{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,23]],"date-time":"2026-04-23T10:55:23Z","timestamp":1776941723057,"version":"3.51.4"},"publisher-location":"Berlin, Heidelberg","reference-count":46,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783642219689","type":"print"},{"value":"9783642219696","type":"electronic"}],"license":[{"start":{"date-parts":[[2011,1,1]],"date-time":"2011-01-01T00:00:00Z","timestamp":1293840000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2011]]},"DOI":"10.1007\/978-3-642-21969-6_9","type":"book-chapter","created":{"date-parts":[[2011,6,28]],"date-time":"2011-06-28T15:41:28Z","timestamp":1309275688000},"page":"134-152","source":"Crossref","is-referenced-by-count":21,"title":["Really Fast Syndrome-Based Hashing"],"prefix":"10.1007","author":[{"given":"Daniel J.","family":"Bernstein","sequence":"first","affiliation":[]},{"given":"Tanja","family":"Lange","sequence":"additional","affiliation":[]},{"given":"Christiane","family":"Peters","sequence":"additional","affiliation":[]},{"given":"Peter","family":"Schwabe","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"9_CR1","unstructured":"Augot, D., Finiasz, M., Sendrier, N.: A fast provably secure cryptographic hash function (2003), http:\/\/eprint.iacr.org\/2003\/230"},{"key":"9_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"64","DOI":"10.1007\/11554868_6","volume-title":"Progress in Cryptology \u2013 Mycrypt 2005","author":"D. Augot","year":"2005","unstructured":"Augot, D., Finiasz, M., Sendrier, N.: A family of fast syndrome based cryptographic hash functions. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol.\u00a03715, pp. 64\u201383. Springer, Heidelberg (2005), http:\/\/lasecwww.epfl.ch\/pub\/lasec\/doc\/AFS05.pdf"},{"key":"9_CR3","unstructured":"Augot, D., Finiasz, M., Gaborit, P., Manuel, S., Sendrier, N.: SHA-3 proposal: FSB (2008), http:\/\/www-rocq.inria.fr\/secret\/CBCrypto\/fsbdoc.pdf"},{"key":"9_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-15031-9_1","volume-title":"Cryptographic Hardware and Embedded Systems, CHES 2010","author":"J.-P. Aumasson","year":"2010","unstructured":"Aumasson, J.-P., Henzen, L., Meier, W., Naya-Plasencia, M.: quark: A lightweight hash. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol.\u00a06225, pp. 1\u201315. Springer, Heidelberg (2010), http:\/\/131002.net\/quark\/quark_full.pdf"},{"key":"9_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1007\/BFb0054130","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","author":"M. Bellare","year":"1998","unstructured":"Bellare, M., Garay, J.A., Rabin, T.: Fast batch verification for modular exponentiation and digital signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol.\u00a01403, pp. 236\u2013250. Springer, Heidelberg (1998), http:\/\/cseweb.ucsd.edu\/~mihir\/papers\/batch.html"},{"key":"9_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"163","DOI":"10.1007\/3-540-69053-0_13","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","author":"M. Bellare","year":"1997","unstructured":"Bellare, M., Micciancio, D.: A new paradigm for collision-free hashing: Incrementality at reduced cost. In: Fumy, W. (ed.) Advances in Cryptology - EUROCRYPT \u201997. LNCS, vol.\u00a01233, pp. 163\u2013192. Springer, Heidelberg (1997), http:\/\/www-cse.ucsd.edu\/~mihir\/papers\/incremental.html"},{"key":"9_CR7","unstructured":"Bernstein, D.J.: Better price-performance ratios for generalized birthday attacks. In: Workshop Record of SHARCS 2007: Special-purpose Hardware for Attacking Cryptographic Systems (2007), http:\/\/cr.yp.to\/papers.html#genbday"},{"key":"9_CR8","unstructured":"Bernstein, D.J., Lange, T. (eds.): eBASH: ECRYPT Benchmarking of All Submitted Hashes (2011), http:\/\/bench.cr.yp.to (accessed April 21, 2011)"},{"key":"9_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1007\/978-3-642-10628-6_2","volume-title":"Progress in Cryptology - INDOCRYPT 2009","author":"D.J. Bernstein","year":"2009","unstructured":"Bernstein, D.J., Lange, T., Niederhagen, R., Peters, C., Schwabe, P.: FSBday: implementing Wagner\u2019s generalized birthday attack against the SHA\u20133 round\u20131 candidate FSB. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol.\u00a05922, pp. 18\u201338. Springer, Heidelberg (2009), http:\/\/eprint.iacr.org\/2009\/292"},{"key":"9_CR10","unstructured":"Bernstein, D.J., Lange, T., Peters, C., Schwabe, P.: Faster 2-regular information-set decoding. In: IWCC 2011 [17], pp. 81\u201398 (2011), http:\/\/eprint.iacr.org\/2011\/120"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"322","DOI":"10.1007\/978-3-540-89754-5_25","volume-title":"Progress in Cryptology - INDOCRYPT 2008","author":"D.J. Bernstein","year":"2008","unstructured":"Bernstein, D.J., Schwabe, P.: New AES software speed records. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol.\u00a05365, pp. 322\u2013336. Springer, Heidelberg (2008), http:\/\/cr.yp.to\/papers.html#aesspeed"},{"key":"9_CR12","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Note on Keccak parameters and usage (2010), http:\/\/keccak.noekeon.org\/NoteOnKeccakParametersAndUsage.pdf"},{"key":"9_CR13","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - CRYPTO \u201989","year":"1990","unstructured":"Brassard, G. (ed.): CRYPTO 1989. LNCS, vol.\u00a0435. Springer, Heidelberg (1990)"},{"key":"9_CR14","doi-asserted-by":"publisher","first-page":"521","DOI":"10.1145\/322261.322269","volume":"28","author":"R.P. Brent","year":"1981","unstructured":"Brent, R.P., Kung, H.T.: The area-time complexity of binary multiplication. Journal of the ACM\u00a028, 521\u2013534 (1981), http:\/\/wwwmaths.anu.edu.au\/~brent\/pub\/pub055.html","journal-title":"Journal of the ACM"},{"key":"9_CR15","series-title":"Lecture Notes in Computer Science","volume-title":"Post-Quantum Cryptography","year":"2008","unstructured":"Buchmann, J., Ding, J. (eds.): PQCrypto 2008. LNCS, vol.\u00a05299. Springer, Heidelberg (2008)"},{"key":"9_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"39","DOI":"10.1007\/3-540-46416-6_3","volume-title":"Advances in Cryptology - EUROCRYPT \u201991","author":"P. Camion","year":"1991","unstructured":"Camion, P., Patarin, J.: The knapsack hash function proposed at Crypto\u201989 can be broken. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol.\u00a0547, pp. 39\u201353. Springer, Heidelberg (1991), http:\/\/hal.inria.fr\/inria-00075097\/en\/"},{"key":"9_CR17","unstructured":"Chee, Y.M., Guo, Z., Ling, S., Shao, F., Tang, Y., Wang, H., Xing, C. (eds.): IWCC 2011. LNCS, vol.\u00a06639. Springer, Heidelberg (2011)"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2009","year":"2009","unstructured":"Clavier, C., Gaj, K. (eds.): CHES 2009. LNCS, vol.\u00a05747. Springer, Heidelberg (2009)"},{"key":"9_CR19","series-title":"Lecture Notes in Computer Science","first-page":"3","volume-title":"Coding Theory and Applications","year":"1989","unstructured":"Wolfmann, J., Cohen, G. (eds.): Coding Theory and Applications. LNCS, vol.\u00a0388, pp. 3\u2013540. Springer, Heidelberg (1989)"},{"key":"9_CR20","unstructured":"Coron, J.-S., Joux, A.: Cryptanalysis of a provably secure cryptographic hash function (2004), http:\/\/eprint.iacr.org\/2004\/013"},{"key":"9_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"416","DOI":"10.1007\/0-387-34805-0_39","volume-title":"Advances in Cryptology - CRYPTO \u201989","author":"I.B. Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol.\u00a0435, pp. 416\u2013427. Springer, Heidelberg (1990)"},{"key":"9_CR22","series-title":"Lecture Notes in Computer Science","first-page":"3","volume-title":"Advances in Cryptology - EUROCRYPT \u201991","year":"1991","unstructured":"Davies, D.W. (ed.): EUROCRYPT 1991. LNCS, vol.\u00a0547, pp. 3\u2013540. Springer, Heidelberg (1991)"},{"key":"9_CR23","series-title":"Lecture Notes in Computer Science","volume-title":"Progress in Cryptology \u2013 Mycrypt 2005","year":"2005","unstructured":"Dawson, E., Vaudenay, S. (eds.): Mycrypt 2005. LNCS, vol.\u00a03715. Springer, Heidelberg (2005)"},{"key":"9_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/978-3-540-88403-3_10","volume-title":"Post-Quantum Cryptography","author":"M. Finiasz","year":"2008","unstructured":"Finiasz, M.: Syndrome based collision resistant hashing. In: Buchmann, J., Ding, J. (eds.) PQCrypto 2008. LNCS, vol.\u00a05299, pp. 137\u2013147. Springer, Heidelberg (2008), http:\/\/www-rocq.inria.fr\/secret\/Matthieu.Finiasz\/research\/2008\/finiasz-pqcrypto08.pdf"},{"key":"9_CR25","unstructured":"Finiasz, M., Gaborit, P., Sendrier, N.: Improved fast syndrome based cryptographic hash functions. In: Proceedings of ECRYPT Hash Workshop (2007), http:\/\/www-roc.inria.fr\/secret\/Matthieu.Finiasz\/research\/2007\/finiasz-gaborit-sendrier-ecrypt-hash-workshop07.pdf"},{"key":"9_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/978-3-540-79263-5_2","volume-title":"Topics in Cryptology \u2013 CT-RSA 2008","author":"P.-A. Fouque","year":"2008","unstructured":"Fouque, P.-A., Leurent, G.: Cryptanalysis of a hash function based on quasi-cyclic codes. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol.\u00a04964, pp. 19\u201335. Springer, Heidelberg (2008)"},{"key":"9_CR27","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - EUROCRYPT \u201997","year":"1997","unstructured":"Fumy, W. (ed.): EUROCRYPT 1997. LNCS, vol.\u00a01233. Springer, Heidelberg (1997)"},{"key":"9_CR28","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - EUROCRYPT \u201988","year":"1988","unstructured":"G\u00fcnther, C.G. (ed.): EUROCRYPT 1988. LNCS, vol.\u00a0330. Springer, Heidelberg (1988)"},{"key":"9_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-642-04138-9_1","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2009","author":"E. K\u00e4sper","year":"2009","unstructured":"K\u00e4sper, E., Schwabe, P.: Faster and timing-attack resistant AES-GCM. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol.\u00a05747, pp. 1\u201317. Springer, Heidelberg (2009), http:\/\/eprint.iacr.org\/2009\/129"},{"key":"9_CR30","series-title":"Sorting and Searching","volume-title":"The art of computer programming","author":"D.E. Knuth","year":"1998","unstructured":"Knuth, D.E.: The art of computer programming, Vol. 3, Sorting and Searching, 2nd edn. Addison-Wesley, Reading (1998)","edition":"2"},{"key":"9_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"275","DOI":"10.1007\/3-540-45961-8_25","volume-title":"Advances in Cryptology - EUROCRYPT \u201988","author":"P.J. Lee","year":"1988","unstructured":"Lee, P.J., Brickell, E.F.: An observation on the security of McEliece\u2019s public-key cryptosystem. In: G\u00fcnther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol.\u00a0330, pp. 275\u2013280. Springer, Heidelberg (1988)"},{"key":"9_CR32","doi-asserted-by":"publisher","first-page":"1354","DOI":"10.1109\/18.21270","volume":"34","author":"J.S. Leon","year":"1988","unstructured":"Leon, J.S.: A probabilistic algorithm for computing minimum weights of large error-correcting codes. IEEE Transactions on Information Theory\u00a034, 1354\u20131359 (1988)","journal-title":"IEEE Transactions on Information Theory"},{"key":"9_CR33","series-title":"Lecture Notes in Computer Science","volume-title":"Topics in Cryptology \u2013 CT-RSA 2008","year":"2008","unstructured":"Malkin, T. (ed.): CT-RSA 2008. LNCS, vol.\u00a04964. Springer, Heidelberg (2008)"},{"key":"9_CR34","series-title":"Lecture Notes in Computer Science","volume-title":"Cryptographic Hardware and Embedded Systems, CHES 2010","year":"2010","unstructured":"Mangard, S., Standaert, F.-X. (eds.): CHES 2010. LNCS, vol.\u00a06225. Springer, Heidelberg (2010)"},{"key":"9_CR35","volume-title":"Proceedings of the twentieth annual ACM-SIAM symposium on discrete algorithms, SODA 2009","year":"2009","unstructured":"Mathieu, C. (ed.): Proceedings of the twentieth annual ACM-SIAM symposium on discrete algorithms, SODA 2009, New York, January 4\u20136, 2009. SIAM, Philadelphia (2009)"},{"key":"9_CR36","doi-asserted-by":"crossref","unstructured":"Minder, L., Sinclair, A.: The extended k-tree algorithm. In: SODA 2009 [35], pp. 586\u2013595 (2009), http:\/\/www.cs.berkeley.edu\/~sinclair\/ktree.pdf","DOI":"10.1137\/1.9781611973068.65"},{"key":"9_CR37","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - EUROCRYPT \u201998","year":"1998","unstructured":"Nyberg, K. (ed.): EUROCRYPT 1998. LNCS, vol.\u00a01403. Springer, Heidelberg (1998)"},{"key":"9_CR38","series-title":"Lecture Notes in Computer Science","volume-title":"Progress in Cryptology - INDOCRYPT 2008","year":"2008","unstructured":"Chowdhury, D.R., Rijmen, V., Das, A. (eds.): INDOCRYPT 2008. LNCS, vol.\u00a05365. Springer, Heidelberg (2008)"},{"key":"9_CR39","series-title":"Lecture Notes in Computer Science","volume-title":"Progress in Cryptology - INDOCRYPT 2009","year":"2009","unstructured":"Roy, B., Sendrier, N. (eds.): INDOCRYPT 2009. LNCS, vol.\u00a05922. Springer, Heidelberg (2009)"},{"key":"9_CR40","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-77026-8_1","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2007","author":"M.-J.O. Saarinen","year":"2007","unstructured":"Saarinen, M.-J.O.: Linearization attacks against syndrome based hashes. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol.\u00a04859, pp. 1\u20139. Springer, Heidelberg (2007)"},{"key":"9_CR41","series-title":"Lecture Notes in Computer Science","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2007","year":"2007","unstructured":"Srinathan, K., Rangan, C.P., Yung, M. (eds.): INDOCRYPT 2007. LNCS, vol.\u00a04859. Springer, Heidelberg (2007)"},{"key":"9_CR42","doi-asserted-by":"crossref","unstructured":"Stern, J.: A method for finding codewords of small weight. In: [19], pp. 106\u2013113 (1989)","DOI":"10.1007\/BFb0019850"},{"key":"9_CR43","doi-asserted-by":"publisher","first-page":"37","DOI":"10.1007\/s00145-009-9049-y","volume":"23","author":"E. Tromer","year":"2010","unstructured":"Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. Journal of Cryptology\u00a023, 37\u201371 (2010), http:\/\/people.csail.mit.edu\/tromer\/papers\/cache-joc-official.pdf","journal-title":"Journal of Cryptology"},{"key":"9_CR44","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"288","DOI":"10.1007\/3-540-45708-9_19","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"D. Wagner","year":"2002","unstructured":"Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol.\u00a02442, pp. 288\u2013304. Springer, Heidelberg (2002), http:\/\/www.cs.berkeley.edu\/~daw\/papers\/genbday.html"},{"key":"9_CR45","series-title":"Lecture Notes in Computer Science","volume-title":"Advances in Cryptology - CRYPTO 2002","year":"2002","unstructured":"Yung, M. (ed.): CRYPTO 2002. LNCS, vol.\u00a02442. Springer, Heidelberg (2002)"},{"key":"9_CR46","unstructured":"Zobrist, A.L.: A new hashing method with application for game playing. Technical Report 88, Computer Sciences Department, University of Wisconsin (1970), https:\/\/www.cs.wisc.edu\/techreports\/1970\/TR88.pdf"}],"container-title":["Lecture Notes in Computer Science","Progress in Cryptology \u2013 AFRICACRYPT 2011"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-21969-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,12]],"date-time":"2019-06-12T09:32:03Z","timestamp":1560331923000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-21969-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011]]},"ISBN":["9783642219689","9783642219696"],"references-count":46,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-21969-6_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2011]]}}}