{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,6]],"date-time":"2026-05-06T10:54:21Z","timestamp":1778064861782,"version":"3.51.4"},"publisher-location":"Singapore","reference-count":54,"publisher":"Springer Nature Singapore","isbn-type":[{"value":"9789819987269","type":"print"},{"value":"9789819987276","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-8727-6_13","type":"book-chapter","created":{"date-parts":[[2023,12,17]],"date-time":"2023-12-17T08:02:20Z","timestamp":1702800140000},"page":"370-404","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":11,"title":["Automated Meet-in-the-Middle Attack Goes to\u00a0Feistel"],"prefix":"10.1007","author":[{"given":"Qingliang","family":"Hou","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaoyang","family":"Dong","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lingyue","family":"Qin","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Guoyan","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Xiaoyun","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,12,18]]},"reference":[{"key":"13_CR1","doi-asserted-by":"crossref","unstructured":"Amzaleg, D., Dinur, I.: Refined cryptanalysis of the GPRS ciphers GEA-1 and GEA-2. IACR Cryptology ePrint Archive, Paper 2022\/424 (2022)","DOI":"10.1007\/978-3-031-07082-2_3"},{"key":"13_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"578","DOI":"10.1007\/978-3-642-10366-7_34","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2009","author":"K Aoki","year":"2009","unstructured":"Aoki, K., Guo, J., Matusiewicz, K., Sasaki, Yu., Wang, L.: Preimages for step-reduced SHA-2. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 578\u2013597. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-10366-7_34"},{"key":"13_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/978-3-642-04159-4_7","volume-title":"Selected Areas in Cryptography","author":"K Aoki","year":"2009","unstructured":"Aoki, K., Sasaki, Yu.: Preimage attacks on one-block MD4, 63-step MD5 and more. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 103\u2013119. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04159-4_7"},{"key":"13_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1007\/978-3-642-04159-4_8","volume-title":"Selected Areas in Cryptography","author":"J-P Aumasson","year":"2009","unstructured":"Aumasson, J.-P., Meier, W., Mendel, F.: Preimage attacks on 3-pass HAVAL and step-reduced MD5. In: Avanzi, R.M., Keliher, L., Sica, F. (eds.) SAC 2008. LNCS, vol. 5381, pp. 120\u2013135. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04159-4_8"},{"key":"13_CR5","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"303","DOI":"10.1007\/978-3-030-92062-3_11","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2021","author":"S Banik","year":"2021","unstructured":"Banik, S., Barooti, K., Vaudenay, S., Yan, H.: New attacks on\u00a0LowMC instances with\u00a0a\u00a0single plaintext\/ciphertext pair. In: Tibouchi, M., Wang, H. (eds.) ASIACRYPT 2021. LNCS, vol. 13090, pp. 303\u2013331. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-92062-3_11"},{"key":"13_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"771","DOI":"10.1007\/978-3-030-77870-5_27","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2021","author":"Z Bao","year":"2021","unstructured":"Bao, Z., et al.: Automatic search of meet-in-the-middle preimage attacks on AES-like hashing. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 771\u2013804. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77870-5_27"},{"key":"13_CR7","doi-asserted-by":"publisher","unstructured":"Bao, Z., Guo, J., Shi, D., Tu, Y.: Superposition meet-in-the-middle attacks: updates on fundamental security of AES-like hashing. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology, CRYPTO 2022. LNCS, vol. 13507, pp. 64\u201393. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15802-5_3","DOI":"10.1007\/978-3-031-15802-5_3"},{"key":"13_CR8","unstructured":"Barreto, P.S.L.M., Rijmen, V.: The WHIRLPOOL hashing function. Submitted to NESSIE (2000)"},{"issue":"S1","key":"13_CR9","doi-asserted-by":"publisher","first-page":"208","DOI":"10.46586\/tosc.v2020.iS1.208-261","volume":"2020","author":"C Beierle","year":"2020","unstructured":"Beierle, C., et al.: Lightweight AEAD and hashing using the sparkle permutation family. IACR Trans. Symmetric Cryptol. 2020(S1), 208\u2013261 (2020)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/978-3-030-77886-6_6","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2021","author":"C Beierle","year":"2021","unstructured":"Beierle, C., et al.: Cryptanalysis of the GPRS encryption algorithms GEA-1 and GEA-2. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12697, pp. 155\u2013183. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-77886-6_6"},{"key":"13_CR11","unstructured":"Benadjila, R., et al.: SHA-3 proposal: ECHO. Submission to NIST (updated), p. 113 (2009)"},{"key":"13_CR12","unstructured":"Bertoni, G., Daemen, J., Peeters, M., Van Assche, G.: Keccak sponge function family main document. Submission to NIST (Round 2), vol. 3, no. 30, pp. 320\u2013337 (2009)"},{"key":"13_CR13","doi-asserted-by":"crossref","unstructured":"Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique cryptanalysis of the full AES. In: Proceedings of the ASIACRYPT 2011, pp. 344\u2013371 (2011)","DOI":"10.1007\/978-3-642-25385-0_19"},{"key":"13_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"229","DOI":"10.1007\/978-3-642-19574-7_16","volume-title":"Selected Areas in Cryptography","author":"A Bogdanov","year":"2011","unstructured":"Bogdanov, A., Rechberger, C.: A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN. In: Biryukov, A., Gong, G., Stinson, D.R. (eds.) SAC 2010. LNCS, vol. 6544, pp. 229\u2013240. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-19574-7_16"},{"key":"13_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"169","DOI":"10.1007\/978-3-642-22792-9_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2011","author":"C Bouillaguet","year":"2011","unstructured":"Bouillaguet, C., Derbez, P., Fouque, P.-A.: Automatic search of attacks on round-reduced AES and applications. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 169\u2013187. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-22792-9_10"},{"key":"13_CR16","doi-asserted-by":"crossref","unstructured":"Boura, C., David, N., Derbez, P., Leander, G., Naya-Plasencia, M.: Differential meet-in-the-middle cryptanalysis. IACR Cryptology ePrint Archive, Paper 2022\/1640 (2022)","DOI":"10.1007\/978-3-031-38548-3_9"},{"key":"13_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"222","DOI":"10.1007\/978-3-642-40041-4_13","volume-title":"Advances in Cryptology \u2013 CRYPTO 2013","author":"A Canteaut","year":"2013","unstructured":"Canteaut, A., Naya-Plasencia, M., Vayssi\u00e8re, B.: Sieve-in-the-middle: improved MITM attacks. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 222\u2013240. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-40041-4_13"},{"issue":"3","key":"13_CR18","doi-asserted-by":"publisher","first-page":"243","DOI":"10.1147\/rd.383.0243","volume":"38","author":"D Coppersmith","year":"1994","unstructured":"Coppersmith, D.: The data encryption standard (DES) and its strength against attacks. IBM J. Res. Dev. 38(3), 243\u2013250 (1994)","journal-title":"IBM J. Res. Dev."},{"key":"13_CR19","series-title":"Information Security and Cryptography","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-04722-4","volume-title":"The Design of Rijndael: AES - The Advanced Encryption Standard","author":"J Daemen","year":"2002","unstructured":"Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. ISC, Springer, Heidelberg (2002). https:\/\/doi.org\/10.1007\/978-3-662-04722-4"},{"key":"13_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"416","DOI":"10.1007\/0-387-34805-0_39","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"IB Damg\u00e5rd","year":"1990","unstructured":"Damg\u00e5rd, I.B.: A design principle for hash functions. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 416\u2013427. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_39"},{"key":"13_CR21","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"157","DOI":"10.1007\/978-3-662-53008-5_6","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"P Derbez","year":"2016","unstructured":"Derbez, P., Fouque, P.-A.: Automatic search of meet-in-the-middle and impossible differential attacks. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part II. LNCS, vol. 9815, pp. 157\u2013184. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53008-5_6"},{"issue":"6","key":"13_CR22","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1109\/C-M.1977.217750","volume":"10","author":"W Diffie","year":"1977","unstructured":"Diffie, W., Hellman, M.E.: Special feature exhaustive cryptanalysis of the NBS data encryption standard. Computer 10(6), 74\u201384 (1977)","journal-title":"Computer"},{"key":"13_CR23","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"719","DOI":"10.1007\/978-3-642-32009-5_42","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"I Dinur","year":"2012","unstructured":"Dinur, I., Dunkelman, O., Keller, N., Shamir, A.: Efficient dissection of composite problems, with applications to cryptanalysis, knapsacks, and combinatorial search problems. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 719\u2013740. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_42"},{"key":"13_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"278","DOI":"10.1007\/978-3-030-84252-9_10","volume-title":"Advances in Cryptology \u2013 CRYPTO 2021","author":"X Dong","year":"2021","unstructured":"Dong, X., Hua, J., Sun, S., Li, Z., Wang, X., Hu, L.: Meet-in-the-middle attacks revisited: key-recovery, collision, and preimage attacks. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12827, pp. 278\u2013308. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_10"},{"key":"13_CR25","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1007\/978-3-540-77026-8_8","volume-title":"Progress in Cryptology \u2013 INDOCRYPT 2007","author":"O Dunkelman","year":"2007","unstructured":"Dunkelman, O., Sekar, G., Preneel, B.: Improved meet-in-the-middle attacks on reduced-round DES. In: Srinathan, K., Rangan, C.P., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 86\u2013100. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-77026-8_8"},{"key":"13_CR26","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"683","DOI":"10.1007\/978-3-662-47989-6_33","volume-title":"Advances in Cryptology \u2013 CRYPTO 2015","author":"T Espitau","year":"2015","unstructured":"Espitau, T., Fouque, P.-A., Karpman, P.: Higher-order differential meet-in-the-middle preimage attacks on SHA-1 and BLAKE. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part I. LNCS, vol. 9215, pp. 683\u2013701. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-47989-6_33"},{"key":"13_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"61","DOI":"10.1007\/978-3-662-46706-0_4","volume-title":"Fast Software Encryption","author":"T Fuhr","year":"2015","unstructured":"Fuhr, T., Minaud, B.: Match box meet-in-the-middle attack against KATAN. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 61\u201381. Springer, Heidelberg (2015). https:\/\/doi.org\/10.1007\/978-3-662-46706-0_4"},{"key":"13_CR28","unstructured":"Gauravaram, P., Knudsen, L.R., Matusiewicz, K., Mendel, F., Rechberger, C., Schl\u00e4ffer, M., Thomsen, S.S.: Gr\u00f8stl - a SHA-3 candidate. In: Symmetric Cryptography (2009)"},{"key":"13_CR29","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1007\/978-3-662-53887-6_4","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2016","author":"S Gueron","year":"2016","unstructured":"Gueron, S., Mouha, N.: Simpira\u00a0v2: a family of efficient permutations using the AES round function. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016, Part I. LNCS, vol. 10031, pp. 95\u2013125. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53887-6_4"},{"key":"13_CR30","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1007\/978-3-642-17373-8_4","volume-title":"Advances in Cryptology - ASIACRYPT 2010","author":"J Guo","year":"2010","unstructured":"Guo, J., Ling, S., Rechberger, C., Wang, H.: Advanced meet-in-the-middle preimage attacks: first results on full tiger, and improved results on MD4 and SHA-2. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 56\u201375. Springer, Heidelberg (2010). https:\/\/doi.org\/10.1007\/978-3-642-17373-8_4"},{"key":"13_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"151","DOI":"10.1007\/978-3-642-24209-0_10","volume-title":"Information Security and Cryptology - ICISC 2010","author":"S Hirose","year":"2011","unstructured":"Hirose, S., Ideguchi, K., Kuwakado, H., Owada, T., Preneel, B., Yoshida, H.: A lightweight 256-bit hash function for hardware and low-end devices: Lesamnta-LW. In: Rhee, K.-H., Nyang, D.H. (eds.) ICISC 2010. LNCS, vol. 6829, pp. 151\u2013168. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-24209-0_10"},{"key":"13_CR32","unstructured":"Hou, Q., Dong, X., Qin, L., Zhang, G., Wang, X.: Automated meet-in-the-middle attack goes to Feistel. Cryptology ePrint Archive, Paper 2023\/1359 (2023). https:\/\/eprint.iacr.org\/2023\/1359"},{"key":"13_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-540-78967-3_1","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2008","author":"S Indesteege","year":"2008","unstructured":"Indesteege, S., Keller, N., Dunkelman, O., Biham, E., Preneel, B.: A practical attack on KeeLoq. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 1\u201318. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-78967-3_1"},{"issue":"1","key":"13_CR34","doi-asserted-by":"publisher","first-page":"172","DOI":"10.1007\/s00145-012-9118-5","volume":"26","author":"T Isobe","year":"2013","unstructured":"Isobe, T.: A single-key attack on the full GOST block cipher. J. Cryptol. 26(1), 172\u2013189 (2013)","journal-title":"J. Cryptol."},{"issue":"2","key":"13_CR35","doi-asserted-by":"publisher","first-page":"115","DOI":"10.46586\/tches.v2023.i2.115-154","volume":"2023","author":"T Isobe","year":"2023","unstructured":"Isobe, T., et al.: Areion: highly-efficient permutations and its applications to hash functions for short input. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2023(2), 115\u2013154 (2023)","journal-title":"IACR Trans. Cryptogr. Hardw. Embed. Syst."},{"key":"13_CR36","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1007\/978-3-642-32009-5_22","volume-title":"Advances in Cryptology \u2013 CRYPTO 2012","author":"S Knellwolf","year":"2012","unstructured":"Knellwolf, S., Khovratovich, D.: New preimage attacks against reduced SHA-1. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 367\u2013383. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-32009-5_22"},{"issue":"2","key":"13_CR37","first-page":"1","volume":"2016","author":"S K\u00f6lbl","year":"2016","unstructured":"K\u00f6lbl, S., Lauridsen, M.M., Mendel, F., Rechberger, C.: Haraka v2 - efficient short-input hashing for post-quantum applications. IACR Trans. Symmetric Cryptol. 2016(2), 1\u201329 (2016)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"13_CR38","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"55","DOI":"10.1007\/3-540-47555-9_5","volume-title":"Advances in Cryptology \u2014 EUROCRYPT\u2019 92","author":"X Lai","year":"1993","unstructured":"Lai, X., Massey, J.L.: Hash functions based on block ciphers. In: Rueppel, R.A. (ed.) EUROCRYPT 1992. LNCS, vol. 658, pp. 55\u201370. Springer, Heidelberg (1993). https:\/\/doi.org\/10.1007\/3-540-47555-9_5"},{"key":"13_CR39","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"412","DOI":"10.1007\/978-3-540-71039-4_26","volume-title":"Fast Software Encryption","author":"G Leurent","year":"2008","unstructured":"Leurent, G.: MD4 is not one-way. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 412\u2013428. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-71039-4_26"},{"key":"13_CR40","doi-asserted-by":"publisher","unstructured":"Liu, F., Sarkar, S., Wang, G., Meier, W., Isobe, T.: Algebraic meet-in-the-middle attack on LowMC. In: Agrawal, S., Lin, D. (eds.) Advances in Cryptology, ASIACRYPT 2022, Part I. LNCS, vol. 13791, pp. 225\u2013255. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-22963-3_8","DOI":"10.1007\/978-3-031-22963-3_8"},{"key":"13_CR41","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"239","DOI":"10.1007\/3-540-69710-1_16","volume-title":"Fast Software Encryption","author":"S Lucks","year":"1998","unstructured":"Lucks, S.: Attacking triple encryption. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, pp. 239\u2013253. Springer, Heidelberg (1998). https:\/\/doi.org\/10.1007\/3-540-69710-1_16"},{"key":"13_CR42","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"218","DOI":"10.1007\/0-387-34805-0_21","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"RC Merkle","year":"1990","unstructured":"Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218\u2013238. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_21"},{"key":"13_CR43","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1007\/3-540-48329-2_31","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 93","author":"B Preneel","year":"1994","unstructured":"Preneel, B., Govaerts, R., Vandewalle, J.: Hash functions based on block ciphers: a synthetic approach. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 368\u2013378. Springer, Heidelberg (1994). https:\/\/doi.org\/10.1007\/3-540-48329-2_31"},{"key":"13_CR44","doi-asserted-by":"publisher","unstructured":"Qin, L., Hua, J., Dong, X., Yan, H., Wang, X.: Meet-in-the-middle preimage attacks on sponge-based hashing. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology, EUROCRYPT 2023, Part IV. LNCS, vol. 14007, pp. 158\u2013188. Springer, Cham (2023). https:\/\/doi.org\/10.1007\/978-3-031-30634-1_6","DOI":"10.1007\/978-3-031-30634-1_6"},{"key":"13_CR45","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"227","DOI":"10.1007\/978-3-319-97916-8_15","volume-title":"Advances in Information and Computer Security","author":"Yu Sasaki","year":"2018","unstructured":"Sasaki, Yu.: Integer linear programming for three-subset meet-in-the-middle attacks: application to GIFT. In: Inomata, A., Yasuda, K. (eds.) IWSEC 2018. LNCS, vol. 11049, pp. 227\u2013243. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-97916-8_15"},{"key":"13_CR46","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"378","DOI":"10.1007\/978-3-642-21702-9_22","volume-title":"Fast Software Encryption","author":"Yu Sasaki","year":"2011","unstructured":"Sasaki, Yu.: Meet-in-the-middle preimage attacks on AES hashing modes and an application to Whirlpool. In: Joux, A. (ed.) FSE 2011. LNCS, vol. 6733, pp. 378\u2013396. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-21702-9_22"},{"key":"13_CR47","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"170","DOI":"10.1007\/978-3-642-38980-1_11","volume-title":"Applied Cryptography and Network Security","author":"Yu Sasaki","year":"2013","unstructured":"Sasaki, Yu.: Preimage attacks on Feistel-SP functions: impact of omitting the last network twist. In: Jacobson, M., Locasto, M., Mohassel, P., Safavi-Naini, R. (eds.) ACNS 2013. LNCS, vol. 7954, pp. 170\u2013185. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-38980-1_11"},{"key":"13_CR48","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"253","DOI":"10.1007\/978-3-540-89255-7_16","volume-title":"Advances in Cryptology - ASIACRYPT 2008","author":"Yu Sasaki","year":"2008","unstructured":"Sasaki, Yu., Aoki, K.: Preimage attacks on 3, 4, and 5-pass HAVAL. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 253\u2013271. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-89255-7_16"},{"key":"13_CR49","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"134","DOI":"10.1007\/978-3-642-01001-9_8","volume-title":"Advances in Cryptology - EUROCRYPT 2009","author":"Yu Sasaki","year":"2009","unstructured":"Sasaki, Yu., Aoki, K.: Finding preimages in full MD5 faster than exhaustive search. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 134\u2013152. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-01001-9_8"},{"key":"13_CR50","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"562","DOI":"10.1007\/978-3-642-34961-4_34","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"Yu Sasaki","year":"2012","unstructured":"Sasaki, Yu., Wang, L., Wu, S., Wu, W.: Investigating fundamental security requirements on whirlpool: improved preimage and collision attacks. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 562\u2013579. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_34"},{"key":"13_CR51","doi-asserted-by":"publisher","unstructured":"Schrottenloher, A., Stevens, M.: Simplified MITM modeling for permutations: new (quantum) attacks. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology, CRYPTO 2022, Part III. LNCS, vol. 13509, pp. 717\u2013747. Springer, Cham (2022). https:\/\/doi.org\/10.1007\/978-3-031-15982-4_24","DOI":"10.1007\/978-3-031-15982-4_24"},{"key":"13_CR52","doi-asserted-by":"crossref","unstructured":"Schrottenloher, A., Stevens, M.: Simplified MITM modeling for permutations: new (quantum) attacks. IACR Cryptology ePrint Archive, Paper 2022\/189 (2022)","DOI":"10.1007\/978-3-031-15982-4_24"},{"key":"13_CR53","doi-asserted-by":"publisher","unstructured":"Wu, S., Feng, D., Wu, W., Guo, J., Dong, L., Zou, J.: (Pseudo) preimage attack on round-reduced Gr\u00f8stl hash function and others. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 127\u2013145. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34047-5_8","DOI":"10.1007\/978-3-642-34047-5_8"},{"key":"13_CR54","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"461","DOI":"10.1007\/0-387-34805-0_42","volume-title":"Advances in Cryptology \u2014 CRYPTO\u2019 89 Proceedings","author":"Y Zheng","year":"1990","unstructured":"Zheng, Y., Matsumoto, T., Imai, H.: On the construction of block ciphers provably secure and not relying on any unproved hypotheses. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 461\u2013480. Springer, New York (1990). https:\/\/doi.org\/10.1007\/0-387-34805-0_42"}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-8727-6_13","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T01:02:39Z","timestamp":1765933359000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-8727-6_13"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819987269","9789819987276"],"references-count":54,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-8727-6_13","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"18 December 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"375","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"106","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}