"10.1006\/jcss.1999.1694","volume":"61","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. J. Comput. Syst. Sci. 61(3), 362\u2013399 (2000)","journal-title":"J. Comput. Syst. Sci."},{"key":"2_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"384","DOI":"10.1007\/3-540-46035-7_25","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2002","author":"J Black","year":"2002","unstructured":"Black, J., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 384\u2013397. Springer, Heidelberg (2002). doi:10.1007\/3-540-46035-7_25"},{"issue":"2","key":"2_CR6","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/s00145-004-0016-3","volume":"18","author":"J Black","year":"2005","unstructured":"Black, J., Rogaway, P.: CBC MACs for arbitrary-length messages: the three-key constructions. J. Cryptology 18(2), 111\u2013131 (2005)","journal-title":"J. Cryptology"},{"key":"2_CR7","unstructured":"CAESAR: Competition for Authenticated Encryption: Security, Applicability, and Robustness. http:\/\/competitions.cr.yp.to\/caesar.html"},{"key":"2_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/978-3-642-11799-2_17","volume-title":"Theory of Cryptography","author":"J-S Coron","year":"2010","unstructured":"Coron, J.-S., Dodis, Y., Mandal, A., Seurin, Y.: A domain extender for the ideal cipher. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 273\u2013289. Springer, Heidelberg (2010). doi:10.1007\/978-3-642-11799-2_17"},{"key":"2_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/978-3-662-46706-0_15","volume-title":"Fast Software Encryption","author":"B Cogliati","year":"2015","unstructured":"Cogliati, B., Lampe, R., Patarin, J.: The indistinguishability of the XOR of \n$$k$$\n permutations. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 285\u2013302. Springer, Heidelberg (2015). doi:10.1007\/978-3-662-46706-0_15"},{"key":"2_CR10","unstructured":"Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The Skein Hash Function Family. SHA3 Submission to NIST (Round 3) (2010)"},{"key":"2_CR11","doi-asserted-by":"crossref","unstructured":"Gueron, S., Lindell, Y.: GCM-SIV: full nonce misuse-resistant authenticated encryption at under one cycle per byte. In: Ray, I., Li, N., Kruegel, C. (eds.) ACM Conference on Computer and Communications Security - CCS 2015, pp. 109\u2013119. ACM (2015)","DOI":"10.1145\/2810103.2813613"},{"key":"2_CR12","unstructured":"Grosso, V., Leurent, G., Standaert, F.-X., Varici, K., Durvaux, F., Gaspar, L., Kerckhof, S.: SCREAM and iSCREAM. Submitted to the CAESAR competition (2014)"},{"key":"2_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-540-85174-5_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"H Handschuh","year":"2008","unstructured":"Handschuh, H., Preneel, B.: Key-recovery attacks on universal hash function based MAC algorithms. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 144\u2013161. Springer, Heidelberg (2008). doi:10.1007\/978-3-540-85174-5_9"},{"key":"2_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-540-39887-5_11","volume-title":"Fast Software Encryption","author":"T Iwata","year":"2003","unstructured":"Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 129\u2013153. Springer, Heidelberg (2003). doi:10.1007\/978-3-540-39887-5_11"},{"key":"2_CR15","unstructured":"Iwata, T., Mennink, B., Viz\u00e1r, D.: CENC is Optimally Secure (2016). http:\/\/eprint.iacr.org\/2016\/1087"},{"key":"2_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"310","DOI":"10.1007\/11799313_20","volume-title":"Fast Software Encryption","author":"T Iwata","year":"2006","unstructured":"Iwata, T.: New blockcipher modes of operation with beyond the birthday bound security. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 310\u2013327. Springer, Heidelberg (2006). doi:10.1007\/11799313_20"},{"key":"2_CR17","unstructured":"Jean, J., Nikoli\u0107, I., Peyrin, T.: Deoxys v1. Submitted to the CAESAR competition (2014)"},{"key":"2_CR18","unstructured":"Jean, J., Nikoli\u0107, I., Peyrin, T.: Joltik v1. Submitted to the CAESAR competition (2014)"},{"key":"2_CR19","unstructured":"Jean, J., Nikoli\u0107, I., Peyrin, T.: KIASU v1. Submitted to the CAESAR competition (2014)"},{"key":"2_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"274","DOI":"10.1007\/978-3-662-45608-8_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"J Jean","year":"2014","unstructured":"Jean, J., Nikoli\u0107, I., Peyrin, T.: Tweaks and keys for block ciphers: the TWEAKEY framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 274\u2013288. Springer, Heidelberg (2014). doi:10.1007\/978-3-662-45608-8_15"},{"key":"2_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"306","DOI":"10.1007\/978-3-642-21702-9_18","volume-title":"Fast Software Encryption","author":"T Krovetz","year":"2011","unstructured":"Krovetz, T., Rogaway, P.: The software performance of authenticated-encryption modes. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 306\u2013327. Springer, Heidelberg (2011). doi:10.1007\/978-3-642-21702-9_18"},{"key":"2_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"258","DOI":"10.1007\/978-3-319-52153-4_15","volume-title":"Topics in Cryptology \u2013 CT-RSA 2017","author":"E List","year":"2017","unstructured":"List, E., Nandi, M.: Revisiting full-PRF-secure PMAC and using it for beyond-birthday authenticated encryption. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 258\u2013274. Springer, Cham (2017). doi:10.1007\/978-3-319-52153-4_15"},{"key":"2_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-45708-9_3","volume-title":"Advances in Cryptology \u2014 CRYPTO 2002","author":"M Liskov","year":"2002","unstructured":"Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31\u201346. Springer, Heidelberg (2002). doi:10.1007\/3-540-45708-9_3"},{"key":"2_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"470","DOI":"10.1007\/3-540-45539-6_34","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"S Lucks","year":"2000","unstructured":"Lucks, S.: The sum of PRPs is a secure PRF. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 470\u2013484. Springer, Heidelberg (2000). doi:10.1007\/3-540-45539-6_34"},{"key":"2_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"77","DOI":"10.1007\/978-3-319-27239-9_5","volume-title":"Cryptography and Coding","author":"K Minematsu","year":"2015","unstructured":"Minematsu, K., Iwata, T.: Tweak-length extension for tweakable blockciphers. In: Groth, J. (ed.) IMACC 2015. LNCS, vol. 9496, pp. 77\u201393. Springer, Cham (2015). doi:10.1007\/978-3-319-27239-9_5"},{"key":"2_CR26","doi-asserted-by":"crossref","unstructured":"Minematsu, K., Iwata, T.: Cryptanalysis of PMACx, PMAC2x, and SIVx. IACR Trans. Symmetric Cryptol. 2017(2) (2017)","DOI":"10.46586\/tosc.v2017.i2.162-176"},{"key":"2_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1007\/978-3-642-03317-9_19","volume-title":"Fast Software Encryption","author":"K Minematsu","year":"2009","unstructured":"Minematsu, K.: Beyond-birthday-bound security based on tweakable block cipher. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 308\u2013326. Springer, Heidelberg (2009). doi:10.1007\/978-3-642-03317-9_19"},{"key":"2_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1007\/978-3-540-30556-9_27","volume-title":"Progress in Cryptology - INDOCRYPT 2004","author":"DA McGrew","year":"2004","unstructured":"McGrew, D.A., Viega, J.: The security and performance of the galois\/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343\u2013355. Springer, Heidelberg (2004). doi:10.1007\/978-3-540-30556-9_27"},{"key":"2_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1007\/978-3-319-26059-4_9","volume-title":"Provable Security","author":"Y Naito","year":"2015","unstructured":"Naito, Y.: Full PRF-secure message authentication code based on tweakable block cipher. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 167\u2013182. Springer, Cham (2015). doi:10.1007\/978-3-319-26059-4_9"},{"key":"2_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/978-3-540-85093-9_22","volume-title":"Information Theoretic Security","author":"J Patarin","year":"2008","unstructured":"Patarin, J.: A proof of security in O(2\n                      n\n                    ) for the xor of two random permutations. In: Safavi-Naini, R. (ed.) ICITS 2008. LNCS, vol. 5155, pp. 232\u2013248. Springer, Heidelberg (2008). doi:10.1007\/978-3-540-85093-9_22"},{"key":"2_CR31","unstructured":"Patarin, J.: Introduction to Mirror Theory: Analysis of Systems of Linear Equalities and Linear Non Equalities for Cryptography (2010). http:\/\/eprint.iacr.org\/2010\/287"},{"key":"2_CR32","unstructured":"Patarin, J.: Security in \n$$O(2^n)$$\n for the Xor of Two Random Permutations: Proof with the Standard \n$$H$$\n Technique. IACR Cryptology ePrint Archive, Report 2013\/368 (2013). http:\/\/eprint.iacr.org\/2013\/368"},{"issue":"4","key":"2_CR33","doi-asserted-by":"publisher","first-page":"769","DOI":"10.1007\/s00145-014-9178-9","volume":"28","author":"G Procter","year":"2015","unstructured":"Procter, G., Cid, C.: On weak keys and forgery attacks against polynomial-based MAC schemes. J. Cryptology 28(4), 769\u2013795 (2015)","journal-title":"J. Cryptology"},{"key":"2_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/978-3-662-53018-4_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"T Peyrin","year":"2016","unstructured":"Peyrin, T., Seurin, Y.: Counter-in-tweak: authenticated encryption modes for tweakable block ciphers. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 33\u201363. Springer, Heidelberg (2016). doi:10.1007\/978-3-662-53018-4_2"},{"key":"2_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-30539-2_2","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"P Rogaway","year":"2004","unstructured":"Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16\u201331. Springer, Heidelberg (2004). doi:10.1007\/978-3-540-30539-2_2"},{"key":"2_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"373","DOI":"10.1007\/11761679_23","volume-title":"Advances in Cryptology - EUROCRYPT 2006","author":"P Rogaway","year":"2006","unstructured":"Rogaway, P., Shrimpton, T.: A provable-security treatment of the key-wrap problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 373\u2013390. Springer, Heidelberg (2006). doi:10.1007\/11761679_23"},{"key":"2_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"366","DOI":"10.1007\/978-3-642-11925-5_25","volume-title":"Topics in Cryptology - CT-RSA 2010","author":"K Yasuda","year":"2010","unstructured":"Yasuda, K.: The sum of CBC\u00a0MACs is a secure PRF. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 366\u2013381. Springer, Heidelberg (2010). doi:10.1007\/978-3-642-11925-5_25"},{"key":"2_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"596","DOI":"10.1007\/978-3-642-22792-9_34","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"K Yasuda","year":"2011","unstructured":"Yasuda, K.: A new variant of PMAC: beyond the birthday bound. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 596\u2013609. Springer, Heidelberg (2011). doi:10.1007\/978-3-642-22792-9_34"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2017"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-63697-9_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T20:07:06Z","timestamp":1710360426000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-63697-9_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319636962","9783319636979"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-63697-9_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]},"assertion":[{"value":"2 August 2017","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2017","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 August 2017","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 August 2017","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"37","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2017","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.iacr.org\/conferences\/crypto2017\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}