{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,24]],"date-time":"2026-01-24T23:54:45Z","timestamp":1769298885601,"version":"3.49.0"},"publisher-location":"Berlin, Heidelberg","reference-count":38,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662479889","type":"print"},{"value":"9783662479896","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-662-47989-6_9","type":"book-chapter","created":{"date-parts":[[2015,7,30]],"date-time":"2015-07-30T22:36:05Z","timestamp":1438295765000},"page":"189-208","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":52,"title":["Tweaking Even-Mansour Ciphers"],"prefix":"10.1007","author":[{"given":"Beno\u00eet","family":"Cogliati","sequence":"first","affiliation":[]},{"given":"Rodolphe","family":"Lampe","sequence":"additional","affiliation":[]},{"given":"Yannick","family":"Seurin","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2015,8,1]]},"reference":[{"key":"9_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/978-3-642-40041-4_29","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"E Andreeva","year":"2013","unstructured":"Andreeva, E., Bogdanov, A., Dodis, Y., Mennink, B., Steinberger, J.P.: On the indifferentiability of key-alternating ciphers. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 531\u2013550. Springer, Heidelberg (2013). \n                      http:\/\/eprint.iacr.org\/2013\/061"},{"key":"9_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"424","DOI":"10.1007\/978-3-642-42033-7_22","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"E Andreeva","year":"2013","unstructured":"Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Tischhauser, E., Yasuda, K.: Parallelizable and authenticated online ciphers. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 424\u2013443. Springer, Heidelberg (2013)"},{"key":"9_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"348","DOI":"10.1007\/978-3-662-43933-3_18","volume-title":"Fast Software Encryption","author":"E Andreeva","year":"2014","unstructured":"Andreeva, E., Bogdanov, A., Mennink, B.: Towards understanding the known-key security of block ciphers. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 348\u2013366. Springer, Heidelberg (2014)"},{"key":"9_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"491","DOI":"10.1007\/3-540-39200-9_31","volume-title":"Advances in Cryptology \u2013 EUROCRPYT 2003","author":"M Bellare","year":"2003","unstructured":"Bellare, M., Kohno, T.: A theoretical treatment of related-key attacks: RKA-PRPs, RKA-PRFs, and applications. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 491\u2013506. Springer, Heidelberg (2003)"},{"key":"9_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1007\/978-3-642-29011-4_5","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"A Bogdanov","year":"2012","unstructured":"Bogdanov, A., Knudsen, L.R., Leander, G., Standaert, F.-X., Steinberger, J., Tischhauser, E.: Key-alternating ciphers in a provable setting: encryption using a small number of public permutations. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 45\u201362. Springer, Heidelberg (2012)"},{"key":"9_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1007\/978-3-662-44371-2_3","volume-title":"Advances in Cryptology \u2013 CRYPTO 2014","author":"S Chen","year":"2014","unstructured":"Chen, S., Lampe, R., Lee, J., Seurin, Y., Steinberger, J.: Minimizing the two-round even-mansour cipher. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part I. LNCS, vol. 8616, pp. 39\u201356. Springer, Heidelberg (2014). \n                      http:\/\/eprint.iacr.org\/2014\/443"},{"key":"9_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-642-55220-5_19","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2014","author":"S Chen","year":"2014","unstructured":"Chen, S., Steinberger, J.: Tight security bounds for key-alternating ciphers. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 327\u2013350. Springer, Heidelberg (2014). \n                      http:\/\/eprint.iacr.org\/2013\/222"},{"key":"9_CR8","doi-asserted-by":"crossref","unstructured":"Cogliati, B., Lampe, R., Seurin, Y.: Tweaking even-mansour ciphers. Full version of this paper. \n                      http:\/\/eprint.iacr.org\/2015\/539","DOI":"10.1007\/978-3-662-47989-6_9"},{"key":"9_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"584","DOI":"10.1007\/978-3-662-46800-5_23","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2015","author":"B Cogliati","year":"2015","unstructured":"Cogliati, B., Seurin, Y.: On the provable security of the iterated even-mansour cipher against related-key and chosen-key attacks. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 584\u2013613. Springer, Heidelberg (2015). \n                      http:\/\/eprint.iacr.org\/2015\/069"},{"key":"9_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1007\/3-540-44706-7_4","volume-title":"Fast Software Encryption","author":"P Crowley","year":"2001","unstructured":"Crowley, P.: Mercy: a fast large block cipher for disk sector encryption. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 49\u201363. Springer, Heidelberg (2001)"},{"key":"9_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1007\/3-540-45325-3_20","volume-title":"Cryptography and Coding","author":"J Daemen","year":"2001","unstructured":"Daemen, J., Rijmen, V.: The wide trail design strategy. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 222\u2013238. Springer, Heidelberg (2001)"},{"key":"9_CR12","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/978-3-642-29011-4_21","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2012","author":"O Dunkelman","year":"2012","unstructured":"Dunkelman, O., Keller, N., Shamir, A.: Minimalism in cryptography: the even-mansour scheme revisited. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 336\u2013354. Springer, Heidelberg (2012)"},{"issue":"3","key":"9_CR13","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/s001459900025","volume":"10","author":"S Even","year":"1997","unstructured":"Even, S., Mansour, Y.: A construction of a cipher from a single pseudorandom permutation. J. Crypt. 10(3), 151\u2013162 (1997)","journal-title":"J. Crypt."},{"key":"9_CR14","doi-asserted-by":"crossref","unstructured":"Farshim, P., Procter, G.: The related-key security of iterated even-mansour ciphers. In: Fast Software Encryption - FSE 2015 (2015, to appear). Full version available at \n                      http:\/\/eprint.iacr.org\/2014\/953","DOI":"10.1007\/978-3-662-48116-5_17"},{"key":"9_CR15","unstructured":"Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The skein hash function family. SHA3 Submission to NIST (Round 3) (2010)"},{"key":"9_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"342","DOI":"10.1007\/978-3-540-76900-2_21","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2007","author":"D Goldenberg","year":"2007","unstructured":"Goldenberg, D., Hohenberger, S., Liskov, M., Schwartz, E.C., Seyalioglu, H.: On tweaking luby-rackoff blockciphers. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 342\u2013356. Springer, Heidelberg (2007)"},{"key":"9_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"482","DOI":"10.1007\/978-3-540-45146-4_28","volume-title":"Advances in Cryptology - CRYPTO 2003","author":"S Halevi","year":"2003","unstructured":"Halevi, S., Rogaway, P.: A tweakable enciphering mode. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 482\u2013499. Springer, Heidelberg (2003)"},{"key":"9_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1007\/978-3-540-24660-2_23","volume-title":"Topics in Cryptology \u2013 CT-RSA 2004","author":"S Halevi","year":"2004","unstructured":"Halevi, S., Rogaway, P.: A parallelizable enciphering mode. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 292\u2013304. Springer, Heidelberg (2004)"},{"key":"9_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"613","DOI":"10.1007\/978-3-642-14623-7_33","volume-title":"Advances in Cryptology \u2013 CRYPTO 2010","author":"VT Hoang","year":"2010","unstructured":"Hoang, V.T., Rogaway, P.: On generalized feistel networks. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 613\u2013630. Springer, Heidelberg (2010)"},{"key":"9_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"274","DOI":"10.1007\/978-3-662-45608-8_15","volume-title":"Advances in Cryptology - ASIACRYPT 2014","author":"J Jean","year":"2014","unstructured":"Jean, J., Nikolic, I., Peyrin, T.: Tweaks and keys for block ciphers: the tweakey framework. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 274\u2013288. Springer, Heidelberg (2014)"},{"key":"9_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-642-34961-4_18","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"R Lampe","year":"2012","unstructured":"Lampe, R., Patarin, J., Seurin, Y.: An asymptotically tight security analysis of the iterated even-mansour cipher. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 278\u2013295. Springer, Heidelberg (2012)"},{"key":"9_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"444","DOI":"10.1007\/978-3-642-42033-7_23","volume-title":"Advances in Cryptology - ASIACRYPT 2013","author":"R Lampe","year":"2013","unstructured":"Lampe, R., Seurin, Y.: How to construct an ideal cipher from a small set of public permutations. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013, Part I. LNCS, vol. 8269, pp. 444\u2013463. Springer, Heidelberg (2013). \n                      http:\/\/eprint.iacr.org\/2013\/255"},{"key":"9_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1007\/978-3-662-43933-3_8","volume-title":"Fast Software Encryption","author":"R Lampe","year":"2014","unstructured":"Lampe, R., Seurin, Y.: Tweakable blockciphers with asymptotically optimal security. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 133\u2013152. Springer, Heidelberg (2014)"},{"key":"9_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1007\/978-3-642-32009-5_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"W Landecker","year":"2012","unstructured":"Landecker, W., Shrimpton, T., Terashima, R.S.: Tweakable blockciphers with beyond birthday-bound security. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 14\u201330. Springer, Heidelberg (2012). \n                      http:\/\/eprint.iacr.org\/2012\/450"},{"key":"9_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/3-540-45708-9_3","volume-title":"Advances in Cryptology - CRYPTO 2002","author":"M Liskov","year":"2002","unstructured":"Liskov, M., Rivest, R.L., Wagner, D.: Tweakable block ciphers. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 31\u201346. Springer, Heidelberg (2002)"},{"key":"9_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1007\/978-3-642-03317-9_19","volume-title":"Fast Software Encryption","author":"K Minematsu","year":"2009","unstructured":"Minematsu, K.: Beyond-birthday-bound security based on tweakable block cipher. In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol. 5665, pp. 308\u2013326. Springer, Heidelberg (2009)"},{"key":"9_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"22","DOI":"10.1007\/978-3-540-88733-1_2","volume-title":"Provable Security","author":"A Mitsuda","year":"2008","unstructured":"Mitsuda, A., Iwata, T.: Tweakable pseudorandom permutation from generalized feistel structure. In: Baek, J., Bao, F., Chen, K., Lai, X. (eds.) ProvSec 2008. LNCS, vol. 5324, pp. 22\u201337. Springer, Heidelberg (2008)"},{"key":"9_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"286","DOI":"10.1007\/978-3-642-03356-8_17","volume-title":"Advances in Cryptology - CRYPTO 2009","author":"B Morris","year":"2009","unstructured":"Morris, B., Rogaway, P., Stegers, T.: How to encipher messages on a small domain. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 286\u2013302. Springer, Heidelberg (2009)"},{"key":"9_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"566","DOI":"10.1007\/3-540-48071-4_41","volume-title":"Advances in Cryptology - CRYPTO \u201992","author":"K Nyberg","year":"1993","unstructured":"Nyberg, K., Knudsen, L.R.: Provable security against differential cryptanalysis. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 566\u2013574. Springer, Heidelberg (1993)"},{"key":"9_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1007\/978-3-642-04159-4_21","volume-title":"Selected Areas in Cryptography","author":"J Patarin","year":"2009","unstructured":"Patarin, J.: The \u201cCoefficients H\u201d technique. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 328\u2013345. Springer, Heidelberg (2009)"},{"key":"9_CR31","unstructured":"Procter, G.: A note on the CLRW2 tweakable block cipher construction. IACR Cryptology ePrint Archive, report 2014\/111 (2014). \n                      http:\/\/eprint.iacr.org\/2014\/111"},{"key":"9_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"16","DOI":"10.1007\/978-3-540-30539-2_2","volume-title":"Advances in Cryptology - ASIACRYPT 2004","author":"P Rogaway","year":"2004","unstructured":"Rogaway, P.: Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 16\u201331. Springer, Heidelberg (2004)"},{"issue":"3","key":"9_CR33","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1145\/937527.937529","volume":"6","author":"P Rogaway","year":"2003","unstructured":"Rogaway, P., Bellare, M., Black, J.: OCB: a block-cipher mode of operation for efficient authenticated encryption. ACM Trans. Inf. Syst. Secur. 6(3), 365\u2013403 (2003)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"9_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1007\/978-3-642-19074-2_16","volume-title":"Topics in Cryptology \u2013 CT-RSA 2011","author":"P Rogaway","year":"2011","unstructured":"Rogaway, P., Zhang, H.: Online ciphers from tweakable blockciphers. In: Kiayias, A. (ed.) CT-RSA 2011. LNCS, vol. 6558, pp. 237\u2013249. Springer, Heidelberg (2011)"},{"key":"9_CR35","unstructured":"Sasaki, Y., Todo, Y., Aoki, K., Naito, Y., Sugawara, T., Murakami, Y., Matsui, M., Hirose, S.: Minalpher v1. Submission to the CAESAR competition (2014)"},{"key":"9_CR36","unstructured":"Schroeppel, R.: The hasty pudding cipher. AES submission to NIST (1998)"},{"key":"9_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"313","DOI":"10.1007\/3-540-68697-5_24","volume-title":"Advances in Cryptology - CRYPTO \u201996","author":"V Shoup","year":"1996","unstructured":"Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313\u2013328. Springer, Heidelberg (1996)"},{"key":"9_CR38","unstructured":"Steinberger, J.: Improved security bounds for Key-alternating ciphers via Hellinger distance. IACR Cryptology ePrint Archive, report 2012\/481 (2012). \n                      http:\/\/eprint.iacr.org\/2012\/481"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology -- CRYPTO 2015"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-47989-6_9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,8,9]],"date-time":"2019-08-09T20:03:42Z","timestamp":1565381022000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-47989-6_9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783662479889","9783662479896"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-47989-6_9","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]},"assertion":[{"value":"1 August 2015","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}