{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,14]],"date-time":"2026-04-14T16:34:31Z","timestamp":1776184471208,"version":"3.50.1"},"publisher-location":"Berlin, Heidelberg","reference-count":37,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"value":"9783662529928","type":"print"},{"value":"9783662529935","type":"electronic"}],"license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2016]]},"DOI":"10.1007\/978-3-662-52993-5_15","type":"book-chapter","created":{"date-parts":[[2016,7,19]],"date-time":"2016-07-19T02:41:04Z","timestamp":1468896064000},"page":"289-310","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":43,"title":["Automatic Search for the Best Trails in ARX: Application to Block Cipher Speck"],"prefix":"10.1007","author":[{"given":"Alex","family":"Biryukov","sequence":"first","affiliation":[]},{"given":"Vesselin","family":"Velichkov","sequence":"additional","affiliation":[]},{"given":"Yann","family":"Le Corre","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,7,20]]},"reference":[{"key":"15_CR1","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"19","DOI":"10.1007\/978-3-319-11212-1_2","volume-title":"Computer Security - ESORICS 2014","author":"J-P Aumasson","year":"2014","unstructured":"Aumasson, J.-P., Jovanovic, P., Neves, S.: NORX: parallel and scalable AEAD. In: Kuty\u0142owski, M., Vaidya, J. (eds.) ICAIS 2014, Part II. LNCS, vol. 8713, pp. 19\u201336. Springer, Heidelberg (2014)"},{"key":"15_CR2","unstructured":"Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive, report 2013\/404 (2013). \n                      http:\/\/eprint.iacr.org\/"},{"issue":"1","key":"15_CR3","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/BF00630563","volume":"4","author":"E Biham","year":"1991","unstructured":"Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Crypt. 4(1), 3\u201372 (1991)","journal-title":"J. Crypt."},{"key":"15_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"546","DOI":"10.1007\/978-3-662-46706-0_28","volume-title":"Fast Software Encryption","author":"A Biryukov","year":"2015","unstructured":"Biryukov, A., Roy, A., Velichkov, V.: Differential analysis of block ciphers SIMON and SPECK. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 546\u2013570. Springer, Heidelberg (2015)"},{"key":"15_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-319-04852-9_12","volume-title":"Topics in Cryptology \u2013 CT-RSA 2014","author":"A Biryukov","year":"2014","unstructured":"Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In: Benaloh, J. (ed.) CT-RSA 2014. LNCS, vol. 8366, pp. 227\u2013250. Springer, Heidelberg (2014)"},{"key":"15_CR6","unstructured":"CryptoLUX.: FELICS - Fair Evaluation of Lightweight Cryptographic Systems (2015). \n                      https:\/\/www.cryptolux.org\/index.php\/FELICS"},{"key":"15_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1007\/3-540-46035-7_7","volume-title":"Advances in Cryptology - EUROCRYPT 2002","author":"J Daemen","year":"2002","unstructured":"Daemen, J., Rijmen, V.: AES and the wide trail design strategy. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 108\u2013109. Springer, Heidelberg (2002)"},{"key":"15_CR8","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-04722-4","volume-title":"The Design of Rijndael: AES - The Advanced Encryption Standard","author":"J Daemen","year":"2002","unstructured":"Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Springer, Heidelberg (2002)"},{"key":"15_CR9","first-page":"212","volume":"2005","author":"J Daemen","year":"2005","unstructured":"Daemen, J., Rijmen, V.: Probability distributions of correlation and differentials in block ciphers. IACR Cryptology ePrint Archive 2005, 212 (2005)","journal-title":"IACR Cryptology ePrint Archive"},{"key":"15_CR10","unstructured":"Dehnavi, S.M., Rishakani, A.M., Shamsabad, M.R.M.: A More explicit formula for linear probabilities of modular addition modulo a power of two. Cryptology ePrint Archive, report 2015\/026 (2015). \n                      http:\/\/eprint.iacr.org\/"},{"key":"15_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"490","DOI":"10.1007\/978-3-662-48800-3_20","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2015","author":"C Dobraunig","year":"2015","unstructured":"Dobraunig, C., Eichlseder, M., Mendel, F.: Heuristic tool for linear cryptanalysis with applications to CAESAR candidates. In: Iwata, T., et al. (eds.) ASIACRYPT 2015. LNCS, vol. 9453, pp. 490\u2013509. Springer, Heidelberg (2015). doi:\n                      10.1007\/978-3-662-48800-3_20"},{"key":"15_CR12","unstructured":"Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The skein hash function family. Submission to the NIST SHA-3 Competition (Round 2) (2009)"},{"key":"15_CR13","doi-asserted-by":"crossref","unstructured":"Fu, K., Wang, M., Guo, Y., Sun, S., Hu, L.: MILP-based automatic search algorithms for differential and linear trails for speck. In: 23rd International Workshop on Fast Software Encryption, FSE 2016, Bochum, Germany, 20\u201323 March (2016, to appear)","DOI":"10.1007\/978-3-662-52993-5_14"},{"key":"15_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1007\/3-540-46416-6_2","volume-title":"Advances in Cryptology - EUROCRYPT 1991","author":"X Lai","year":"1991","unstructured":"Lai, X., Massey, J.L.: Markov ciphers and differential cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17\u201338. Springer, Heidelberg (1991)"},{"key":"15_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1007\/978-3-642-34961-4_15","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"G Leurent","year":"2012","unstructured":"Leurent, G.: Analysis of differential attacks in ARX constructions. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 226\u2013243. Springer, Heidelberg (2012)"},{"key":"15_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"241","DOI":"10.1007\/978-3-642-40041-4_14","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"G Leurent","year":"2013","unstructured":"Leurent, G.: Construction of differential characteristics in ARX designs application to Skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 241\u2013258. Springer, Heidelberg (2013)"},{"key":"15_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"336","DOI":"10.1007\/3-540-45473-X_28","volume-title":"Fast Software Encryption","author":"H Lipmaa","year":"2002","unstructured":"Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In: Matsui, M. (ed.) FSE 2001. LNCS, vol. 2355, pp. 336\u2013350. Springer, Heidelberg (2002)"},{"key":"15_CR18","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"366","DOI":"10.1007\/BFb0053451","volume-title":"Advances in Cryptology - EUROCRYPT 1994","author":"M Matsui","year":"1995","unstructured":"Matsui, M.: On correlation between the order of s-boxes and the strength of DES. In: De Santis, A. (ed.) EUROCRYPT 1994. LNCS, vol. 950, pp. 366\u2013375. Springer, Heidelberg (1995)"},{"key":"15_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1007\/3-540-47555-9_7","volume-title":"Advances in Cryptology - EUROCRYPT 1992","author":"M Matsui","year":"1993","unstructured":"Matsui, M., Yamagishi, A.: A new method for known plaintext attack of FEAL cipher. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 81\u201391. Springer, Heidelberg (1993)"},{"key":"15_CR20","unstructured":"McKay, K.A., Vora, P.L.: Analysis of ARX functions: pseudo-linear methods for approximation, differentials, and evaluating diffusion. Cryptology ePrint Archive, report 2014\/895 (2014). \n                      http:\/\/eprint.iacr.org\/"},{"key":"15_CR21","unstructured":"Mouha, N., Preneel, B.: Towards finding optimal differential characteristics for ARX: application to Salsa20. Cryptology ePrint Archive, report 2013\/328 (2013). \n                      http:\/\/eprint.iacr.org\/"},{"key":"15_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1007\/978-3-642-19574-7_3","volume-title":"Selected Areas in Cryptography","author":"N Mouha","year":"2011","unstructured":"Mouha, N., Velichkov, V., De Canni\u00e8re, C., Preneel, B.: The differential analysis of S-functions. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 36\u201356. Springer, Heidelberg (2011)"},{"key":"15_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"57","DOI":"10.1007\/978-3-642-34704-7_5","volume-title":"Information Security and Cryptology","author":"N Mouha","year":"2012","unstructured":"Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57\u201376. Springer, Heidelberg (2012)"},{"key":"15_CR24","unstructured":"National Institute of Standards, U.S. Department of Commerce. FIPS 47: Data Encryption Standard (1977)"},{"key":"15_CR25","unstructured":"NIST: Lightweight Cryptography Workshop (2015). \n                      http:\/\/www.nist.gov\/itl\/csd\/ct\/lwc_workshop2015.cfm\n                      \n                    , July 2015"},{"key":"15_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/11799313_10","volume-title":"Fast Software Encryption","author":"K Nyberg","year":"2006","unstructured":"Nyberg, K., Wall\u00e9n, J.: Improved linear distinguishers for SNOW 2.0. In: Robshaw, M. (ed.) FSE 2006. LNCS, vol. 4047, pp. 144\u2013162. Springer, Heidelberg (2006)"},{"issue":"1\u20133","key":"15_CR27","doi-asserted-by":"publisher","first-page":"111","DOI":"10.1007\/s10623-012-9668-4","volume":"66","author":"E Schulte-Geers","year":"2013","unstructured":"Schulte-Geers, E.: On CCZ-equivalence of addition mod \n                      \n                        \n                      \n                      $$2^n$$\n                    . Des. Codes Crypt. 66(1\u20133), 111\u2013127 (2013)","journal-title":"Des. Codes Crypt."},{"key":"15_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"crossref","first-page":"158","DOI":"10.1007\/978-3-662-45611-8_9","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2014","author":"S Sun","year":"2014","unstructured":"Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158\u2013178. Springer, Heidelberg (2014)"},{"key":"15_CR29","doi-asserted-by":"crossref","unstructured":"Varrette, S., Bouvry, P., Cartiaux, H., Georgatos, F.: Management of an academic HPC cluster: the UL experience. In: Proceedings of the 2014 International Conference on High Performance Computing & Simulation (HPCS 2014), pp. 959\u2013967. IEEE, Bologna, Italy, July 2014","DOI":"10.1109\/HPCSim.2014.6903792"},{"key":"15_CR30","unstructured":"Velichkov, V.: YAARX: Yet another toolkit for the analysis of ARX cryptographic algorithms. Laboratory of Algorithmics, Cryptology and Security (LACS), University of Luxembourg, 2013\u20132016. \n                      https:\/\/github.com\/vesselinux\/yaarx"},{"key":"15_CR31","unstructured":"Velichkov, V., Corre, Y.L.: Tool for searching for optimal trails in ARX. Laboratory of Algorithmics, Cryptology and Security (LACS), University of Luxembourg (2016). \n                      https:\/\/www.cryptolux.org"},{"key":"15_CR32","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"261","DOI":"10.1007\/978-3-540-39887-5_20","volume-title":"Fast Software Encryption","author":"J Wall\u00e9n","year":"2003","unstructured":"Wall\u00e9n, J.: Linear approximations of addition modulo 2\n                      \n                        \n                      \n                      $$^{n}$$\n                    . In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 261\u2013273. Springer, Heidelberg (2003)"},{"key":"15_CR33","unstructured":"Wall\u00e9n, J.: On the differential and linear properties of addition. Master\u2019s thesis, Helsinki University of Technology (2003)"},{"key":"15_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/11426639_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X Wang","year":"2005","unstructured":"Wang, X., Lai, X., Feng, D., Chen, H., Yu, X.: Cryptanalysis of the hash functions MD4 and RIPEMD. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 1\u201318. Springer, Heidelberg (2005)"},{"key":"15_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"17","DOI":"10.1007\/11535218_2","volume-title":"Advances in Cryptology \u2013 CRYPTO 2005","author":"X Wang","year":"2005","unstructured":"Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17\u201336. Springer, Heidelberg (2005)"},{"key":"15_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1007\/11426639_2","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2005","author":"X Wang","year":"2005","unstructured":"Wang, X., Yu, H.: How to break MD5 and other hash functions. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 19\u201335. Springer, Heidelberg (2005)"},{"key":"15_CR37","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"158","DOI":"10.1007\/978-3-319-23318-5_9","volume-title":"Information Security","author":"Y Yao","year":"2015","unstructured":"Yao, Y., Zhang, B., Wu, W.: Automatic search for linear trails of the SPECK family. In: L\u00f3pez, J., Mitchell, C.J. (eds.) ISC 2015. LNCS, vol. 9290, pp. 158\u2013176. Springer, Heidelberg (2015)"}],"container-title":["Lecture Notes in Computer Science","Fast Software Encryption"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-662-52993-5_15","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,19]],"date-time":"2020-03-19T01:04:51Z","timestamp":1584579891000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-662-52993-5_15"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"ISBN":["9783662529928","9783662529935"],"references-count":37,"URL":"https:\/\/doi.org\/10.1007\/978-3-662-52993-5_15","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]},"assertion":[{"value":"20 July 2016","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"FSE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Fast Software Encryption","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Bochum","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2016","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20 March 2016","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 March 2016","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"fse2016","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}