{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T08:37:15Z","timestamp":1765960635886},"publisher-location":"Berlin, Heidelberg","reference-count":46,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642146220"},{"type":"electronic","value":"9783642146237"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-14623-7_20","type":"book-chapter","created":{"date-parts":[[2010,8,10]],"date-time":"2010-08-10T08:15:26Z","timestamp":1281428126000},"page":"370-392","source":"Crossref","is-referenced-by-count":47,"title":["Improved Differential Attacks for ECHO and Gr\u00f8stl"],"prefix":"10.1007","author":[{"given":"Thomas","family":"Peyrin","sequence":"first","affiliation":[]}],"member":"297","reference":[{"key":"20_CR1","unstructured":"Barreto, P.S.L.M.: An observation on Gr\u00f8stl. Comment submitted to the NIST hash function mailing list, hash-forum@nist.gov, http:\/\/www.larc.usp.br\/~pbarreto\/Grizzly.pdf"},{"key":"20_CR2","doi-asserted-by":"crossref","unstructured":"Bellare, M., Rogaway, P.: Random Oracles are Practical: A Paradigm for Designing Efficient Protocols. In: ACM Conference on Computer and Communications Security, pp. 62\u201373 (1993)","DOI":"10.1145\/168588.168596"},{"key":"20_CR3","unstructured":"Benadjila, R., Billet, O., Gilbert, H., Macario-Rat, G., Peyrin, T., Robshaw, M., Seurin, Y.: SHA-3 Proposal: ECHO. Submission to NIST (2008), http:\/\/crypto.rd.francetelecom.com\/echo\/"},{"key":"20_CR4","unstructured":"Biham, E., Dunkelman, O.: A Framework for Iterative Hash Functions: HAIFA. In: Second NIST Cryptographic Hash Workshop (2006)"},{"key":"20_CR5","unstructured":"Biham, E., Dunkelman, O.: The SHAvite-3 Hash Function. Submission to NIST (2008)"},{"key":"20_CR6","unstructured":"Biryukov, A. (ed.): FSE 2007. LNCS, vol.\u00a04593. Springer, Heidelberg (2007) (revised selected papers)"},{"key":"20_CR7","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Khovratovich, D., Nikolic, I.: Distinguisher and Related-Key Attack on the Full AES-256. In: Halevi (ed.) [16], pp. 231\u2013249","DOI":"10.1007\/978-3-642-03356-8_14"},{"key":"20_CR8","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - CRYPTO \u201989","year":"1990","unstructured":"Brassard, G. (ed.): CRYPTO 1989. LNCS, vol.\u00a0435. Springer, Heidelberg (1990)"},{"key":"20_CR9","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","year":"2005","unstructured":"Cramer, R. (ed.): EUROCRYPT 2005. LNCS, vol.\u00a03494. Springer, Heidelberg (2005)"},{"key":"20_CR10","volume-title":"Information Security and Cryptography","author":"J. Daemen","year":"2002","unstructured":"Daemen, J., Rijmen, V.: The Design of Rijndael. In: Information Security and Cryptography. Springer, Heidelberg (2002), ISBN 3-540-42580-2"},{"key":"20_CR11","doi-asserted-by":"crossref","unstructured":"Damg\u00e5rd, I.: A Design Principle for Hash Functions. In: Brassard (ed.) [8], pp. 416\u2013427","DOI":"10.1007\/0-387-34805-0_39"},{"key":"20_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1007\/3-540-60865-6_44","volume-title":"Fast Software Encryption","author":"H. Dobbertin","year":"1996","unstructured":"Dobbertin, H., Bosselaers, A., Preneel, B.: RIPEMD-160: A Strengthened Version of RIPEMD. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol.\u00a01039, pp. 71\u201382. Springer, Heidelberg (1996)"},{"key":"20_CR13","series-title":"Lecture Notes in Computer Science","volume-title":"FSE 2009","year":"2009","unstructured":"Dunkelman, O. (ed.): FSE 2009. LNCS, vol.\u00a05665. Springer, Heidelberg (2009)"},{"key":"20_CR14","unstructured":"Gauravaram, P., Knudsen, L.R., Matusiewicz, K., Mendel, F., Rechberger, C., Schl\u00e4ffer, M., Thomsen, S.S.: Gr\u00f8stl \u2013 a SHA-3 candidate. Submission to NIST (2008), http:\/\/www.groestl.info"},{"key":"20_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-642-13190-5","volume-title":"FSE 2010","author":"H. Gilbert","year":"2010","unstructured":"Gilbert, H., Peyrin, T.: Super-Sbox Cryptanalysis: Improved Attacks for AES-like Permutations. In: FSE 2010. LNCS. Springer, Heidelberg (to appear 2010), http:\/\/eprint.iacr.org\/2009\/531"},{"key":"20_CR16","series-title":"Lecture Notes in Computer Science","volume-title":"CRYPTO 2009","year":"2009","unstructured":"Halevi, S. (ed.): CRYPTO 2009. LNCS, vol.\u00a05677. Springer, Heidelberg (2009)"},{"key":"20_CR17","series-title":"Lecture Notes in Computer Science","volume-title":"Selected Areas in Cryptography","year":"2009","unstructured":"Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.): SAC 2009. LNCS, vol.\u00a05867. Springer, Heidelberg (2009)"},{"key":"20_CR18","unstructured":"Kelsey, J.: Some notes on Gr\u00f8stl. Comment submitted to the NIST hash function mailing list, hash-forum@nist.gov, http:\/\/ehash.iaik.tugraz.at\/uploads\/d\/d0\/Grostl-comment-april28.pdf"},{"key":"20_CR19","doi-asserted-by":"crossref","unstructured":"Khovratovich, D.: Cryptanalysis of Hash Functions with Structures. In: Jocobson Jr., M.J., et al. (eds.) [17], pp. 108\u2013125","DOI":"10.1007\/978-3-642-05445-7_7"},{"key":"20_CR20","doi-asserted-by":"crossref","unstructured":"Knudsen, L.R., Rechberger, C., Thomsen, S.S.: The Grindahl Hash Functions. In: Biryukov (ed.) [6], pp. 39\u201357","DOI":"10.1007\/978-3-540-74619-5_3"},{"key":"20_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"315","DOI":"10.1007\/978-3-540-76900-2_19","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"L.R. Knudsen","year":"2007","unstructured":"Knudsen, L.R., Rijmen, V.: Known-Key Distinguishers for Some Block Ciphers. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol.\u00a04833, pp. 315\u2013324. Springer, Heidelberg (2007)"},{"key":"20_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"196","DOI":"10.1007\/3-540-60590-8_16","volume-title":"Fast Software Encryption","author":"L.R. Knudsen","year":"1995","unstructured":"Knudsen, L.R.: Truncated and Higher Order Differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol.\u00a01008, pp. 196\u2013211. Springer, Heidelberg (1995)"},{"key":"20_CR23","doi-asserted-by":"crossref","unstructured":"Lamberger, M., Mendel, F., Rechberger, C., Rijmen, V., Schl\u00e4ffer, M.: Rebound Distinguishers: Results on the Full Whirlpool Compression Function. In: Matsui (ed.) [24], pp. 126\u2013143","DOI":"10.1007\/978-3-642-10366-7_8"},{"key":"20_CR24","series-title":"Lecture Notes in Computer Science","volume-title":"ASIACRYPT 2009","year":"2009","unstructured":"Matsui, M. (ed.): ASIACRYPT 2009. LNCS, vol.\u00a05912. Springer, Heidelberg (2009)"},{"key":"20_CR25","doi-asserted-by":"crossref","unstructured":"Matusiewicz, K., Naya-Plasencia, M., Nikolic, I., Sasaki, Y., Schl\u00e4ffer, M.: Rebound Attack on the Full Lane Compression Function. In: Matsui (ed.) [24], pp. 106\u2013125","DOI":"10.1007\/978-3-642-10366-7_7"},{"key":"20_CR26","doi-asserted-by":"crossref","unstructured":"Mendel, F., Peyrin, T., Rechberger, C., Schl\u00e4ffer, M.: Improved Cryptanalysis of the Reduced Gr\u00f8stl Compression Function, ECHO Permutation and AES Block Cipher. In: Jocobson Jr., M.J., et al. (eds.) [17], pp. 16\u201335","DOI":"10.1007\/978-3-642-05445-7_2"},{"key":"20_CR27","doi-asserted-by":"crossref","unstructured":"Mendel, F., Rechberger, C., Schl\u00e4ffer, M., Thomsen, S.S.: The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Gr\u00f8stl. In: Dunkelman (ed.) [13], pp. 260\u2013276","DOI":"10.1007\/978-3-642-03317-9_16"},{"key":"20_CR28","doi-asserted-by":"crossref","unstructured":"Mendel, F., Rechberger, C., Schl\u00e4ffer, M., Thomsen, S.S.: Rebound Attacks on the Reduced Gr\u00f8stl Hash Function. In: Pieprzyk (ed.) [37], pp. 350\u2013365","DOI":"10.1007\/978-3-642-11925-5_24"},{"key":"20_CR29","doi-asserted-by":"crossref","unstructured":"Merkle, R.C.: One Way Hash Functions and DES. In: Brassard (ed.) [8], pp. 428\u2013446","DOI":"10.1007\/0-387-34805-0_40"},{"key":"20_CR30","doi-asserted-by":"crossref","unstructured":"Minier, M., Phan, R.C.-W., Pousse, B.: Distinguishers for Ciphers and Known Key Attack against Rijndael with Large Blocks. In: Preneel (ed.) [38], pp. 60\u201376","DOI":"10.1007\/978-3-642-02384-2_5"},{"key":"20_CR31","unstructured":"National\u00a0Institute of\u00a0Standards and Technology. FIPS 180-1: Secure Hash Standard (April 1995), http:\/\/csrc.nist.gov"},{"key":"20_CR32","unstructured":"National Institute of Standards and Technology. FIPS PUB 197, Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197, U.S. Department of Commerce (November 2001)"},{"key":"20_CR33","unstructured":"National Institute of Standards and Technology. Announcing Request for Candidate Algorithm Nominations for a New Cryptographic Hash Algorithm (SHA-3) Family. Federal Register\u00a027(212), 62212\u201362220 (November 2007), http:\/\/csrc.nist.gov\/groups\/ST\/hash\/documents\/FR_Notice_Nov07.pdf (2008\/10\/17)"},{"key":"20_CR34","series-title":"Lecture Notes in Computer Science","volume-title":"Progress in Cryptology - VIETCRYPT 2006","year":"2006","unstructured":"Nguy\u00ean, P.Q. (ed.): VIETCRYPT 2006. LNCS, vol.\u00a04341. Springer, Heidelberg (2006)"},{"key":"20_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"551","DOI":"10.1007\/978-3-540-76900-2_34","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"T. Peyrin","year":"2007","unstructured":"Peyrin, T.: Cryptanalysis of Grindahl. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol.\u00a04833, pp. 551\u2013567. Springer, Heidelberg (2007)"},{"key":"20_CR36","doi-asserted-by":"crossref","unstructured":"Peyrin, T.: Improved Differential Attacks for ECHO and Grostl. Cryptology ePrint Archive, Report 2010\/223 (2010), http:\/\/eprint.iacr.org\/","DOI":"10.1007\/978-3-642-14623-7_20"},{"key":"20_CR37","series-title":"Lecture Notes in Computer Science","volume-title":"CT-RSA 2010","year":"2010","unstructured":"Pieprzyk, J. (ed.): CT-RSA 2010. LNCS, vol.\u00a05985. Springer, Heidelberg (2010)"},{"key":"20_CR38","series-title":"Lecture Notes in Computer Science","volume-title":"AFRICACRYPT 2009","year":"2009","unstructured":"Preneel, B. (ed.): AFRICACRYPT 2009. LNCS, vol.\u00a05580. Springer, Heidelberg (2009)"},{"key":"20_CR39","doi-asserted-by":"crossref","unstructured":"RIPE. Integrity Primitives for Secure Information Systems. In: Bosselaers, A., Preneel, B. (eds.) RIPE 1992. LNCS, vol.\u00a01007. Springer, Heidelberg (1995)","DOI":"10.1007\/3-540-60640-8"},{"key":"20_CR40","doi-asserted-by":"crossref","unstructured":"Rogaway, P.: Formalizing Human Ignorance. In: Nguyen (ed.) [34], pp. 211\u2013228","DOI":"10.1007\/11958239_14"},{"key":"20_CR41","doi-asserted-by":"crossref","unstructured":"Rivest, R.L.: RFC 1321: The MD5 Message-Digest Algorithm (April 1992), http:\/\/www.ietf.org\/rfc\/rfc1321.txt","DOI":"10.17487\/rfc1321"},{"key":"20_CR42","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","year":"2005","unstructured":"Shoup, V. (ed.): CRYPTO 2005. LNCS, vol.\u00a03621. Springer, Heidelberg (2005)"},{"key":"20_CR43","doi-asserted-by":"crossref","unstructured":"Wagner, D.: A Generalized Birthday Problem. In: Yung (ed.) [46], pp. 288\u2013303","DOI":"10.1007\/3-540-45708-9_19"},{"key":"20_CR44","doi-asserted-by":"crossref","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Finding Collisions in the Full SHA-1. In: Shoup (ed.) [42], pp. 17\u201336","DOI":"10.1007\/11535218_2"},{"key":"20_CR45","doi-asserted-by":"crossref","unstructured":"Wang, X., Yu, H.: How to Break MD5 and Other Hash Functions. In: Cramer (ed.) [9], pp. 19\u201335","DOI":"10.1007\/11426639_2"},{"key":"20_CR46","series-title":"Lecture Notes in Computer Science","volume-title":"CRYPTO 2002","year":"2002","unstructured":"Yung, M. (ed.): CRYPTO 2002. LNCS, vol.\u00a02442. Springer, Heidelberg (2002)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 CRYPTO 2010"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-14623-7_20.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,11,24]],"date-time":"2020-11-24T02:55:38Z","timestamp":1606186538000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-14623-7_20"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642146220","9783642146237"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-14623-7_20","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}