{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,7]],"date-time":"2026-03-07T14:18:38Z","timestamp":1772893118513,"version":"3.50.1"},"publisher-location":"Cham","reference-count":26,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319968803","type":"print"},{"value":"9783319968810","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-96881-0_7","type":"book-chapter","created":{"date-parts":[[2018,7,23]],"date-time":"2018-07-23T19:54:39Z","timestamp":1532375679000},"page":"185-212","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":30,"title":["Improved Key Recovery Attacks on\u00a0Reduced-Round AES with Practical Data and Memory Complexities"],"prefix":"10.1007","author":[{"given":"Achiya","family":"Bar-On","sequence":"first","affiliation":[]},{"given":"Orr","family":"Dunkelman","sequence":"additional","affiliation":[]},{"given":"Nathan","family":"Keller","sequence":"additional","affiliation":[]},{"given":"Eyal","family":"Ronen","sequence":"additional","affiliation":[]},{"given":"Adi","family":"Shamir","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,7,24]]},"reference":[{"key":"7_CR1","unstructured":"Biham, E., Keller, N.: Cryptanalysis of Reduced Variants of Rijndael (1999). Unpublished manuscript"},{"key":"7_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"344","DOI":"10.1007\/978-3-642-25385-0_19","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2011","author":"A Bogdanov","year":"2011","unstructured":"Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique cryptanalysis of the full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344\u2013371. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25385-0_19"},{"issue":"11","key":"7_CR3","doi-asserted-by":"publisher","first-page":"3318","DOI":"10.1109\/TC.2016.2529618","volume":"65","author":"L Bossuet","year":"2016","unstructured":"Bossuet, L., Datta, N., Mancillas-L\u00f3pez, C., Nandi, M.: ELmD: a pipelineable authenticated encryption and its hardware implementation. IEEE Trans. Comput. 65(11), 3318\u20133331 (2016)","journal-title":"IEEE Trans. Comput."},{"issue":"11","key":"7_CR4","doi-asserted-by":"publisher","first-page":"7002","DOI":"10.1109\/TIT.2012.2207880","volume":"58","author":"C Bouillaguet","year":"2012","unstructured":"Bouillaguet, C., Derbez, P., Dunkelman, O., Fouque, P., Keller, N., Rijmen, V.: Low-data complexity attacks on AES. IEEE Trans. Inf. Theor. 58(11), 7002\u20137017 (2012). https:\/\/doi.org\/10.1109\/TIT.2012.2207880","journal-title":"IEEE Trans. Inf. Theor."},{"key":"7_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-642-22792-9_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"C Bouillaguet","year":"2011","unstructured":"Bouillaguet, C., Derbez, P., Fouque, P.-A.: Automatic search of attacks on round-reduced AES and applications. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 169\u2013187. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_10"},{"issue":"1","key":"7_CR6","doi-asserted-by":"publisher","first-page":"101","DOI":"10.1007\/s00145-016-9251-7","volume":"31","author":"C Boura","year":"2018","unstructured":"Boura, C., Lallemand, V., Naya-Plasencia, M., Suder, V.: Making the impossible possible. J. Cryptol. 31(1), 101\u2013133 (2018). https:\/\/doi.org\/10.1007\/s00145-016-9251-7","journal-title":"J. Cryptol."},{"key":"7_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"293","DOI":"10.1007\/978-3-319-52153-4_17","volume-title":"Topics in Cryptology \u2013 CT-RSA 2017","author":"J Cho","year":"2017","unstructured":"Cho, J., et al.: WEM: a new family of white-box block ciphers based on the even-mansour construction. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 293\u2013308. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-52153-4_17"},{"key":"7_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"149","DOI":"10.1007\/BFb0052343","volume-title":"Fast Software Encryption","author":"J Daemen","year":"1997","unstructured":"Daemen, J., Knudsen, L., Rijmen, V.: The block cipher Square. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149\u2013165. Springer, Heidelberg (1997). https:\/\/doi.org\/10.1007\/BFb0052343"},{"key":"7_CR9","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-04722-4","volume-title":"The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography","author":"J Daemen","year":"2002","unstructured":"Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/978-3-662-04722-4"},{"key":"7_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"116","DOI":"10.1007\/978-3-540-71039-4_7","volume-title":"Fast Software Encryption","author":"H Demirci","year":"2008","unstructured":"Demirci, H., Sel\u00e7uk, A.A.: A meet-in-the-middle attack on 8-round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 116\u2013126. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-71039-4_7"},{"key":"7_CR11","unstructured":"Derbez, P.: Meet-in-the-middle attacks on AES. Ph.D. thesis, Ecole Normale Sup\u00e9rieure de Paris \u2013 ENS Paris (2013)"},{"key":"7_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"541","DOI":"10.1007\/978-3-662-43933-3_28","volume-title":"Fast Software Encryption","author":"P Derbez","year":"2014","unstructured":"Derbez, P., Fouque, P.-A.: Exhausting Demirci-Sel\u00e7uk meet-in-the-middle attacks against reduced-round AES. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 541\u2013560. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-43933-3_28"},{"key":"7_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"371","DOI":"10.1007\/978-3-642-38348-9_23","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2013","author":"P Derbez","year":"2013","unstructured":"Derbez, P., Fouque, P.-A., Jean, J.: Improved key recovery attacks on reduced-round, in the single-key setting. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 371\u2013387. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38348-9_23"},{"key":"7_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"719","DOI":"10.1007\/978-3-642-32009-5_42","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"I Dinur","year":"2012","unstructured":"Dinur, I., Dunkelman, O., Keller, N., Shamir, A.: Efficient dissection of composite problems, with applications to cryptanalysis, knapsacks, and combinatorial search problems. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 719\u2013740. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_42"},{"key":"7_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"213","DOI":"10.1007\/3-540-44706-7_15","volume-title":"Fast Software Encryption","author":"N Ferguson","year":"2001","unstructured":"Ferguson, N.: Improved cryptanalysis of Rijndael. In: Goos, G., Hartmanis, J., van Leeuwen, J., Schneier, B. (eds.) FSE 2000. LNCS, vol. 1978, pp. 213\u2013230. Springer, Heidelberg (2001). https:\/\/doi.org\/10.1007\/3-540-44706-7_15"},{"key":"7_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/978-3-662-53887-6_6","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"P-A Fouque","year":"2016","unstructured":"Fouque, P.-A., Karpman, P., Kirchner, P., Minaud, B.: Efficient and provable white-box primitives. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 159\u2013188. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_6"},{"key":"7_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"383","DOI":"10.1007\/978-3-642-40349-1_22","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2013","author":"B G\u00e9rard","year":"2013","unstructured":"G\u00e9rard, B., Grosso, V., Naya-Plasencia, M., Standaert, F.-X.: Block ciphers that are easier to mask: how far can we go? In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 383\u2013399. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40349-1_22"},{"key":"7_CR18","unstructured":"Gilbert, H., Minier, M.: A collision attack on 7 rounds of Rijndael. In: Preproceedings of Third AES Candidate Conference, pp. 230\u2013241 (2000)"},{"key":"7_CR19","unstructured":"Grassi, L.: Mixture differential cryptanalysis: new approaches for distinguishers and attacks on round-reduced AES. Cryptology ePrint Archive, Report 2017\/832 (2017). https:\/\/eprint.iacr.org\/2017\/832"},{"key":"7_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1007\/978-3-319-56614-6_10","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2017","author":"L Grassi","year":"2017","unstructured":"Grassi, L., Rechberger, C., R\u00f8njom, S.: A new structural-differential property of 5-round AES. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017, Part II. LNCS, vol. 10211, pp. 289\u2013317. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-56614-6_10"},{"key":"7_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"326","DOI":"10.1007\/978-3-642-23951-9_22","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2011","author":"J Guo","year":"2011","unstructured":"Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326\u2013341. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-23951-9_22"},{"key":"7_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"15","DOI":"10.1007\/978-3-662-46800-5_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"VT Hoang","year":"2015","unstructured":"Hoang, V.T., Krovetz, T., Rogaway, P.: Robust authenticated-encryption AEZ and the problem that it solves. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part I. LNCS, vol. 9056, pp. 15\u201344. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_2"},{"key":"7_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-642-17401-8_20","volume-title":"Progress in Cryptology - INDOCRYPT 2010","author":"H Mala","year":"2010","unstructured":"Mala, H., Dakhilalian, M., Rijmen, V., Modarres-Hashemi, M.: Improved impossible differential cryptanalysis of 7-round AES-128. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol. 6498, pp. 282\u2013291. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17401-8_20"},{"key":"7_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1007\/978-3-319-70694-8_8","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"S R\u00f8njom","year":"2017","unstructured":"R\u00f8njom, S., Bardeh, N.G., Helleseth, T.: Yoyo tricks with AES. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part I. LNCS, vol. 10624, pp. 217\u2013243. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70694-8_8"},{"key":"7_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"214","DOI":"10.1007\/978-3-662-49890-3_9","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2016","author":"T Tiessen","year":"2016","unstructured":"Tiessen, T.: Polytopic cryptanalysis. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part I. LNCS, vol. 9665, pp. 214\u2013239. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-49890-3_9"},{"key":"7_CR26","doi-asserted-by":"crossref","unstructured":"Tunstall, M.: Improved \u201cPartial Sums\u201d-based square attack on AES. In: Samarati, P., Lou, W., Zhou, J. (eds.) SECRYPT 2012 - Proceedings of the International Conference on Security and Cryptography, Rome, Italy, 24\u201327 July 2012, SECRYPT is part of ICETE - The International Joint Conference on e-Business and Telecommunications, pp. 25\u201334. SciTePress (2012)","DOI":"10.5220\/0003990300250034"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2018"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-96881-0_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,5]],"date-time":"2025-07-05T23:45:27Z","timestamp":1751759127000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-96881-0_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319968803","9783319968810"],"references-count":26,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-96881-0_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"24 July 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 August 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 August 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}