{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,1]],"date-time":"2025-11-01T00:50:11Z","timestamp":1761958211690,"version":"build-2065373602"},"publisher-location":"Berlin, Heidelberg","reference-count":33,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642044731"},{"type":"electronic","value":"9783642044748"}],"license":[{"start":{"date-parts":[[2009,1,1]],"date-time":"2009-01-01T00:00:00Z","timestamp":1230768000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009]]},"DOI":"10.1007\/978-3-642-04474-8_14","type":"book-chapter","created":{"date-parts":[[2009,9,3]],"date-time":"2009-09-03T07:26:09Z","timestamp":1251962769000},"page":"167-176","source":"Crossref","is-referenced-by-count":26,"title":["Practical Algebraic Attacks on the Hitag2 Stream Cipher"],"prefix":"10.1007","author":[{"given":"Nicolas T.","family":"Courtois","sequence":"first","affiliation":[]},{"given":"Sean","family":"O\u2019Neil","sequence":"additional","affiliation":[]},{"given":"Jean-Jacques","family":"Quisquater","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"14_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"162","DOI":"10.1007\/978-3-540-45146-4_10","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"F. Armknecht","year":"2003","unstructured":"Armknecht, F., Krause, M.: Algebraic Atacks on Combiners with Memory. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol.\u00a02729, pp. 162\u2013176. Springer, Heidelberg (2003)"},{"key":"14_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-78967-3_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"E. Biham","year":"2008","unstructured":"Biham, E., Dunkelman, O., Indesteege, S., Keller, N., Preneel, B.: How to Steal Cars \u2013 A Practical Attack on KeeLoq. In: Smart, N.P. (ed.) EUROCRYPT 2008. LNCS, vol.\u00a04965, pp. 1\u201318. Springer, Heidelberg (2008)"},{"key":"14_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-44448-3_1","volume-title":"Advances in Cryptology - ASIACRYPT 2000","author":"A. Biryukov","year":"2000","unstructured":"Biryukov, A., Shamir, A.: Cryptanalytic Time\/Memory\/Data Tradeoffs for Stream Ciphers. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol.\u00a01976, pp. 1\u201313. Springer, Heidelberg (2000)"},{"key":"14_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/11605805_20","volume-title":"Topics in Cryptology \u2013 CT-RSA 2006","author":"J. Buchmann","year":"2006","unstructured":"Buchmann, J., Pychkine, A., Weinmann, R.-P.: Block Ciphers Sensitive to Gr\u00f6bner Basis Attacks. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol.\u00a03860, pp. 313\u2013331. Springer, Heidelberg (2006)"},{"key":"14_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/11502760_10","volume-title":"Fast Software Encryption","author":"C. Cid","year":"2005","unstructured":"Cid, C., Murphy, S., Robshaw, M.J.B.: Small Scale Variants of the AES. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol.\u00a03557, pp. 145\u2013162. Springer, Heidelberg (2005)"},{"key":"14_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"266","DOI":"10.1007\/3-540-45353-9_20","volume-title":"Topics in Cryptology - CT-RSA 2001","author":"N. Courtois","year":"2001","unstructured":"Courtois, N.: The security of hidden field equations (HFE). In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol.\u00a02020, pp. 266\u2013281. Springer, Heidelberg (2001)"},{"key":"14_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1007\/3-540-36178-2_17","volume-title":"Advances in Cryptology - ASIACRYPT 2002","author":"N. Courtois","year":"2002","unstructured":"Courtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol.\u00a02501, pp. 267\u2013287. Springer, Heidelberg (2002)"},{"key":"14_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"345","DOI":"10.1007\/3-540-39200-9_21","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"N. Courtois","year":"2003","unstructured":"Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol.\u00a02656, pp. 345\u2013359. Springer, Heidelberg (2003)"},{"key":"14_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"152","DOI":"10.1007\/978-3-540-77272-9_10","volume-title":"Cryptography and Coding","author":"N. Courtois","year":"2007","unstructured":"Courtois, N., Bard, G.V.: Algebraic Cryptanalysis of the Data Encryption Standard. In: Galbraith, S.D. (ed.) Cryptography and Coding 2007. LNCS, vol.\u00a04887, pp. 152\u2013169. Springer, Heidelberg (2007), http:\/\/eprint.iacr.org\/2006\/402\/ , Also presented at ECRYPT workshop Tools for Cryptanalysis, Krakow, September 24-25 (2007)"},{"key":"14_CR10","unstructured":"Bard, G.V., Courtois, N.T., Jefferson, C.: Efficient Methods for Conversion and Solution of Sparse Systems of Low-Degree Multivariate Polynomials over GF(2) via SAT-Solvers, http:\/\/eprint.iacr.org\/2007\/024\/"},{"key":"14_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-540-71039-4_6","volume-title":"Fast Software Encryption","author":"N. Courtois","year":"2008","unstructured":"Courtois, N., Bard, G.V., Wagner, D.: Algebraic and Slide Attacks on KeeLoq. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol.\u00a05086, pp. 97\u2013115. Springer, Heidelberg (2008), http:\/\/eprint.iacr.org\/2007\/062\/"},{"key":"14_CR12","unstructured":"Courtois, N., Bard, G.V., Bogdanov, A.: Periodic Ciphers with Small Blocks and Cryptanalysis of KeeLoq. In: Tatra Mountains Mathematic Publications, post-proceedings of Tatracrypt 2007 conference (2008) (to apperar)"},{"key":"14_CR13","unstructured":"Courtois, N., O\u2019Neil, S.: Reverse-engineered Philips\/NXP Hitag2 Cipher. Talk given at the Rump Session of Fast Sotware Encryption conference (FSE 2008), Lausanne, Switzerland, February 12 (2008), http:\/\/fse2008rump.cr.yp.to\/00564f75b2f39604dc204d838da01e7a.pdf"},{"key":"14_CR14","unstructured":"Courtois, N., Nohl, K., O\u2019Neil, S.: Algebraic Attacks on MiFare RFID Chips, http:\/\/www.nicolascourtois.com\/papers\/mifare_rump_ec08.pdf"},{"key":"14_CR15","unstructured":"Courtois, N.T.: The Dark Side of Security by Obscurity and Cloning MiFare Classic Rail and Building Passes Anywhere, Anytime. In: SECRYPT 2009, International Conference on Security and Cryptography, Milan, Italy, July 7-10 (2009)"},{"key":"14_CR16","first-page":"171","volume-title":"Crypto 1983","author":"M. Davio","year":"1984","unstructured":"Davio, M., Desmedt, Y., Fosseprez, M., Govaerts, R., Hulsbosch, J., Neutjens, P., Piret, P., Quisquater, J.-J., Vandewalle, J., Wouters, P.: Analytical Characteristics of the DES. In: Chaum, D. (ed.) Crypto 1983, pp. 171\u2013202. Plenum Press, New York (1984)"},{"key":"14_CR17","unstructured":"Ars, G., Faug\u00e8re, J.-C.: An Algebraic Cryptanalysis of Nonlinear Filter Generators using Gr\u00f6bner Bases. INRIA research report, https:\/\/hal.ccsd.cnrs.fr\/"},{"key":"14_CR18","unstructured":"Faug\u00e8re, J.-C., Perret, L.: Algebraic Cryptanalysis of Curry and Flurry using Correlated Messages (September 2008), http:\/\/eprint.iacr.org\/2008\/402"},{"key":"14_CR19","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1016\/S0022-4049(99)00005-5","volume":"139","author":"J.-C. Faug\u00e8re","year":"1999","unstructured":"Faug\u00e8re, J.-C.: A new efficient algorithm for computing Gr\u00f6bner bases (F4). Journal of Pure and Applied Algebra\u00a0139, 61\u201388 (1999), http:\/\/www.elsevier.com\/locate\/jpaa","journal-title":"Journal of Pure and Applied Algebra"},{"key":"14_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"97","DOI":"10.1007\/978-3-540-88313-5_7","volume-title":"Computer Security - ESORICS 2008","author":"F.D. Garcia","year":"2008","unstructured":"Garcia, F.D., de Koning Gans, G., Muijrers, R., van Rossum, P., Verdult, R., Schreur, R.W., Jacobs, B.: Dismantling MIFARE classic. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol.\u00a05283, pp. 97\u2013114. Springer, Heidelberg (2008)"},{"key":"14_CR21","unstructured":"Philips Semiconductors Data Sheet, HT2 Transponder Family, Communication Protocol, Reader <\u2009=\u2009> HITAG2(R) Transponder, Product Specification, Version 2.1 (October 1997), http:\/\/www.phreaker.ru\/showthread.php?p=226"},{"key":"14_CR22","unstructured":"Hulsbosch, J.: Analyse van de zwakheden van het DES-algoritme door middel van formele codering. Master thesis, K. U. Leuven, Belgium (1982)"},{"key":"14_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"212","DOI":"10.1007\/BFb0055730","volume-title":"Advances in Cryptology - CRYPTO \u201998","author":"T. Jakobsen","year":"1998","unstructured":"Jakobsen, T.: Cryptanalysis of Block Ciphers with Probabilistic Non-Linear Relations of Low Degree. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol.\u00a01462, pp. 212\u2013222. Springer, Heidelberg (1998)"},{"key":"14_CR24","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1023\/A:1006326723002","volume":"24","author":"F. Massacci","year":"2000","unstructured":"Massacci, F., Marraro, L.: Logical cryptanalysis as a SAT-problem: Encoding and analysis of the U.SS. Data Encryption Standard. Journal of Automated Reasoning\u00a024, 165\u2013203 (2000)","journal-title":"Journal of Automated Reasoning"},{"key":"14_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"474","DOI":"10.1007\/978-3-540-24676-3_28","volume-title":"Advances in Cryptology - EUROCRYPT 2004","author":"W. Meier","year":"2004","unstructured":"Meier, W., Pasalic, E., Carlet, C.: Algebraic Attacks and Decomposition of Boolean Functions. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol.\u00a03027, pp. 474\u2013491. Springer, Heidelberg (2004)"},{"key":"14_CR26","unstructured":"MiniSat 2.0. An open-source SAT solver package, by Niklas E\u00e9n, Niklas S\u00f6rensson, http:\/\/www.cs.chalmers.se\/Cs\/Research\/FormalMethods\/MiniSat\/"},{"key":"14_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1007\/11814948_13","volume-title":"Theory and Applications of Satisfiability Testing - SAT 2006","author":"I. Mironov","year":"2006","unstructured":"Mironov, I., Zhang, L.: Applications of SAT Solvers to Cryptanalysis of Hash Functions. In: Biere, A., Gomes, C.P. (eds.) SAT 2006. LNCS, vol.\u00a04121, pp. 102\u2013115. Springer, Heidelberg (2006), http:\/\/eprint.iacr.org\/2006\/254"},{"key":"14_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/3-540-45708-9_1","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"S. Murphy","year":"2002","unstructured":"Murphy, S., Robshaw, M.: Essential Algebraic Structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, p. 1. Springer, Heidelberg (2002)"},{"key":"14_CR29","unstructured":"Hitag2 specification, reference implementation and test vectors, http:\/\/cryptolib.com\/ciphers\/hitag2\/"},{"key":"14_CR30","unstructured":"Raddum, H., Semaev, I.: New Technique for Solving Sparse Equation Systems, http:\/\/eprint.iacr.org\/2006\/475\/"},{"key":"14_CR31","doi-asserted-by":"crossref","unstructured":"Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal\u00a028 (1949); see in particular page 704","DOI":"10.1002\/j.1538-7305.1949.tb00928.x"},{"key":"14_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/3-540-39466-4_17","volume-title":"Cryptography","author":"I. Schaumuller-Bichl","year":"1983","unstructured":"Schaumuller-Bichl, I.: Cryptanalysis of the Data Encryption Standard by the Method of Formal Coding. In: Beth, T. (ed.) EUROCRYPT 1982. LNCS, vol.\u00a0149, pp. 235\u2013255. Springer, Heidelberg (1983)"},{"key":"14_CR33","unstructured":"Transponder Table, a list of cars and transponders used in these cars. Each time the table says PH\/CR, which means Philips transponder in crypto mode, we assumed that this car uses Hitag2, http:\/\/www.keeloq.boom.ru\/table.pdf"}],"container-title":["Lecture Notes in Computer Science","Information Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-04474-8_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,22]],"date-time":"2019-05-22T06:37:22Z","timestamp":1558507042000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-04474-8_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009]]},"ISBN":["9783642044731","9783642044748"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-04474-8_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2009]]}}}