{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,14]],"date-time":"2026-02-14T05:52:59Z","timestamp":1771048379120,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783540789666","type":"print"},{"value":"9783540789673","type":"electronic"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-3-540-78967-3_12","type":"book-chapter","created":{"date-parts":[[2008,4,4]],"date-time":"2008-04-04T00:11:30Z","timestamp":1207267890000},"page":"198-219","source":"Crossref","is-referenced-by-count":32,"title":["A New Mode of Operation for Block Ciphers and Length-Preserving MACs"],"prefix":"10.1007","author":[{"given":"Yevgeniy","family":"Dodis","sequence":"first","affiliation":[]},{"given":"Krzysztof","family":"Pietrzak","sequence":"additional","affiliation":[]},{"given":"Prashant","family":"Puniya","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"12_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"252","DOI":"10.1007\/3-540-48405-1_16","volume-title":"Advances in Cryptology - CRYPTO \u201999","author":"J.H. An","year":"1999","unstructured":"An, J.H., Bellare, M.: Constructing VIL-MACs from FIL-MACs: Message Authentication under Weakened Assumptions. In: Wiener, M.J. (ed.) CRYPTO 1999. LNCS, vol.\u00a01666, pp. 252\u2013269. Springer, Heidelberg (1999)"},{"key":"12_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11818175_36","volume-title":"Advances in Cryptology - CRYPTO 2006","author":"M. Bellare","year":"2006","unstructured":"Bellare, M.: New Proofs for NMAC and HMAC: Security without Collision-Resistance. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol.\u00a04117, Springer, Heidelberg (2006)"},{"key":"12_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"341","DOI":"10.1007\/3-540-48658-5_32","volume-title":"Advances in Cryptology - CRYPTO \u201994","author":"M. Bellare","year":"1994","unstructured":"Bellare, M., Kilian, J., Rogaway, P.: The Security of Cipher Block Chaining. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol.\u00a0839, pp. 341\u2013358. Springer, Heidelberg (1994)"},{"key":"12_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"527","DOI":"10.1007\/11535218_32","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"M. Bellare","year":"2005","unstructured":"Bellare, M., Pietrzak, K., Rogaway, P.: Improved Security Analyses for CBC MACs. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 527\u2013545. Springer, Heidelberg (2005)"},{"key":"12_CR5","first-page":"514","volume-title":"Proc. 37th FOCS","author":"M. Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Pseudorandom Functions Re-visited: The Cascade Construction and Its Concrete Security. In: Proc. 37th FOCS, pp. 514\u2013523. IEEE, Los Alamitos (1996)"},{"key":"12_CR6","series-title":"Lecture Notes in Computer Science","first-page":"1","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"M. Bellare","year":"1996","unstructured":"Bellare, M., Canetti, R., Krawczyk, H.: Keying Hash Functions for Message Authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol.\u00a01109, pp. 1\u201315. Springer, Heidelberg (1996)"},{"key":"12_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/11935230_20","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2006","author":"M. Bellare","year":"2006","unstructured":"Bellare, M., Ristenpart, T.: Multi-Property-Preserving Hash Domain Extension and the EMD Transform. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol.\u00a04284, Springer, Heidelberg (2006)"},{"key":"12_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","DOI":"10.1007\/3-540-45708-9_21","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"J. Black","year":"2002","unstructured":"Black, J., Rogaway, P., Shrimpton, T.: Black-Box Analysis of the Block Cipher-Based Hash-Function Constructions from PGV. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, Springer, Heidelberg (2002)"},{"key":"12_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"526","DOI":"10.1007\/11426639_31","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"J. Black","year":"2005","unstructured":"Black, J., Cochran, M., Shrimpton, T.: On the Impossibility of Highly-Efficient Blockcipher-Based Hash Functions. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol.\u00a03494, pp. 526\u2013541. Springer, Heidelberg (2005)"},{"key":"12_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"430","DOI":"10.1007\/11535218_26","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"J.-S. Coron","year":"2005","unstructured":"Coron, J.-S., Dodis, Y., Malinaud, C., Puniya, P.: Merkle-Damg\u00e5rd Revisited: How to Construct a Hash Function. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol.\u00a03621, pp. 430\u2013448. Springer, Heidelberg (2005)"},{"key":"12_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"416","DOI":"10.1007\/0-387-34805-0_39","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"I. Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.: A Design Principle for Hash Functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 416\u2013427. Springer, Heidelberg (1990)"},{"key":"12_CR12","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"Y. Dodis","year":"2004","unstructured":"Dodis, Y., Gennaro, R., H\u00e5stad, J., Krawczyk, H., Rabin, T.: Randomness Extraction and Key Derivation Using the CBC, Cascade and HMAC Modes. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol.\u00a03152, Springer, Heidelberg (2004)"},{"key":"12_CR13","unstructured":"Dodis, Y., Pietrzak, K., Puniya, P.: A New Mode of Operation for Block Ciphers and Length-Preserving MACs. Full version of this paper (2008)"},{"key":"12_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"534","DOI":"10.1007\/978-3-540-72540-4_31","volume-title":"Advances in Cryptology - EUROCRYPT 2007","author":"Y. Dodis","year":"2007","unstructured":"Dodis, Y., Puniya, P.: l Feistel Networks Made Public, and Applications. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol.\u00a04515, pp. 534\u2013554. Springer, Heidelberg (2007)"},{"key":"12_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1007\/3-540-46035-7_8","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"U. Maurer","year":"2002","unstructured":"Maurer, U.: Indistinguishability of Random Systems. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol.\u00a02332, pp. 110\u2013132. Springer, Heidelberg (2002)"},{"key":"12_CR16","series-title":"Lecture Notes in Computer Science","volume-title":"Automata, Languages and Programming","author":"U. Maurer","year":"2005","unstructured":"Maurer, U., Sjodin, J.: Single-key AIL-MACs from any FIL-MAC. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol.\u00a03580, Springer, Heidelberg (2005)"},{"key":"12_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/978-3-540-74143-5_11","volume-title":"Advances in Cryptology - CRYPTO 2007","author":"U. Maurer","year":"2007","unstructured":"Maurer, U., Tessaro, S.: Domain Extension of Public Random Functions: Beyond the Birthday Barrier. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol.\u00a04622, pp. 187\u2013204. Springer, Heidelberg (2007)"},{"key":"12_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"428","DOI":"10.1007\/0-387-34805-0_40","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"R. Merkle","year":"1990","unstructured":"Merkle, R.: One way hash functions and DES. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 428\u2013446. Springer, Heidelberg (1990)"},{"issue":"3","key":"12_CR19","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/s001450010009","volume":"13","author":"E. Petrank","year":"2000","unstructured":"Petrank, E., Rackoff, C.: CBC MAC for Real-Time Data Sources. J. Cryptology\u00a013(3), 315\u2013338 (2000)","journal-title":"J. Cryptology"},{"key":"12_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"168","DOI":"10.1007\/11787006_15","volume-title":"Automata, Languages and Programming","author":"K. Pietrzak","year":"2006","unstructured":"Pietrzak, K.: A Tight Bound for EMAC. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol.\u00a04052, pp. 168\u2013179. Springer, Heidelberg (2006)"},{"key":"12_CR21","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - CRYPTO \u201993","author":"B. Preneel","year":"1994","unstructured":"Preneel, B., Govaerts, R., Vandewalle, J.: Hash Functions Based on Block Ciphers: A Synthetic Approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol.\u00a0773, Springer, Heidelberg (1994)"},{"key":"12_CR22","unstructured":"Rogaway, P., Steinberger, J.: How to Build a Permutation-Based Hash Function. In: Dagstuhl workshop (September 2007)"},{"key":"12_CR23","doi-asserted-by":"crossref","unstructured":"Rogaway, P., Steinberger, J.: Security\/Efficiency Tradeoffs for Permutation-Based Hashing. In: Eurocrypt 2008, Istanbul, Turkey (April 2008)","DOI":"10.1007\/978-3-540-78967-3_13"},{"key":"12_CR24","unstructured":"Shrimpton, T., Stam, M.: Building a Collision-Resistant Compression Function from Non-Compressing Primitives, Cryptology ePrint Archive: Report 2007\/409"},{"key":"12_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"334","DOI":"10.1007\/BFb0054137","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","author":"D.R. Simon","year":"1998","unstructured":"Simon, D.R.: Finding Collisions on a One-Way Street: Can Secure Hash Functions Be Based on General Assumptions? In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol.\u00a01403, pp. 334\u2013345. Springer, Heidelberg (1998)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 EUROCRYPT 2008"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-540-78967-3_12.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,27]],"date-time":"2021-04-27T07:05:43Z","timestamp":1619507143000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-540-78967-3_12"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9783540789666","9783540789673"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-540-78967-3_12","relation":{},"subject":[]}}