{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,4,10]],"date-time":"2025-04-10T14:14:38Z","timestamp":1744294478951,"version":"3.40.3"},"publisher-location":"Singapore","reference-count":85,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819609437"},{"type":"electronic","value":"9789819609444"}],"license":[{"start":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T00:00:00Z","timestamp":1733961600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,12,12]],"date-time":"2024-12-12T00:00:00Z","timestamp":1733961600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-981-96-0944-4_13","type":"book-chapter","created":{"date-parts":[[2024,12,11]],"date-time":"2024-12-11T06:02:13Z","timestamp":1733896933000},"page":"396-430","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Quantum Algorithms for\u00a0Fast Correlation Attacks on\u00a0LFSR-Based Stream Ciphers"],"prefix":"10.1007","author":[{"given":"Akinori","family":"Hosoyamada","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2024,12,12]]},"reference":[{"issue":"1","key":"13_CR1","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1504\/IJWMC.2011.044106","volume":"5","author":"M \u00c5gren","year":"2011","unstructured":"\u00c5gren, M., Hell, M., Johansson, T., Meier, W.: Grain-128a: a new version of grain-128 with optional authentication. Int. J. Wirel. Mob. Comput. 5(1), 48\u201359 (2011)","journal-title":"Int. J. Wirel. Mob. Comput."},{"issue":"3\u20134","key":"13_CR2","doi-asserted-by":"publisher","first-page":"173","DOI":"10.1007\/s12095-012-0062-x","volume":"4","author":"M \u00c5gren","year":"2012","unstructured":"\u00c5gren, M., L\u00f6ndahl, C., Hell, M., Johansson, T.: A survey on fast correlation attacks. Cryptogr. Commun. 4(3-4), 173\u2013202 (2012)","journal-title":"Cryptogr. Commun."},{"key":"13_CR3","doi-asserted-by":"crossref","unstructured":"Aumasson, J., Fischer, S., Khazaei, S., Meier, W., Rechberger, C.: New features of latin dances: Analysis of salsa, chacha, and rumba. In: FSE 2008, Revised Selected Papers. LNCS, vol.\u00a05086, pp. 470\u2013488. Springer (2008)","DOI":"10.1007\/978-3-540-71039-4_30"},{"key":"13_CR4","doi-asserted-by":"crossref","unstructured":"Bera, D., Tharrmashastha, S.: Quantum and randomised algorithms for non-linearity estimation. ACM Transactions on Quantum Computing 2(2) (June 2021)","DOI":"10.1145\/3456509"},{"key":"13_CR5","doi-asserted-by":"crossref","unstructured":"Berbain, C., Billet, O., Canteaut, A., Courtois, N.T., Gilbert, H., Goubin, L., Gouget, A., Granboulan, L., Lauradoux, C., Minier, M., Pornin, T., Sibert, H.: Sosemanuk, a fast software-oriented stream cipher. In: New Stream Cipher Designs - The eSTREAM Finalists, LNCS, vol.\u00a04986, pp. 98\u2013118. Springer (2008)","DOI":"10.1007\/978-3-540-68351-3_9"},{"key":"13_CR6","doi-asserted-by":"crossref","unstructured":"Berbain, C., Gilbert, H.: On the security of IV dependent stream ciphers. In: Biryukov, A. (ed.) FSE 2007, Revised Selected Papers. LNCS, vol.\u00a04593, pp. 254\u2013273. Springer (2007)","DOI":"10.1007\/978-3-540-74619-5_17"},{"key":"13_CR7","doi-asserted-by":"crossref","unstructured":"Berbain, C., Gilbert, H., Maximov, A.: Cryptanalysis of grain. In: Robshaw, M.J.B. (ed.) FSE 2006, Revised Selected Papers. LNCS, vol.\u00a04047, pp. 15\u201329. Springer (2006)","DOI":"10.1007\/11799313_2"},{"key":"13_CR8","unstructured":"Bernstein, D.J.: ChaCha, a variant of Salsa20. In: Workshop Record of SASC. vol.\u00a08 (2008)"},{"key":"13_CR9","doi-asserted-by":"crossref","unstructured":"Bernstein, D.J.: The Salsa20 family of stream ciphers. In: New Stream Cipher Designs - The eSTREAM Finalists, LNCS, vol.\u00a04986, pp. 84\u201397. Springer (2008)","DOI":"10.1007\/978-3-540-68351-3_8"},{"key":"13_CR10","doi-asserted-by":"crossref","unstructured":"Boneh, D., Zhandry, M.: Quantum-secure message authentication codes. In: EUROCRYPT 2013, Proceedings. LNCS, vol.\u00a07881, pp. 592\u2013608. Springer (2013)","DOI":"10.1007\/978-3-642-38348-9_35"},{"key":"13_CR11","doi-asserted-by":"crossref","unstructured":"Bonnetain, X., Hosoyamada, A., Naya-Plasencia, M., Sasaki, Y., Schrottenloher, A.: Quantum attacks without superposition queries: The offline simon\u2019s algorithm. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019, Proceedings, Part I. LNCS, vol. 11921, pp. 552\u2013583. Springer (2019)","DOI":"10.1007\/978-3-030-34578-5_20"},{"key":"13_CR12","doi-asserted-by":"crossref","unstructured":"Bonnetain, X., Hosoyamada, A., Naya-Plasencia, M., Sasaki, Y., Schrottenloher, A.: Quantum attacks without superposition queries: The offline simon\u2019s algorithm. In: ASIACRYPT 2019, Part I. LNCS, vol. 11921, pp. 552\u2013583. Springer (2019)","DOI":"10.1007\/978-3-030-34578-5_20"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Bonnetain, X., Naya-Plasencia, M., Schrottenloher, A.: On quantum slide attacks. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019, Revised Selected Papers. LNCS, vol. 11959, pp. 492\u2013519. Springer (2019)","DOI":"10.1007\/978-3-030-38471-5_20"},{"key":"13_CR14","doi-asserted-by":"crossref","unstructured":"Bonnetain, X., Schrottenloher, A., Sibleyras, F.: Beyond quadratic speedups in quantum attacks on symmetric schemes. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Proceedings, Part III. LNCS, vol. 13277, pp. 315\u2013344. Springer (2022)","DOI":"10.1007\/978-3-031-07082-2_12"},{"issue":"4\u20135","key":"13_CR15","doi-asserted-by":"publisher","first-page":"493","DOI":"10.1002\/(SICI)1521-3978(199806)46:4\/5<493::AID-PROP493>3.0.CO;2-P","volume":"46","author":"M Boyer","year":"1998","unstructured":"Boyer, M., Brassard, G., H\u00f8yer, P., Tapp, A.: Tight bounds on quantum searching. Fortschritte der Physik: Progress of Physics 46(4-5), 493\u2013505 (1998)","journal-title":"Fortschritte der Physik: Progress of Physics"},{"key":"13_CR16","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1090\/conm\/305\/05215","volume":"305","author":"G Brassard","year":"2002","unstructured":"Brassard, G., Hoyer, P., Mosca, M., Tapp, A.: Quantum amplitude amplification and estimation. Contemporary Mathematics 305, 53\u201374 (2002)","journal-title":"Contemporary Mathematics"},{"key":"13_CR17","doi-asserted-by":"crossref","unstructured":"Brassard, G., H\u00f8yer, P., Tapp, A.: Quantum cryptanalysis of hash and claw-free functions. In: LATIN 1998. LNCS, vol.\u00a01380, pp. 163\u2013169. Springer (1998)","DOI":"10.1007\/BFb0054319"},{"key":"13_CR18","doi-asserted-by":"crossref","unstructured":"Canteaut, A., Trabbia, M.: Improved fast correlation attacks using parity-check equations of weight 4 and 5. In: EUROCRYPT 2000, Proceeding. LNCS, vol.\u00a01807, pp. 573\u2013588. Springer (2000)","DOI":"10.1007\/3-540-45539-6_40"},{"key":"13_CR19","unstructured":"Canteut, A.: LFSR-based stream ciphers, https:\/\/www.rocq.inria.fr\/secret\/Anne.Canteaut\/MPRI\/chapter3.pdf (Accessed on September 19, 2024)"},{"key":"13_CR20","doi-asserted-by":"crossref","unstructured":"Chepyzhov, V.V., Johansson, T., Smeets, B.J.M.: A simple algorithm for fast correlation attacks on stream ciphers. In: FSE 2000, Proceedings. LNCS, vol.\u00a01978, pp. 181\u2013195. Springer (2000)","DOI":"10.1007\/3-540-44706-7_13"},{"key":"13_CR21","doi-asserted-by":"crossref","unstructured":"Chepyzhov, V.V., Smeets, B.J.M.: On A fast correlation attack on certain stream ciphers. In: EUROCRYPT \u201991, Proceedings. LNCS, vol.\u00a0547, pp. 176\u2013185. Springer (1991)","DOI":"10.1007\/3-540-46416-6_16"},{"key":"13_CR22","doi-asserted-by":"crossref","unstructured":"Chose, P., Joux, A., Mitton, M.: Fast correlation attacks: An algorithmic point of view. In: EUROCRYPT 2002, Proceedings. LNCS, vol.\u00a02332, pp. 209\u2013221. Springer (2002)","DOI":"10.1007\/3-540-46035-7_14"},{"key":"13_CR23","doi-asserted-by":"crossref","unstructured":"Collard, B., Standaert, F., Quisquater, J.: Improving the time complexity of matsui\u2019s linear cryptanalysis. In: Nam, K., Rhee, G. (eds.) ICISC 2007, Proceedings. LNCS, vol.\u00a04817, pp. 77\u201388. Springer (2007)","DOI":"10.1007\/978-3-540-76788-6_7"},{"issue":"1","key":"13_CR24","doi-asserted-by":"publisher","first-page":"292","DOI":"10.1093\/comjnl\/bxac174","volume":"67","author":"L Ding","year":"2024","unstructured":"Ding, L., Wu, Z., Zhang, G., Shi, T.: Quantum guess and determine attack on stream ciphers. Comput. J. 67(1), 292\u2013303 (2024)","journal-title":"Comput. J."},{"key":"13_CR25","doi-asserted-by":"crossref","unstructured":"Dong, X., Sun, S., Shi, D., Gao, F., Wang, X., Hu, L.: Quantum collision attacks on aes-like hashing with low quantum random access memories. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020, Part II. LNCS, vol. 12492, pp. 727\u2013757. Springer (2020)","DOI":"10.1007\/978-3-030-64834-3_25"},{"key":"13_CR26","unstructured":"ECRYPT: eSTREAM: ECRYPT stream cipher project, https:\/\/www.ecrypt.eu.org\/stream\/"},{"key":"13_CR27","unstructured":"Einsele, S., Wunder, G.: Quantum speed-up of fast correlation attacks against stream ciphers. Crypto day matters 36"},{"key":"13_CR28","doi-asserted-by":"crossref","unstructured":"Ekdahl, P., Johansson, T.: A new version of the stream cipher SNOW. In: SAC 2002, Revised Papers. LNCS, vol.\u00a02595, pp. 47\u201361. Springer (2002)","DOI":"10.1007\/3-540-36492-7_5"},{"issue":"3","key":"13_CR29","doi-asserted-by":"publisher","first-page":"1","DOI":"10.46586\/tosc.v2019.i3.1-42","volume":"2019","author":"P Ekdahl","year":"2019","unstructured":"Ekdahl, P., Johansson, T., Maximov, A., Yang, J.: A new SNOW stream cipher called SNOW-V. IACR Trans. Symmetric Cryptol. 2019(3), 1\u201342 (2019)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR30","doi-asserted-by":"crossref","unstructured":"Ekdahl, P., Maximov, A., Johansson, T., Yang, J.: Snow-vi: an extreme performance variant of SNOW-V for lower grade cpus. In: WiSec 2021. pp. 261\u2013272. ACM (2021)","DOI":"10.1145\/3448300.3467829"},{"key":"13_CR31","unstructured":"ETSI\/SAGE: Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2. Document 2: SNOW 3G Specification. Version 1.1 (2006)"},{"key":"13_CR32","doi-asserted-by":"crossref","unstructured":"Funabiki, Y., Todo, Y., Isobe, T., Morii, M.: Several milp-aided attacks against SNOW 2.0. In: CANS 2018, Proceedings. LNCS, vol. 11124, pp. 394\u2013413. Springer (2018)","DOI":"10.1007\/978-3-030-00434-7_20"},{"issue":"3","key":"13_CR33","doi-asserted-by":"publisher","first-page":"180","DOI":"10.3390\/e20030180","volume":"20","author":"VA Ghafari","year":"2018","unstructured":"Ghafari, V.A., Hu, H.: Fruit-80: A secure ultra-lightweight stream cipher for constrained environments. Entropy 20(3), \u00a0180 (2018)","journal-title":"Entropy"},{"key":"13_CR34","unstructured":"Ghafari, V.A., Hu, H., Chen, Y.: Fruit-v2: Ultra-lightweight stream cipher with shorter internal state. IACR Cryptology ePrint Archive 2016\/355 (2016)"},{"key":"13_CR35","doi-asserted-by":"publisher","first-page":"1663","DOI":"10.1007\/s10623-024-01362-5","volume":"92","author":"X Gong","year":"2024","unstructured":"Gong, X., Hao, Y., Wang, Q.: Combining milp modeling with algebraic bias evaluation for linear mask search: improved fast correlation attacks on snow. Des. Codes Cryptogr. 92, 1663\u20131728 (2024)","journal-title":"Des. Codes Cryptogr."},{"key":"13_CR36","doi-asserted-by":"crossref","unstructured":"Gong, X., Zhang, B.: Fast computation of linear approximation over certain composition functions and applications to SNOW 2.0 and SNOW 3g. Des. Codes Cryptogr. 88(11), 2407\u20132431 (2020)","DOI":"10.1007\/s10623-020-00790-3"},{"key":"13_CR37","doi-asserted-by":"crossref","unstructured":"Gong, X., Zhang, B.: Comparing large-unit and bitwise linear approximations of SNOW 2.0 and SNOW 3g and related attacks. IACR Trans. Symmetric Cryptol. 2021(2), 71\u2013103 (2021)","DOI":"10.46586\/tosc.v2021.i2.71-103"},{"key":"13_CR38","doi-asserted-by":"crossref","unstructured":"Grassi, L., Naya-Plasencia, M., Schrottenloher, A.: Quantum algorithms for the k -xor problem. In: ASIACRYPT 2018, Proceedings, Part I. LNCS, vol. 11272, pp. 527\u2013559. Springer (2018)","DOI":"10.1007\/978-3-030-03326-2_18"},{"key":"13_CR39","doi-asserted-by":"crossref","unstructured":"Grover, L.K.: A Fast Quantum Mechanical Algorithm for Database Search. In: ACM STOC 1996. pp. 212\u2013219. ACM (1996)","DOI":"10.1145\/237814.237866"},{"key":"13_CR40","doi-asserted-by":"crossref","unstructured":"Hell, M., Johansson, T., Maximov, A., Meier, W.: A stream cipher proposal: Grain-128. In: Proceedings 2006 IEEE International Symposium on Information Theory, ISIT 2006, The Westin Seattle, Seattle, Washington, USA, July 9-14, 2006. pp. 1614\u20131618. IEEE (2006)","DOI":"10.1109\/ISIT.2006.261549"},{"key":"13_CR41","doi-asserted-by":"crossref","unstructured":"Hell, M., Johansson, T., Maximov, A., Meier, W.: The Grain family of stream ciphers. In: New Stream Cipher Designs - The eSTREAM Finalists, LNCS, vol.\u00a04986, pp. 179\u2013190. Springer (2008)","DOI":"10.1007\/978-3-540-68351-3_14"},{"key":"13_CR42","unstructured":"Hosoyamada, A.: Quantum algorithms for fast correlation attacks on lfsr-based stream ciphers. IACR Cryptology ePrint Archive 2024\/894 (Full version of this paper)"},{"key":"13_CR43","doi-asserted-by":"crossref","unstructured":"Hosoyamada, A., Sasaki, Y.: Quantum Demirci-Sel\u00e7uk Meet-in-the-Middle Attacks: Applications to 6-Round Generic Feistel Constructions. In: SCN 2018. LNCS, vol. 11035, pp. 386\u2013403. Springer (2018)","DOI":"10.1007\/978-3-319-98113-0_21"},{"key":"13_CR44","doi-asserted-by":"crossref","unstructured":"Hosoyamada, A., Sasaki, Y.: Finding hash collisions with quantum computers by using differential trails with smaller probability than birthday bound. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part II. LNCS, vol. 12106, pp. 249\u2013279. Springer (2020)","DOI":"10.1007\/978-3-030-45724-2_9"},{"key":"13_CR45","unstructured":"ISO\/IEC: 18033-4:2011 Information technology \u2014 Security techniques \u2014 Encryption algorithms. Part 4 Stream Ciphers (2011)"},{"key":"13_CR46","doi-asserted-by":"crossref","unstructured":"Johansson, T., J\u00f6nsson, F.: Fast correlation attacks based on turbo code techniques. In: CRYPTO \u201999, Proceedings. LNCS, vol.\u00a01666, pp. 181\u2013197. Springer (1999)","DOI":"10.1007\/3-540-48405-1_12"},{"key":"13_CR47","doi-asserted-by":"crossref","unstructured":"Johansson, T., J\u00f6nsson, F.: Improved fast correlation attacks on stream ciphers via convolutional codes. In: EUROCRYPT \u201999, Proceeding. LNCS, vol.\u00a01592, pp. 347\u2013362. Springer (1999)","DOI":"10.1007\/3-540-48910-X_24"},{"key":"13_CR48","doi-asserted-by":"crossref","unstructured":"Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Breaking symmetric cryptosystems using quantum period finding. In: CRYPTO 2016, Part II. LNCS, vol. 11693, pp. 207\u2013237. Springer (2016)","DOI":"10.1007\/978-3-662-53008-5_8"},{"issue":"1","key":"13_CR49","doi-asserted-by":"publisher","first-page":"71","DOI":"10.46586\/tosc.v2016.i1.71-94","volume":"2016","author":"M Kaplan","year":"2016","unstructured":"Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Quantum differential and linear cryptanalysis. IACR Trans. Symmetric Cryptol. 2016(1), 71\u201394 (2016)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR50","doi-asserted-by":"crossref","unstructured":"Kuwakado, H., Morii, M.: Quantum distinguisher between the 3-round Feistel cipher and the random permutation. In: ISIT 2010. pp. 2682\u20132685. IEEE (2010)","DOI":"10.1109\/ISIT.2010.5513654"},{"key":"13_CR51","unstructured":"Kuwakado, H., Morii, M.: Security on the quantum-type Even-Mansour cipher. In: ISITA 2012. pp. 312\u2013316. IEEE (2012)"},{"key":"13_CR52","doi-asserted-by":"crossref","unstructured":"Leander, G., May, A.: Grover Meets Simon - Quantumly Attacking the FX-construction. In: ASIACRYPT 2017. LNCS, vol. 10625, pp. 161\u2013178. Springer (2017)","DOI":"10.1007\/978-3-319-70697-9_6"},{"key":"13_CR53","doi-asserted-by":"crossref","unstructured":"Lee, J., Lee, D.H., Park, S.: Cryptanalysis of sosemanuk and SNOW 2.0 using linear masks. In: Pieprzyk, J. (ed.) ASIACRYPT 2008, Proceedings. LNCS, vol.\u00a05350, pp. 524\u2013538. Springer (2008)","DOI":"10.1007\/978-3-540-89255-7_32"},{"key":"13_CR54","volume-title":"Correlation attacks on snow-v-like stream ciphers based on a heuristic milp model","author":"S Ma","year":"2023","unstructured":"Ma, S., Jin, C., Shi, Z., Cui, T., Guan, J.: Correlation attacks on snow-v-like stream ciphers based on a heuristic milp model. IEEE Transactions on Information Theory, Early Access (2023)"},{"key":"13_CR55","doi-asserted-by":"crossref","unstructured":"Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993, Proceedings. LNCS, vol.\u00a0765, pp. 386\u2013397. Springer (1993)","DOI":"10.1007\/3-540-48285-7_33"},{"key":"13_CR56","doi-asserted-by":"crossref","unstructured":"Meier, W.: Fast correlation attacks: Methods and countermeasures. In: FSE 2011, Revised Selected Papers. LNCS, vol.\u00a06733, pp. 55\u201367. Springer (2011)","DOI":"10.1007\/978-3-642-21702-9_4"},{"key":"13_CR57","doi-asserted-by":"crossref","unstructured":"Meier, W., Staffelbach, O.: Fast correlation attacks on stream ciphers (extended abstract). In: EUROCRYPT \u201988, Proceedings. LNCS, vol.\u00a0330, pp. 301\u2013314. Springer (1988)","DOI":"10.1007\/3-540-45961-8_28"},{"key":"13_CR58","doi-asserted-by":"crossref","unstructured":"Mihaljevic, M.J., Fossorier, M.P.C., Imai, H.: Fast correlation attack algorithm with list decoding and an application. In: FSE 2001, Revised Papers. LNCS, vol.\u00a02355, pp. 196\u2013210. Springer (2001)","DOI":"10.1007\/3-540-45473-X_17"},{"key":"13_CR59","doi-asserted-by":"crossref","unstructured":"Mihaljevic, M.J., Golic, J.D.: A fast iterative algorithm for A shift register initial state reconstruction given the nosiy output sequence. In: AUSCRYPT \u201990, Proceedings. LNCS, vol.\u00a0453, pp. 165\u2013175. Springer (1990)","DOI":"10.1007\/BFb0030359"},{"issue":"2","key":"13_CR60","first-page":"52","volume":"2016","author":"V Mikhalev","year":"2016","unstructured":"Mikhalev, V., Armknecht, F., M\u00fcller, C.: On ciphers that continuously access the non-volatile key. IACR Trans. Symmetric Cryptol. 2016(2), 52\u201379 (2016)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR61","unstructured":"Mitzenmacher, M., Upfal, E.: Probability and computing: Randomization and probabilistic techniques in algorithms and data analysis (2nd edition). Cambridge university press (2017)"},{"key":"13_CR62","unstructured":"National Institute of Standards and Technlology: Submission requirements and evaluation criteria for the post-quantum cryptography standardization process (2016), https:\/\/csrc.nist.gov\/CSRC\/media\/ Projects\/Post-Quantum-Cryptography\/documents\/call-for-proposals-final-dec-2016.pdf"},{"key":"13_CR63","doi-asserted-by":"crossref","unstructured":"Naya-Plasencia, M., Schrottenloher, A.: Optimal merging in quantum k-xor and k-xor-sum algorithms. In: EUROCRYPT 2020, Proceedings, Part II. LNCS, vol. 12106, pp. 311\u2013340. Springer (2020)","DOI":"10.1007\/978-3-030-45724-2_11"},{"key":"13_CR64","unstructured":"Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information: 10th Anniversary Edition. Cambridge University Press (2010)"},{"key":"13_CR65","doi-asserted-by":"crossref","unstructured":"Nyberg, K., Wall\u00e9n, J.: Improved linear distinguishers for SNOW 2.0. In: Fast Software Encryption, 13th International Workshop, FSE 2006, Graz, Austria, March 15-17, 2006, Revised Selected Papers. Lecture Notes in Computer Science, vol.\u00a04047, pp. 144\u2013162. Springer (2006)","DOI":"10.1007\/11799313_10"},{"key":"13_CR66","doi-asserted-by":"publisher","DOI":"10.1103\/PhysRevLett.122.020502","volume":"122","author":"YR Sanders","year":"2019","unstructured":"Sanders, Y.R., Low, G.H., Schere, A., Berry, D.W.: Black-box quantum state preparation without arithmetic. Phys. Rev. Lett. 122, 020502 (Jan 2019)","journal-title":"Phys. Rev. Lett."},{"issue":"1 &2","key":"13_CR67","first-page":"65","volume":"17","author":"T Santoli","year":"2017","unstructured":"Santoli, T., Schaffner, C.: Using simon\u2019s algorithm to attack symmetric-key cryptographic primitives. Quantum Inf. Comput. 17(1 &2), 65\u201378 (2017)","journal-title":"Quantum Inf. Comput."},{"key":"13_CR68","doi-asserted-by":"crossref","unstructured":"Schrottenloher, A.: Improved quantum algorithms for the k-xor problem. In: SAC 2021, Revised Selected Papers. LNCS, vol. 13203, pp. 311\u2013331. Springer (2021)","DOI":"10.1007\/978-3-030-99277-4_15"},{"key":"13_CR69","doi-asserted-by":"crossref","unstructured":"Schrottenloher, A.: Quantum linear key-recovery attacks using the QFT. In: CRYPTO 2023, Proceedings, Part V. LNCS, vol. 14085, pp. 258\u2013291. Springer (2023)","DOI":"10.1007\/978-3-031-38554-4_9"},{"key":"13_CR70","unstructured":"Shi, Z., Jin, C., Jin, Y.: Improved linear approximations of SNOW-V and snow-vi. IACR Cryptology ePrint Archive 2021\/1105 (2021)"},{"key":"13_CR71","doi-asserted-by":"crossref","unstructured":"Shi, Z., Jin, C., Zhang, J., Cui, T., Ding, L., Jin, Y.: A correlation attack on full SNOW-V and snow-vi. In: EUROCRYPT 2022, Proceedings, Part III. LNCS, vol. 13277, pp. 34\u201356. Springer (2022)","DOI":"10.1007\/978-3-031-07082-2_2"},{"key":"13_CR72","doi-asserted-by":"crossref","unstructured":"Shor, P.W.: Algorithms for quantum computation: Discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science. pp. 124\u2013134. IEEE Computer Society (1994)","DOI":"10.1109\/SFCS.1994.365700"},{"issue":"5","key":"13_CR73","doi-asserted-by":"publisher","first-page":"776","DOI":"10.1109\/TIT.1984.1056949","volume":"30","author":"T Siegenthaler","year":"1984","unstructured":"Siegenthaler, T.: Correlation-immunity of nonlinear combining functions for cryptographic applications. IEEE Trans. Inf. Theory 30(5), 776\u2013780 (1984)","journal-title":"IEEE Trans. Inf. Theory"},{"key":"13_CR74","doi-asserted-by":"publisher","unstructured":"Simon, D.R.: On the Power of Quantum Computation. In: 35th Annual Symposium on Foundations of Computer Science. pp. 116\u2013123 (1994). https:\/\/doi.org\/10.1109\/SFCS.1994.365701","DOI":"10.1109\/SFCS.1994.365701"},{"key":"13_CR75","doi-asserted-by":"crossref","unstructured":"Todo, Y., Isobe, T., Meier, W., Aoki, K., Zhang, B.: Fast correlation attack revisited - cryptanalysis on full grain-128a, grain-128, and grain-v1. In: Crypto 2018, Proceedings, Part II. LNCS, vol. 10992, pp. 129\u2013159. Springer (2018)","DOI":"10.1007\/978-3-319-96881-0_5"},{"key":"13_CR76","doi-asserted-by":"crossref","unstructured":"Todo, Y., Meier, W., Aoki, K.: On the data limitation of small-state stream ciphers: Correlation attacks on fruit-80 and plantlet. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019, Revised Selected Papers. LNCS, vol. 11959, pp. 365\u2013392. Springer (2019)","DOI":"10.1007\/978-3-030-38471-5_15"},{"key":"13_CR77","unstructured":"Wagner, D.A.: A generalized birthday problem. In: Advances in Cryptology - CRYPTO 2002, 22nd Annual International Cryptology Conference, Santa Barbara, California, USA, August 18-22, 2002, Proceedings. LNCS, vol.\u00a02442, pp. 288\u2013303. Springer (2002)"},{"issue":"6","key":"13_CR78","doi-asserted-by":"publisher","first-page":"1376","DOI":"10.1093\/comjnl\/bxac016","volume":"66","author":"S Wang","year":"2023","unstructured":"Wang, S., Liu, M., Lin, D., Ma, L.: On grain-like small state stream ciphers against fast correlation attacks: Cryptanalysis of plantlet, fruit-v2 and fruit-80. Comput. J. 66(6), 1376\u20131399 (2023)","journal-title":"Comput. J."},{"key":"13_CR79","doi-asserted-by":"crossref","unstructured":"Watanabe, D., Biryukov, A., Canni\u00e8re, C.D.: A distinguishing attack of SNOW 2.0 with linear masking method. In: SAC 2003, Revised Papers. LNCS, vol.\u00a03006, pp. 222\u2013233. Springer (2003)","DOI":"10.1007\/978-3-540-24654-1_16"},{"issue":"4","key":"13_CR80","first-page":"249","volume":"2019","author":"J Yang","year":"2019","unstructured":"Yang, J., Johansson, T., Maximov, A.: Vectorized linear approximations for attacks on SNOW 3g. IACR Trans. Symmetric Cryptol. 2019(4), 249\u2013271 (2019)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR81","doi-asserted-by":"crossref","unstructured":"Zeng, K., Yang, C., Rao, T.R.N.: An improved linear syndrome algorithm in cryptanalysis with applications. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO \u201990, Proceedings. LNCS, vol.\u00a0537, pp. 34\u201347. Springer (1990)","DOI":"10.1007\/3-540-38424-3_3"},{"key":"13_CR82","doi-asserted-by":"crossref","unstructured":"Zhandry, M.: How to construct quantum random functions. In: FOCS. pp. 679\u2013687. IEEE Computer Society (2012)","DOI":"10.1109\/FOCS.2012.37"},{"issue":"4","key":"13_CR83","doi-asserted-by":"publisher","first-page":"83","DOI":"10.46586\/tosc.v2023.i4.83-111","volume":"2023","author":"B Zhang","year":"2023","unstructured":"Zhang, B., Liu, R., Gong, X., Jiao, L.: Improved fast correlation attacks on the Sosemanuk stream cipher. IACR Trans. Symmetric Cryptol. 2023(4), 83\u2013111 (2023)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR84","doi-asserted-by":"crossref","unstructured":"Zhang, B., Xu, C., Meier, W.: Fast correlation attacks over extension fields, large-unit linear approximation and cryptanalysis of SNOW 2.0. In: CRYPTO 2015, Proceedings, Part I. LNCS, vol.\u00a09215, pp. 643\u2013662. Springer (2015)","DOI":"10.1007\/978-3-662-47989-6_31"},{"issue":"10","key":"13_CR85","doi-asserted-by":"publisher","first-page":"2449","DOI":"10.1007\/s10623-022-01090-8","volume":"90","author":"Z Zhou","year":"2022","unstructured":"Zhou, Z., Feng, D., Zhang, B.: Efficient and extensive search for precise linear approximations with high correlations of full SNOW-V. Des. Codes Cryptogr. 90(10), 2449\u20132479 (2022)","journal-title":"Des. Codes Cryptogr."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2024"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-96-0944-4_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,11]],"date-time":"2024-12-11T06:12:52Z","timestamp":1733897572000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-96-0944-4_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,12]]},"ISBN":["9789819609437","9789819609444"],"references-count":85,"URL":"https:\/\/doi.org\/10.1007\/978-981-96-0944-4_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2024,12,12]]},"assertion":[{"value":"12 December 2024","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Kolkata","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"India","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 December 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"14 December 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"30","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}