{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T09:59:58Z","timestamp":1771667998494,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":25,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662479889","type":"print"},{"value":"9783662479896","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-662-47989-6_31","type":"book-chapter","created":{"date-parts":[[2015,7,31]],"date-time":"2015-07-31T02:36:05Z","timestamp":1438310165000},"page":"643-662","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":25,"title":["Fast Correlation Attacks over Extension Fields, Large-Unit Linear Approximation and Cryptanalysis of SNOW 2.0"],"prefix":"10.1007","author":[{"given":"Bin","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Chao","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Willi","family":"Meier","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,8,1]]},"reference":[{"key":"31_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"432","DOI":"10.1007\/978-3-540-30539-2_31","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"T Baign\u00e8res","year":"2004","unstructured":"Baign\u00e8res, T., Junod, P., Vaudenay, S.: How far can we go beyond linear cryptanalysis? In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 432\u2013450. Springer, Heidelberg (2004)"},{"key":"31_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"98","DOI":"10.1007\/978-3-540-68351-3_9","volume-title":"New Stream Cipher Designs","author":"C Berbain","year":"2008","unstructured":"Berbain, C., et al.: Sosemanuk, a fast software-oriented stream cipher. In: Robshaw, M., Billet, O. (eds.) New Stream Cipher Designs. LNCS, vol. 4986, pp. 98\u2013118. Springer, Heidelberg (2008)"},{"key":"31_CR3","doi-asserted-by":"crossref","unstructured":"Canteaut, A.: Fast correlation attacks against stream ciphers and related open problems. In: 2005 IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, pp. 49\u201354 (2005)","DOI":"10.1109\/ITWTPI.2005.4638690"},{"key":"31_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"181","DOI":"10.1007\/3-540-44706-7_13","volume-title":"Fast Software Encryption","author":"VV Chepyzhov","year":"2001","unstructured":"Chepyzhov, V.V., Johansson, T., Smeets, B.: A simple algorithm for fast correlation attacks on stream ciphers. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 181\u2013195. Springer, Heidelberg (2001)"},{"key":"31_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1007\/3-540-46035-7_14","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"P Chose","year":"2002","unstructured":"Chose, P., Joux, A., Mitton, M.: Fast correlation attacks: An algorithmic point of view. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 209\u2013221. Springer, Heidelberg (2002)"},{"key":"31_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"47","DOI":"10.1007\/3-540-36492-7_5","volume-title":"Selected Areas in Cryptography-SAC 2003","author":"P Ekdahl","year":"2003","unstructured":"Ekdahl, P., Johansson, T.: A new version of the stream cipher SNOW. In: Nyberg, K., Heys, H. (eds.) SAC 2002. LNCS, vol. 2595, pp. 47\u201361. Springer, Berlin (2003)"},{"key":"31_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"130","DOI":"10.1007\/11596219_11","volume-title":"Progress in Cryptology - INDOCRYPT 2005","author":"H Englund","year":"2005","unstructured":"Englund, H., Maximov, A.: Attack the dragon. In: Maitra, S., Veni Madhavan, C.E., Venkatesan, R. (eds.) INDOCRYPT 2005. LNCS, vol. 3797, pp. 130\u2013142. Springer, Heidelberg (2005)"},{"key":"31_CR8","unstructured":"ETSI\/SAGE. Specification of the 3GPP confidentiality and integrity algorithms uea2 & uia2. In: Document 2: SNOW 3G Specification, version 1.1, September 2006. http:\/\/www.3gpp.org\/ftp\/"},{"key":"31_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"209","DOI":"10.1007\/978-3-642-03317-9_13","volume-title":"Fast Software Encryption","author":"M Hermelin","year":"2009","unstructured":"Hermelin, M., Cho, J.Y., Nyberg, K.: Multidimensional extension of Matsui\u2019s algorithm 2. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 209\u2013227. Springer, Heidelberg (2009)"},{"key":"31_CR10","doi-asserted-by":"crossref","unstructured":"J\u00f6nsson, F., Johansson, T.; Correlation attacks on stream ciphers over $$\\text{ GF }(2^n)$$ GF ( 2 n ) . In: 2001 IEEE International Symposium on Information Theory-ISIT 2001, p. 140 (2001)","DOI":"10.1109\/ISIT.2001.936003"},{"key":"31_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"300","DOI":"10.1007\/3-540-44598-6_19","volume-title":"Advances in Cryptology - CRYPTO 2000","author":"T Johansson","year":"2000","unstructured":"Johansson, T., J\u00f6nsson, F.: Fast correlation attacks through reconstruction of linear polynomials. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 300\u2013315. Springer, Heidelberg (2000)"},{"key":"31_CR12","unstructured":"J\u00f6nsson, F.: Some results on fast correlation attacks. Ph.D. thesis, Lund University, Sweden (2002)"},{"key":"31_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"524","DOI":"10.1007\/978-3-540-89255-7_32","volume-title":"Advances in Cryptology - ASIACRYPT 2008","author":"J-K Lee","year":"2008","unstructured":"Lee, J.-K., Lee, D.-H., Park, S.: Cryptanalysis of SOSEMANUK and SNOW 2.0 using linear masks. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 524\u2013538. Springer, Heidelberg (2008)"},{"key":"31_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"407","DOI":"10.1007\/978-3-540-28628-8_25","volume-title":"Advances in Cryptology \u2013 CRYPTO 2004","author":"Y Lu","year":"2004","unstructured":"Lu, Y., Vaudenay, S.: Faster correlation attack on Bluetooth keystream generator E0. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 407\u2013425. Springer, Heidelberg (2004)"},{"issue":"1","key":"31_CR15","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1109\/TIT.1969.1054260","volume":"IT\u201315","author":"JL Massey","year":"1969","unstructured":"Massey, J.L.: Shift-register synthesis and BCH decoding. IEEE Trans. Inf. Theor. IT\u201315(1), 122\u2013127 (1969)","journal-title":"IEEE Trans. Inf. Theor."},{"key":"31_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"386","DOI":"10.1007\/3-540-48285-7_33","volume-title":"Advances in Cryptology - EUROCRYPT 1993","author":"M Matsui","year":"1994","unstructured":"Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386\u2013397. Springer, Heidelberg (1994)"},{"key":"31_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/11593447_17","volume-title":"Advances in Cryptology - ASIACRYPT 2005","author":"A Maximov","year":"2005","unstructured":"Maximov, A., Johansson, T.: Fast computation of large distributions and its cryptographic applications. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 313\u2013332. Springer, Heidelberg (2005)"},{"key":"31_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/978-3-642-21702-9_4","volume-title":"Fast Software Encryption","author":"W Meier","year":"2011","unstructured":"Meier, W.: Fast correlation attacks: methods and countermeasures. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 55\u201367. Springer, Heidelberg (2011)"},{"key":"31_CR19","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/BF02252874","volume":"1","author":"W Meier","year":"1989","unstructured":"Meier, W., Staffelbach, O.: Fast correlation attacks on certain stream ciphers. J. Cryptology 1, 159\u2013176 (1989)","journal-title":"J. Cryptology"},{"issue":"2","key":"31_CR20","doi-asserted-by":"publisher","first-page":"148","DOI":"10.1080\/0161-110391891838","volume":"27","author":"MA Musa","year":"2003","unstructured":"Musa, M.A., Schaefer, E.F., Wedig, S.: A simplified AES algorithm and its linear and differential cryptanalyses. Cryptologia 27(2), 148\u2013177 (2003)","journal-title":"Cryptologia"},{"key":"31_CR21","doi-asserted-by":"crossref","unstructured":"Nyberg, K., Hermelin., M.: Multidimensional Walsh transform and a characterization of bent functions. In: 2007 IEEE Information Theory Workshop on Information Theory for Wireless Networks, pp. 1\u20134 (2007)","DOI":"10.1109\/ITWITWN.2007.4318037"},{"key":"31_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/11799313_10","volume-title":"Fast Software Encryption","author":"K Nyberg","year":"2006","unstructured":"Nyberg, K., Wall\u00e9n, J.: Improved linear distinguishers for SNOW 2.0. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 144\u2013162. Springer, Heidelberg (2006)"},{"issue":"1","key":"31_CR23","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1145\/584091.584093","volume":"5","author":"CE Shannon","year":"2001","unstructured":"Shannon, C.E.: A mathematical theory of communication. ACM Sigmobile Mob. Comput. Commun. Rev. 5(1), 3\u201355 (2001)","journal-title":"ACM Sigmobile Mob. Comput. Commun. Rev."},{"key":"31_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"288","DOI":"10.1007\/3-540-45708-9_19","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"D Wagner","year":"2002","unstructured":"Wagner, D.: A generalized birthday problem. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 288\u2013304. Springer, Heidelberg (2002)"},{"key":"31_CR25","volume-title":"Hadamard Matrix Analysis and Synthesis with Applications to Communications and Signal\/Image Processing","author":"RKR Yarlagadda","year":"1997","unstructured":"Yarlagadda, R.K.R., Hershey, J.E.: Hadamard Matrix Analysis and Synthesis with Applications to Communications and Signal\/Image Processing. Kluwer Academic Publishers, Boston (1997)"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology -- CRYPTO 2015"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-47989-6_31","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,29]],"date-time":"2025-05-29T20:40:35Z","timestamp":1748551235000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-47989-6_31"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783662479889","9783662479896"],"references-count":25,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-47989-6_31","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"1 August 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}