{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T01:04:32Z","timestamp":1765933472484,"version":"3.48.0"},"publisher-location":"Singapore","reference-count":35,"publisher":"Springer Nature Singapore","isbn-type":[{"type":"print","value":"9789819987269"},{"type":"electronic","value":"9789819987276"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-981-99-8727-6_6","type":"book-chapter","created":{"date-parts":[[2023,12,17]],"date-time":"2023-12-17T08:02:20Z","timestamp":1702800140000},"page":"169-189","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Forgery Attacks on\u00a0Several Beyond-Birthday-Bound Secure MACs"],"prefix":"10.1007","author":[{"given":"Yaobin","family":"Shen","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Fran\u00e7ois-Xavier","family":"Standaert","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Lei","family":"Wang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,12,18]]},"reference":[{"key":"6_CR1","unstructured":"Iso\/iec 9797\u20133:2011 information technology - security techniques - message authentication codes (macs) - part 3: Mechanisms using a universal hash-function. International Standard ISO\/IEC 9797\u20133 (2011)"},{"key":"6_CR2","unstructured":"Iso\/iec 19772:2020 information security - authenticated encryption. International Standard ISO\/IEC 19772 (2020)"},{"key":"6_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"321","DOI":"10.1007\/978-3-319-66787-4_16","volume-title":"Cryptographic Hardware and Embedded Systems \u2013 CHES 2017","author":"S Banik","year":"2017","unstructured":"Banik, S., Pandey, S.K., Peyrin, T., Sasaki, Yu., Sim, S.M., Todo, Y.: GIFT: a small present - towards reaching the limit of lightweight encryption. In: Fischer, W., Homma, N. (eds.) CHES 2017. LNCS, vol. 10529, pp. 321\u2013345. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-66787-4_16"},{"key":"6_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"531","DOI":"10.1007\/3-540-44448-3_41","volume-title":"Advances in Cryptology \u2014 ASIACRYPT 2000","author":"M Bellare","year":"2000","unstructured":"Bellare, M., Namprempre, C.: Authenticated encryption: relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531\u2013545. Springer, Heidelberg (2000). https:\/\/doi.org\/10.1007\/3-540-44448-3_41"},{"key":"6_CR5","unstructured":"Bernstein, D.J.: Polynomial evaluation and message authentication. http:\/\/cr.yp.to\/papers.html#pema.IDb1ef3f2d385a926123e1517392e20f8c. Citations in this document 2 (2007)"},{"key":"6_CR6","doi-asserted-by":"publisher","unstructured":"Bhargavan, K., Leurent, G.: On the practical (in-)security of 64-bit block ciphers: collision attacks on HTTP over TLS and openvpn. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, October 24\u201328, 2016, pp. 456\u2013467 (2016). https:\/\/doi.org\/10.1145\/2976749.2978423","DOI":"10.1145\/2976749.2978423"},{"key":"6_CR7","doi-asserted-by":"crossref","unstructured":"Bhattacharya, S., Nandi, M.: Revisiting variable output length XOR pseudorandom function. IACR Trans. Symmetric Cryptol. 2018(1), 314\u2013335 (2018). https:\/\/doi.org\/10.13154\/tosc.v2018.i1.314-335","DOI":"10.46586\/tosc.v2018.i1.314-335"},{"key":"6_CR8","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"450","DOI":"10.1007\/978-3-540-74735-2_31","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2007","author":"A Bogdanov","year":"2007","unstructured":"Bogdanov, A., et al.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450\u2013466. Springer, Heidelberg (2007). https:\/\/doi.org\/10.1007\/978-3-540-74735-2_31"},{"key":"6_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"208","DOI":"10.1007\/978-3-642-34961-4_14","volume-title":"Advances in Cryptology \u2013 ASIACRYPT 2012","author":"J Borghoff","year":"2012","unstructured":"Borghoff, J., Canteaut, A., G\u00fcneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yal\u00e7\u0131n, T.: PRINCE \u2013 a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208\u2013225. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34961-4_14"},{"key":"6_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"272","DOI":"10.1007\/978-3-642-04138-9_20","volume-title":"Cryptographic Hardware and Embedded Systems - CHES 2009","author":"C De Canni\u00e8re","year":"2009","unstructured":"De Canni\u00e8re, C., Dunkelman, O., Kne\u017eevi\u0107, M.: KATAN and KTANTAN \u2014 a family of small and efficient hardware-oriented block ciphers. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 272\u2013288. Springer, Heidelberg (2009). https:\/\/doi.org\/10.1007\/978-3-642-04138-9_20"},{"key":"6_CR11","doi-asserted-by":"crossref","unstructured":"Chakraborti, A., Nandi, M., Talnikar, S., Yasuda, K.: On the composition of single-keyed tweakable even-mansour for achieving BBB security. IACR Trans. Symmetric Cryptol. 2020(2), 1\u201339 (2020). https:\/\/doi.org\/10.13154\/tosc.v2020.i2.1-39","DOI":"10.46586\/tosc.v2020.i2.1-39"},{"issue":"5","key":"6_CR12","doi-asserted-by":"publisher","first-page":"1145","DOI":"10.1007\/s12095-022-00571-w","volume":"14","author":"YL Chen","year":"2022","unstructured":"Chen, Y.L., Dutta, A., Nandi, M.: Multi-user BBB security of public permutations based MAC. Cryptogr. Commun. 14(5), 1145\u20131177 (2022). https:\/\/doi.org\/10.1007\/s12095-022-00571-w","journal-title":"Cryptogr. Commun."},{"key":"6_CR13","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"121","DOI":"10.1007\/978-3-662-53018-4_5","volume-title":"Advances in Cryptology \u2013 CRYPTO 2016","author":"B Cogliati","year":"2016","unstructured":"Cogliati, B., Seurin, Y.: EWCDM: an efficient, beyond-birthday secure, nonce-misuse resistant MAC. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9814, pp. 121\u2013149. Springer, Heidelberg (2016). https:\/\/doi.org\/10.1007\/978-3-662-53018-4_5"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Datta, N., Dutta, A., Nandi, M., Paul, G.: Double-block hash-then-sum: a paradigm for constructing BBB secure PRF. IACR Trans. Symmetric Cryptol. 2018(3), 36\u201392 (2018). https:\/\/doi.org\/10.13154\/tosc.v2018.i3.36-92","DOI":"10.46586\/tosc.v2018.i3.36-92"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Datta, N., Dutta, A., Nandi, M., Talnikar, S.: Tight multi-user security bound of sfdbhts. IACR Trans. Symmetric Cryptol. 2023(1), 192\u2013223 (2023), https:\/\/doi.org\/10.46586\/tosc.v2023.i1.192-223","DOI":"10.46586\/tosc.v2023.i1.192-223"},{"key":"6_CR16","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"631","DOI":"10.1007\/978-3-319-96884-1_21","volume-title":"Advances in Cryptology \u2013 CRYPTO 2018","author":"N Datta","year":"2018","unstructured":"Datta, N., Dutta, A., Nandi, M., Yasuda, K.: Encrypt or decrypt? to make a single-key beyond birthday secure nonce-based MAC. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10991, pp. 631\u2013661. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-96884-1_21"},{"key":"6_CR17","doi-asserted-by":"crossref","unstructured":"Datta, N., Dutta, A., Nandi, M., Yasuda, K.: Encrypt or decrypt? to make a single-key beyond birthday secure nonce-based MAC. IACR Cryptol. ePrint Arch. p. 500 (2018). https:\/\/eprint.iacr.org\/2018\/500","DOI":"10.1007\/978-3-319-96884-1_21"},{"key":"6_CR18","doi-asserted-by":"crossref","unstructured":"Dutta, A., Jha, A., Nandi, M.: Tight security analysis of ehtm MAC. IACR Trans. Symmetric Cryptol. 2017(3), 130\u2013150 (2017). https:\/\/doi.org\/10.13154\/tosc.v2017.i3.130-150","DOI":"10.46586\/tosc.v2017.i3.130-150"},{"key":"6_CR19","doi-asserted-by":"crossref","unstructured":"Dutta, A., Nandi, M., Talnikar, S.: Beyond birthday bound secure MAC in faulty nonce model. IACR Cryptol. ePrint Arch., p. 127 (2019). https:\/\/eprint.iacr.org\/2019\/127","DOI":"10.1007\/978-3-030-17653-2_15"},{"key":"6_CR20","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"437","DOI":"10.1007\/978-3-030-17653-2_15","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2019","author":"A Dutta","year":"2019","unstructured":"Dutta, A., Nandi, M., Talnikar, S.: Beyond birthday bound secure MAC in faulty nonce model. In: Ishai, Y., Rijmen, V. (eds.) EUROCRYPT 2019. LNCS, vol. 11476, pp. 437\u2013466. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-17653-2_15"},{"key":"6_CR21","doi-asserted-by":"crossref","unstructured":"Dworkin, M.: Recommendation for block cipher modes of operation: Galois\/counter mode (gcm) and gmac. NIST Special Publication 800\u201338D (2007)","DOI":"10.6028\/NIST.SP.800-38d"},{"key":"6_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"144","DOI":"10.1007\/978-3-540-85174-5_9","volume-title":"Advances in Cryptology \u2013 CRYPTO 2008","author":"H Handschuh","year":"2008","unstructured":"Handschuh, H., Preneel, B.: Key-recovery attacks on universal hash function based MAC algorithms. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 144\u2013161. Springer, Heidelberg (2008). https:\/\/doi.org\/10.1007\/978-3-540-85174-5_9"},{"key":"6_CR23","unstructured":"Information technology - Security techniques - Message Authentication Codes (MACs) - Part 3: Mechanisms using a universal hash-function. Iso\/iec 9797\u20133:2011 (2011)"},{"key":"6_CR24","doi-asserted-by":"publisher","unstructured":"Iwata, T.: New blockcipher modes of operation with beyond the birthday bound security. In: Fast Software Encryption, 13th International Workshop, FSE 2006, Graz, Austria, March 15\u201317, 2006, Revised Selected Papers, pp. 310\u2013327 (2006). https:\/\/doi.org\/10.1007\/11799313_20","DOI":"10.1007\/11799313_20"},{"key":"6_CR25","doi-asserted-by":"crossref","unstructured":"Iwata, T.: New blockcipher modes of operation with beyond the birthday bound security. IACR Cryptol. ePrint Arch., p. 188 (2006). http:\/\/eprint.iacr.org\/2006\/188","DOI":"10.1007\/11799313_20"},{"key":"6_CR26","unstructured":"Jean, J.: TikZ for Cryptographers (2023). https:\/\/www.iacr.org\/authors\/tikz\/"},{"key":"6_CR27","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1007\/978-3-030-45721-1_16","volume-title":"Advances in Cryptology \u2013 EUROCRYPT 2020","author":"S Kim","year":"2020","unstructured":"Kim, S., Lee, B., Lee, J.: Tight security bounds for double-block hash-then-sum MACs. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12105, pp. 435\u2013465. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-45721-1_16"},{"key":"6_CR28","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"343","DOI":"10.1007\/978-3-540-30556-9_27","volume-title":"Progress in Cryptology - INDOCRYPT 2004","author":"DA McGrew","year":"2004","unstructured":"McGrew, D.A., Viega, J.: The security and performance of the galois\/counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) INDOCRYPT 2004. LNCS, vol. 3348, pp. 343\u2013355. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-30556-9_27"},{"key":"6_CR29","doi-asserted-by":"crossref","unstructured":"McGrew, D.A., Viega, J.: The security and performance of the galois\/counter mode of operation (full version). IACR Cryptol. ePrint Arch., p. 193 (2004). http:\/\/eprint.iacr.org\/2004\/193","DOI":"10.1007\/978-3-540-30556-9_27"},{"key":"6_CR30","doi-asserted-by":"crossref","unstructured":"McGrew, D.A., Viega, J.: The use of galois message authentication code (GMAC) in ipsec ESP and AH. RFC 4543, 1\u201314 (2006). https:\/\/doi.org\/10.17487\/RFC4543","DOI":"10.17487\/rfc4543"},{"key":"6_CR31","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"556","DOI":"10.1007\/978-3-319-63697-9_19","volume-title":"Advances in Cryptology \u2013 CRYPTO 2017","author":"B Mennink","year":"2017","unstructured":"Mennink, B., Neves, S.: Encrypted Davies-Meyer and its dual: towards optimal security using mirror theory. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10403, pp. 556\u2013583. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-63697-9_19"},{"key":"6_CR32","doi-asserted-by":"publisher","unstructured":"Minematsu, K.: How to thwart birthday attacks against macs via small randomness. In: Fast Software Encryption, 17th International Workshop, FSE 2010, Seoul, Korea, February 7\u201310, 2010, Revised Selected Papers, pp. 230\u2013249 (2010). https:\/\/doi.org\/10.1007\/978-3-642-13858-4_13","DOI":"10.1007\/978-3-642-13858-4_13"},{"key":"6_CR33","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1007\/978-3-642-25516-8_24","volume-title":"Cryptography and Coding","author":"K Minematsu","year":"2011","unstructured":"Minematsu, K., Iwata, T.: Building blockcipher from tweakable blockcipher: extending FSE 2009 proposal. In: Chen, L. (ed.) IMACC 2011. LNCS, vol. 7089, pp. 391\u2013412. Springer, Heidelberg (2011). https:\/\/doi.org\/10.1007\/978-3-642-25516-8_24"},{"key":"6_CR34","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"313","DOI":"10.1007\/3-540-68697-5_24","volume-title":"Advances in Cryptology \u2014 CRYPTO \u201996","author":"V Shoup","year":"1996","unstructured":"Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 313\u2013328. Springer, Heidelberg (1996). https:\/\/doi.org\/10.1007\/3-540-68697-5_24"},{"issue":"3","key":"6_CR35","doi-asserted-by":"publisher","first-page":"265","DOI":"10.1016\/0022-0000(81)90033-7","volume":"22","author":"MN Wegman","year":"1981","unstructured":"Wegman, M.N., Carter, L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265\u2013279 (1981). https:\/\/doi.org\/10.1016\/0022-0000(81)90033-7","journal-title":"J. Comput. Syst. Sci."}],"container-title":["Lecture Notes in Computer Science","Advances in Cryptology \u2013 ASIACRYPT 2023"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-99-8727-6_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,17]],"date-time":"2025-12-17T01:02:45Z","timestamp":1765933365000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-981-99-8727-6_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9789819987269","9789819987276"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-981-99-8727-6_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"18 December 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ASIACRYPT","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Theory and Application of Cryptology and Information Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guangzhou","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"China","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 December 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 December 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"29","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"asiacrypt2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/asiacrypt.iacr.org\/2023\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"HotCRP","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"375","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"106","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}