{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,28]],"date-time":"2026-02-28T13:02:05Z","timestamp":1772283725657,"version":"3.50.1"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319968834","type":"print"},{"value":"9783319968841","type":"electronic"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-96884-1_21","type":"book-chapter","created":{"date-parts":[[2018,7,24]],"date-time":"2018-07-24T10:33:49Z","timestamp":1532428429000},"page":"631-661","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":27,"title":["Encrypt or Decrypt? To Make a Single-Key Beyond Birthday Secure Nonce-Based MAC"],"prefix":"10.1007","author":[{"given":"Nilanjan","family":"Datta","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Avijit","family":"Dutta","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mridul","family":"Nandi","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kan","family":"Yasuda","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2018,7,25]]},"reference":[{"key":"21_CR1","unstructured":"Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013\/404 (2013). http:\/\/eprint.iacr.org\/2013\/404"},{"key":"21_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/978-3-662-53008-5_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"C Beierle","year":"2016","unstructured":"Beierle, C., et al.: The SKINNY family of block ciphers and its low-latency variant MANTIS. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 123\u2013153. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_5"},{"key":"21_CR3","unstructured":"Bellare, M., Impagliazzo, R.: A tool for obtaining tighter security analyses of pseudorandom function based constructions, with applications to PRP to PRF conversion. Cryptology ePrint Archive, Report 1999\/024 (1999). http:\/\/eprint.iacr.org\/1999\/024"},{"key":"21_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-68697-5_1","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"M Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1\u201315. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_1"},{"key":"21_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"341","DOI":"10.1007\/3-540-48658-5_32","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201994","author":"M Bellare","year":"1994","unstructured":"Bellare, M., Kilian, J., Rogaway, P.: The security of cipher block chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 341\u2013358. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48658-5_32"},{"key":"21_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/BFb0054132","volume-title":"Advances in Cryptology \u2014 EUROCRYPT \u201998","author":"M Bellare","year":"1998","unstructured":"Bellare, M., Krovetz, T., Rogaway, P.: Luby-Rackoff backwards: increasing security by making block ciphers non-invertible. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 266\u2013280. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/BFb0054132"},{"key":"21_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"387","DOI":"10.1007\/978-3-319-78381-9_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2018","author":"S Bhattacharya","year":"2018","unstructured":"Bhattacharya, S., Nandi, M.: Full indifferentiable security of the Xor of two or more random permutations using the $$\\chi ^2$$ method. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part I. LNCS, vol. 10820, pp. 387\u2013412. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78381-9_15"},{"issue":"1","key":"21_CR8","doi-asserted-by":"crossref","first-page":"314","DOI":"10.46586\/tosc.v2018.i1.314-335","volume":"2018","author":"S Bhattacharya","year":"2018","unstructured":"Bhattacharya, S., Nandi, M.: Revisiting variable output length XOR pseudorandom function. IACR Trans. Symmetric Cryptol. 2018(1), 314\u2013335 (2018)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"21_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"450","DOI":"10.1007\/978-3-540-74735-2_31","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2007","author":"A Bogdanov","year":"2007","unstructured":"Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450\u2013466. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74735-2_31"},{"key":"21_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1007\/978-3-642-04138-9_20","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2009","author":"C De Canni\u00e8re","year":"2009","unstructured":"De Canni\u00e8re, C., Dunkelman, O., Kne\u017eevi\u0107, M.: KATAN and KTANTAN \u2014 a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272\u2013288. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04138-9_20"},{"key":"21_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/978-3-662-44371-2_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"S Chen","year":"2014","unstructured":"Chen, S., Lampe, R., Lee, J., Seurin, Y., Steinberger, J.: Minimizing the two-round Even-Mansour cipher. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 39\u201356. Springer, Heidelberg (2014). https:\/\/doi.org\/10.1007\/978-3-662-44371-2_3"},{"key":"21_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"285","DOI":"10.1007\/978-3-662-46706-0_15","volume-title":"Fast Software Encryption","author":"B Cogliati","year":"2015","unstructured":"Cogliati, B., Lampe, R., Patarin, J.: The indistinguishability of the XOR of $$k$$ permutations. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 285\u2013302. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46706-0_15"},{"key":"21_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-662-53018-4_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"B Cogliati","year":"2016","unstructured":"Cogliati, B., Seurin, Y.: EWCDM: an efficient, beyond-birthday secure, nonce-misuse resistant MAC. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 121\u2013149. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_5"},{"key":"21_CR14","doi-asserted-by":"crossref","unstructured":"Cogliati, B., Seurin, Y.: Analysis of the single-permutation encrypted Davies-Meyer construction. Des. Codes Cryptogr. (2018, to appear)","DOI":"10.1007\/s10623-018-0470-9"},{"key":"21_CR15","unstructured":"Daemen, J., Rijmen, V.: Rijndael for AES. In: AES Candidate Conference, pp. 343\u2013348 (2000)"},{"key":"21_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"497","DOI":"10.1007\/978-3-319-63697-9_17","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"W Dai","year":"2017","unstructured":"Dai, W., Hoang, V.T., Tessaro, S.: Information-theoretic indistinguishability via the chi-squared method. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 497\u2013523. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_17"},{"issue":"4","key":"21_CR17","doi-asserted-by":"crossref","first-page":"268","DOI":"10.46586\/tosc.v2017.i4.268-305","volume":"2017","author":"N Datta","year":"2017","unstructured":"Datta, N., Dutta, A., Nandi, M., Paul, G., Zhang, L.: Single key variant of PMAC$$\\_$$plus. IACR Trans. Symmetric Cryptol. 2017(4), 268\u2013305 (2017)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"21_CR18","doi-asserted-by":"crossref","unstructured":"Datta, N., Dutta, A., Nandi, M., Yasuda, K.: Encrypt or decrypt? To make a single-key beyond birthday secure nonce-based MAC. Cryptology ePrint Archive, Report 2018\/500 (2018)","DOI":"10.1007\/978-3-319-96884-1_21"},{"issue":"3","key":"21_CR19","doi-asserted-by":"crossref","first-page":"130","DOI":"10.46586\/tosc.v2017.i3.130-150","volume":"2017","author":"A Dutta","year":"2017","unstructured":"Dutta, A., Jha, A., Nandi, M.: Tight security analysis of EHtM MAC. IACR Trans. Symmetric Cryptol. 2017(3), 130\u2013150 (2017)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"21_CR20","unstructured":"Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.J.B.: The LED block cipher. IACR Cryptology ePrint Archive, 2012:600 (2012)"},{"key":"21_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"310","DOI":"10.1007\/11799313_20","volume-title":"Fast Software Encryption","author":"T Iwata","year":"2006","unstructured":"Iwata, T.: New blockcipher modes of operation with beyond the birthday bound security. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 310\u2013327. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11799313_20"},{"key":"21_CR22","unstructured":"Iwata, T., Mennink, B., Viz\u00e1r, D.: CENC is optimally secure. IACR Cryptology ePrint Archive, 2016:1087 (2016)"},{"key":"21_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"470","DOI":"10.1007\/3-540-45539-6_34","volume-title":"Advances in Cryptology \u2014 EUROCRYPT 2000","author":"S Lucks","year":"2000","unstructured":"Lucks, S.: The sum of PRPs is a secure PRF. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 470\u2013484. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-45539-6_34"},{"key":"21_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"556","DOI":"10.1007\/978-3-319-63697-9_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"B Mennink","year":"2017","unstructured":"Mennink, B., Neves, S.: Encrypted Davies-Meyer and its dual: towards optimal security using mirror theory. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part III. LNCS, vol. 10403, pp. 556\u2013583. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_19"},{"key":"21_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1007\/978-3-642-25516-8_24","volume-title":"Cryptography and Coding","author":"K Minematsu","year":"2011","unstructured":"Minematsu, K., Iwata, T.: Building blockcipher from tweakable blockcipher: extending FSE 2009 proposal. In: Chen, L. (ed.) IMACC 2011. LNCS, vol. 7089, pp. 391\u2013412. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25516-8_24"},{"key":"21_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"446","DOI":"10.1007\/978-3-319-70700-6_16","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2017","author":"Y Naito","year":"2017","unstructured":"Naito, Y.: Blockcipher-based MACs: beyond the birthday bound without message length. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017, Part III. LNCS, vol. 10626, pp. 446\u2013470. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-70700-6_16"},{"key":"21_CR27","unstructured":"NIST: Recommendation for block cipher modes of operation: The CMAC mode for authentication. SP 800\u201338B (2005)"},{"key":"21_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"232","DOI":"10.1007\/978-3-540-85093-9_22","volume-title":"Information Theoretic Security","author":"J Patarin","year":"2008","unstructured":"Patarin, J.: A proof of security in O(2n) for the Xor of two random permutations. In: Safavi-Naini, R. (ed.) ICITS 2008. LNCS, vol. 5155, pp. 232\u2013248. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85093-9_22"},{"key":"21_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1007\/978-3-642-04159-4_21","volume-title":"Selected Areas in Cryptography","author":"J Patarin","year":"2009","unstructured":"Patarin, J.: The \u201cCoefficients H\u201d technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328\u2013345. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04159-4_21"},{"key":"21_CR30","unstructured":"Patarin, J.: Introduction to mirror theory: analysis of systems of linear equalities and linear non equalities for cryptography. IACR Cryptology ePrint Archive, 2010:287 (2010)"},{"key":"21_CR31","unstructured":"Patarin, J.: Security in o(2$${}^{\\text{n}}$$) for the Xor of two random permutations - proof with the standard H technique. IACR Cryptology ePrint Archive, 2013:368 (2013)"},{"issue":"4","key":"21_CR32","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/s00200-017-0326-y","volume":"28","author":"J Patarin","year":"2017","unstructured":"Patarin, J.: Mirror theory and cryptography. Appl. Algebra Eng. Commun. Comput. 28(4), 321\u2013338 (2017)","journal-title":"Appl. Algebra Eng. Commun. Comput."},{"key":"21_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"596","DOI":"10.1007\/978-3-642-22792-9_34","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"K Yasuda","year":"2011","unstructured":"Yasuda, K.: A new variant of PMAC: beyond the birthday bound. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 596\u2013609. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_34"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2018"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-96884-1_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,3,13]],"date-time":"2024-03-13T10:34:44Z","timestamp":1710326084000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-319-96884-1_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319968834","9783319968841"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-96884-1_21","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"25 July 2018","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CRYPTO","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual International Cryptology Conference","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Santa Barbara, CA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"19 August 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 August 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"38","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"crypto2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/crypto.iacr.org\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}