{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,11]],"date-time":"2026-03-11T13:53:34Z","timestamp":1773237214038,"version":"3.50.1"},"reference-count":64,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2016,9,19]],"date-time":"2016-09-19T00:00:00Z","timestamp":1474243200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2017,7]]},"DOI":"10.1007\/s00145-016-9238-4","type":"journal-article","created":{"date-parts":[[2016,9,19]],"date-time":"2016-09-19T19:27:42Z","timestamp":1474313262000},"page":"889-919","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["Instantiability of RSA-OAEP Under Chosen-Plaintext Attack"],"prefix":"10.1007","volume":"30","author":[{"given":"Eike","family":"Kiltz","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adam","family":"O\u2019Neill","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Adam","family":"Smith","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,9,19]]},"reference":[{"key":"9238_CR1","doi-asserted-by":"crossref","unstructured":"M. Abdalla, M. Bellare, P. Rogaway, The oracle Diffie\u2013Hellman assumptions and an analysis of DHIES, in D. Naccache, editor, CT-RSA\u00a02001. LNCS, vol. 2020 (Springer, Heidelberg, April 2001), pp. 143\u2013158","DOI":"10.1007\/3-540-45353-9_12"},{"key":"9238_CR2","doi-asserted-by":"crossref","unstructured":"B. Barak, R. Shaltiel, E. Tromer, True random number generators secure in a changing environment, in C.D. Walter, \u00c7.K. Ko\u00e7, C. Paar, editors, CHES\u00a02003. LNCS, vol. 2779 (Springer, Heidelberg, September 2003), pp. 166\u2013180","DOI":"10.1007\/978-3-540-45238-6_14"},{"key":"9238_CR3","doi-asserted-by":"crossref","unstructured":"M. Bellare, A. Boldyreva, A. O\u2019Neill, Deterministic and efficiently searchable encryption, in A. Menezes, editor, CRYPTO\u00a02007. LNCS, vol. 4622 (Springer, Heidelberg, August 2007), pp. 535\u2013552","DOI":"10.1007\/978-3-540-74143-5_30"},{"key":"9238_CR4","doi-asserted-by":"crossref","unstructured":"M. Bellare, V.T. Hoang, S. Keelveedhi, Instantiating random oracles via UCEs, in R. Canetti, J.A. Garay, editors, CRYPTO\u00a02013, Part II. LNCS, vol. 8043 (Springer, Heidelberg, August 2013), pp. 398\u2013415","DOI":"10.1007\/978-3-642-40084-1_23"},{"key":"9238_CR5","doi-asserted-by":"crossref","unstructured":"M. Bellare, A. Palacio, Towards plaintext-aware public-key encryption without random oracles, in P.J. Lee, editor, ASIACRYPT\u00a02004. LNCS, vol. 3329 (Springer, Heidelberg, December 2004), pp. 48\u201362","DOI":"10.1007\/978-3-540-30539-2_4"},{"key":"9238_CR6","doi-asserted-by":"crossref","unstructured":"M. Bellare, P. Rogaway, Random oracles are practical: a paradigm for designing efficient protocols. in V.\u00a0Ashby, editor, ACM CCS 93. (ACM Press, November 1993), pp. 62\u201373","DOI":"10.1145\/168588.168596"},{"key":"9238_CR7","doi-asserted-by":"crossref","unstructured":"M. Bellare, P. Rogaway, Optimal asymmetric encryption, in A. De Santis, editor, EUROCRYPT\u201994. LNCS, vol. 950 (Springer, Heidelberg, May 1995), pp. 92\u2013111","DOI":"10.1007\/BFb0053428"},{"key":"9238_CR8","doi-asserted-by":"crossref","unstructured":"M. Bellare, J. Rompel, Randomness-efficient oblivious sampling, in 35th FOCS. (IEEE Computer Society Press, November 1994), pp. 276\u2013287","DOI":"10.1109\/SFCS.1994.365687"},{"key":"9238_CR9","doi-asserted-by":"crossref","unstructured":"M. Blum, P. Feldman, S. Micali, Proving security against chosen cyphertext attacks, in S. Goldwasser, editor, CRYPTO\u201988. LNCS, vol. 403 (Springer, Heidelberg, August 1990), pp. 256\u2013268","DOI":"10.1007\/0-387-34799-2_20"},{"key":"9238_CR10","doi-asserted-by":"crossref","unstructured":"A. Boldyreva, D. Cash, M. Fischlin, B. Warinschi, Foundations of non-malleable hash and one-way functions, in M. Matsui, editor, ASIACRYPT\u00a02009. LNCS, vol. 5912 (Springer, Heidelberg, December 2009), pp. 524\u2013541","DOI":"10.1007\/978-3-642-10366-7_31"},{"key":"9238_CR11","doi-asserted-by":"crossref","unstructured":"A. Boldyreva, S. Fehr, A. O\u2019Neill, On notions of security for deterministic encryption, and efficient constructions without random oracles, in D. Wagner, editor, CRYPTO\u00a02008. LNCS, vol. 5157 (Springer, Heidelberg, August 2008), pp. 335\u2013359","DOI":"10.1007\/978-3-540-85174-5_19"},{"key":"9238_CR12","doi-asserted-by":"crossref","unstructured":"A. Boldyreva, M. Fischlin, Analysis of random oracle instantiation scenarios for OAEP and other practical schemes, in V. Shoup, editor, CRYPTO\u00a02005. LNCS, vol. 3621 (Springer, Heidelberg, August 2005), pp. 412\u2013429","DOI":"10.1007\/11535218_25"},{"key":"9238_CR13","doi-asserted-by":"crossref","unstructured":"A. Boldyreva, M. Fischlin, On the security of OAEP, in X. Lai, K. Chen, editors, ASIACRYPT\u00a02006. LNCS, vol. 4284 (Springer, Heidelberg, December 2006), pp. 210\u2013225","DOI":"10.1007\/11935230_14"},{"key":"9238_CR14","doi-asserted-by":"crossref","unstructured":"D. Boneh, Simplified OAEP for the RSA and Rabin functions, in J. Kilian, editor, CRYPTO\u00a02001. LNCS, vol. 2139 (Springer, Heidelberg, August 2001), pp. 275\u2013291","DOI":"10.1007\/3-540-44647-8_17"},{"key":"9238_CR15","unstructured":"D.R.L. Brown, What hashes make RSA-OAEP secure? Cryptology ePrint Archive. Report 2006\/223. http:\/\/eprint.iacr.org\/ (2006)"},{"key":"9238_CR16","doi-asserted-by":"crossref","unstructured":"C. Cachin, Efficient private bidding and auctions with an oblivious third party, in ACM CCS 99. (ACM Press, November 1999), pp. 120\u2013127","DOI":"10.1145\/319709.319726"},{"key":"9238_CR17","doi-asserted-by":"crossref","unstructured":"C. Cachin, S. Micali, M. Stadler, Computationally private information retrieval with polylogarithmic communication, in J. Stern, editor, EUROCRYPT\u201999. LNCS, vol. 1592 (Springer, Heidelberg, May 1999), pp. 402\u2013414","DOI":"10.1007\/3-540-48910-X_28"},{"key":"9238_CR18","doi-asserted-by":"crossref","unstructured":"R. Canetti, Towards realizing random oracles: hash functions that hide all partial information, in B.S. Kaliski Jr., editor, CRYPTO\u201997. LNCS, vol. 1294 (Springer, Heidelberg, August 1997), pp. 455\u2013469","DOI":"10.1007\/BFb0052255"},{"key":"9238_CR19","doi-asserted-by":"crossref","unstructured":"R. Canetti, R.R. Dakdouk, Extractable perfectly one-way functions, in L. Aceto, I. Damg\u00e5rd, L.A. Goldberg, M.M. Halld\u00f3rsson, A. Ing\u00f3lfsd\u00f3ttir, I. Walukiewicz, editors, ICALP 2008, Part II. LNCS, vol. 5126 (Springer, Heidelberg, July 2008), pp. 449\u2013460","DOI":"10.1007\/978-3-540-70583-3_37"},{"key":"9238_CR20","doi-asserted-by":"crossref","unstructured":"R. Canetti, O. Goldreich, S. Halevi, The random oracle methodology, revisited. J. ACM, 51(4), 557\u2013594 (2004)","DOI":"10.1145\/1008731.1008734"},{"issue":"4","key":"9238_CR21","doi-asserted-by":"publisher","first-page":"233","DOI":"10.1007\/s001459900030","volume":"10","author":"D Coppersmith","year":"1997","unstructured":"R. Canetti, D. Micciancio, O. Reingold, Perfectly one-way probabilistic hash functions (preliminary version), in 30th ACM STOC. (ACM Press, May 1998), pp. 131\u2013140","journal-title":"J. Cryptol."},{"key":"9238_CR22","doi-asserted-by":"crossref","unstructured":"D. Coppersmith, Small solutions to polynomial equations, and low exponent RSA vulnerabilities. J. Cryptol., 10(4), 233\u2013260 (1997)","DOI":"10.1007\/s001459900030"},{"key":"9238_CR23","doi-asserted-by":"crossref","unstructured":"J.-S. Coron, M. Joye, D. Naccache, P. Paillier, New attacks on PKCS#1 v1.5 encryption, in B. Preneel, editor, EUROCRYPT\u00a02000. LNCS, vol. 1807 (Springer, Heidelberg, May 2000), pp. 369\u2013381","DOI":"10.1007\/3-540-45539-6_25"},{"key":"9238_CR24","doi-asserted-by":"crossref","unstructured":"J.-S. Coron, M. Joye, D. Naccache, P. Paillier, Universal padding schemes for RSA, in M. Yung, editor, CRYPTO\u00a02002. LNCS, vol. 2442 (Springer, Heidelberg, August 2002), pp. 226\u2013241","DOI":"10.1007\/3-540-45708-9_15"},{"key":"9238_CR25","doi-asserted-by":"crossref","unstructured":"Y. Dodis, R. Oliveira, K. Pietrzak, On the generic insecurity of the full domain hash, in V. Shoup, editor, CRYPTO\u00a02005. LNCS, vol. 3621 (Springer, Heidelberg, August 2005), pp. 449\u2013466","DOI":"10.1007\/11535218_27"},{"key":"9238_CR26","doi-asserted-by":"crossref","unstructured":"Y. Dodis, A. Sahai, A. Smith, On perfect and adaptive security in exposure-resilient cryptography, in B. Pfitzmann, editor, EUROCRYPT\u00a02001. LNCS, vol. 2045 (Springer, Heidelberg, May 2001), pp. 301\u2013324","DOI":"10.1007\/3-540-44987-6_19"},{"key":"9238_CR27","doi-asserted-by":"crossref","unstructured":"Y. Dodis, A. Smith, Correcting errors without leaking partial information, in H.N. Gabow, R. Fagin, editors, 37th ACM STOC. (ACM Press, May 2005), pp. 654\u2013663","DOI":"10.1145\/1060590.1060688"},{"key":"9238_CR28","doi-asserted-by":"crossref","unstructured":"D.M. Freeman, O. Goldreich, E. Kiltz, A. Rosen, G. Segev, More constructions of lossy and correlation-secure trapdoor functions. J. Cryptol., 26(1), 39\u201374 (2013)","DOI":"10.1007\/s00145-011-9112-3"},{"key":"9238_CR29","doi-asserted-by":"crossref","unstructured":"E. Fujisaki, T. Okamoto, D. Pointcheval, J. Stern, RSA-OAEP is secure under the RSA assumption. J. Cryptol., 17(2), 81\u2013104 (2004)","DOI":"10.1007\/s00145-002-0204-y"},{"key":"9238_CR30","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511721656","volume-title":"Foundations of Cryptography: Basic Applications","author":"O Goldreich","year":"2004","unstructured":"C. Gentry, P.D. Mackenzie, Z. Ramzan, Password authenticated key exchange using hidden smooth subgroups, in V. Atluri, C. Meadows, A. Juels, editors, ACM CCS 05. (ACM Press, November 2005), pp. 299\u2013309"},{"key":"9238_CR31","unstructured":"O. Goldreich, Foundations of Cryptography: Basic Applications, vol. 2 (Cambridge University Press, Cambridge, UK, 2004)"},{"key":"9238_CR32","doi-asserted-by":"crossref","unstructured":"S. Goldwasser, S. Micali, Probabilistic encryption. J. Comput. Syst. Sci., 28(2), 270\u2013299 (1984)","DOI":"10.1016\/0022-0000(84)90070-9"},{"key":"9238_CR33","unstructured":"B.\u00a0Harris, RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol. RFC 4432"},{"key":"9238_CR34","doi-asserted-by":"crossref","unstructured":"B. Hemenway, R. Ostrovsky, Public-key locally-decodable codes, in D. Wagner, editor, CRYPTO\u00a02008. LNCS, vol. 5157 (Springer, Heidelberg, August 2008), pp. 126\u2013143","DOI":"10.1007\/978-3-540-85174-5_8"},{"key":"9238_CR35","doi-asserted-by":"crossref","unstructured":"B. Hemenway, R. Ostrovsky, A. Rosen, Non-committing encryption from $$\\phi $$ \u03d5 -hiding, in Y. Dodis, J.B. Nielsen, editors, TCC\u00a02015, Part I. LNCS, vol. 9014 of (Springer, Heidelberg, March 2015), pp. 591\u2013608","DOI":"10.1007\/978-3-662-46494-6_24"},{"key":"9238_CR36","doi-asserted-by":"crossref","unstructured":"M. Herrmann, Improved cryptanalysis of the multi-prime $$\\phi $$ \u03d5 -hiding assumption. in A. Nitaj, D. Pointcheval, editors, AFRICACRYPT 11. LNCS, vol. 6737 (Springer, Heidelberg, July 2011), pp. 92\u201399","DOI":"10.1007\/978-3-642-21969-6_6"},{"key":"9238_CR37","doi-asserted-by":"crossref","unstructured":"D. Hofheinz, E. Kiltz, The group of signed quadratic residues and applications, in S. Halevi, editor, CRYPTO\u00a02009. LNCS, vol. 5677 (Springer, Heidelberg, August 2009), pp. 637\u2013653","DOI":"10.1007\/978-3-642-03356-8_37"},{"key":"9238_CR38","unstructured":"E.\u00a0Kiltz, K.\u00a0Pietrzak, Personal communication (2009)"},{"key":"9238_CR39","doi-asserted-by":"crossref","unstructured":"E. Kiltz, A. O\u2019Neill, A. Smith, Instantiability of RSA-OAEP under chosen-plaintext attack, in T. Rabin, editor, CRYPTO\u00a02010. LNCS, vol. 6223 (Springer, Heidelberg, August 2010), pp. 295\u2013313","DOI":"10.1007\/978-3-642-14623-7_16"},{"key":"9238_CR40","doi-asserted-by":"crossref","unstructured":"E. Kiltz, K. Pietrzak, On the security of padding-based encryption schemes- or -why we cannot prove OAEP secure in the standard model, in A. Joux, editor, EUROCRYPT\u00a02009. LNCS, vol. 5479 (Springer, Heidelberg, April 2009), pp. 389\u2013406","DOI":"10.1007\/978-3-642-01001-9_23"},{"key":"9238_CR41","unstructured":"K. Kobara, H. Imai, OAEP++ : a very simple way to apply oaep to deterministic ow-cpa primitives. Cryptology ePrint Archive, Report 2002\/130. http:\/\/eprint.iacr.org\/ (2002)"},{"key":"9238_CR42","doi-asserted-by":"crossref","unstructured":"A.K. Lenstra, Unbelievable security. Matching AES security using public key systems (invited talk), in C. Boyd, editor, ASIACRYPT\u00a02001. LNCS, vol. 2248 (Springer, Heidelberg, December 2001), pp. 67\u201386","DOI":"10.1007\/3-540-45682-1_5"},{"key":"9238_CR43","doi-asserted-by":"crossref","unstructured":"M. Lewko, A. O\u2019Neill, A. Smith, Regularity of lossy RSA on subdomains and its applications, in T. Johansson, P.Q. Nguyen, editors, EUROCRYPT\u00a02013. LNCS, vol. 7881 (Springer, Heidelberg, May 2013), pp. 55\u201375","DOI":"10.1007\/978-3-642-38348-9_4"},{"key":"9238_CR44","unstructured":"A. May, Using lll-reduction for solving rsa and factorization problems: a survey, in LLL+25 Conference in Honour of the 25th Birthday of the LLL Algorithm (2007)"},{"key":"9238_CR45","doi-asserted-by":"crossref","unstructured":"S. Micali, C. Rackoff, B. Sloan, The notion of security for probabilistic cryptosystems, in A.M. Odlyzko, editor, CRYPTO\u201986. LNCS, vol. 263 (Springer, Heidelberg, August 1987), pp. 381\u2013392","DOI":"10.1007\/3-540-47721-7_27"},{"issue":"1","key":"9238_CR46","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1006\/jcss.1996.0004","volume":"52","author":"N Nisan","year":"1996","unstructured":"P. Mol, S. Yilek, Chosen-ciphertext security from slightly lossy trapdoor functions, in P.Q. Nguyen, D. Pointcheval, editors, PKC\u00a02010. LNCS, vol. 6056 (Springer, Heidelberg, May 2010), pp. 296\u2013311","journal-title":"J. Comput. Syst. Sci."},{"key":"9238_CR47","doi-asserted-by":"crossref","unstructured":"N. Nisan, D. Zuckerman, Randomness is linear in space. J. Comput. Syst. Sci., 52(1), 43\u201352 (1996)","DOI":"10.1006\/jcss.1996.0004"},{"key":"9238_CR48","doi-asserted-by":"crossref","unstructured":"P. Paillier, J.L. Villar, Trading one-wayness against chosen-ciphertext security in factoring-based encryption, in X. Lai, K. Chen, editors, ASIACRYPT\u00a02006. LNCS, vol. 4284 (Springer, Heidelberg, December 2006), pp. 252\u2013266","DOI":"10.1007\/11935230_17"},{"issue":"6","key":"9238_CR49","doi-asserted-by":"publisher","first-page":"1803","DOI":"10.1137\/080733954","volume":"40","author":"C Peikert","year":"2011","unstructured":"O. Pandey, R. Pass, V. Vaikuntanathan, Adaptive one-way functions and applications, in D. Wagner, editor, CRYPTO\u00a02008. LNCS, vol. 5157 (Springer, Heidelberg, August 2008), pp. 57\u201374","journal-title":"SIAM J. Comput."},{"key":"9238_CR50","doi-asserted-by":"crossref","unstructured":"C. Peikert, B. Waters, Lossy trapdoor functions and their applications. SIAM J. Comput., 40(6), 1803\u20131844 (2011)","DOI":"10.1137\/080733954"},{"key":"9238_CR51","unstructured":"Rsa public-key cryptography standards (pkcs). http:\/\/www.rsa.com\/rsalabs\/node.asp?id=2124"},{"key":"9238_CR52","unstructured":"M.O. Rabin, Digitalized signatures and public-key functions as intractable as factorization. Technical report (1979)"},{"key":"9238_CR53","doi-asserted-by":"crossref","unstructured":"C. Rackoff, D.R. Simon, Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack, in J. Feigenbaum, editor, CRYPTO\u201991. LNCS. vol. 576 (Springer, Heidelberg, August 1992), pp. 433\u2013444","DOI":"10.1007\/3-540-46766-1_35"},{"key":"9238_CR54","unstructured":"R.L. Rivest, A. Shamir, L. Adelman, U.S.\u00a0patent 4405829: cryptographic communications system and method"},{"key":"9238_CR55","unstructured":"R.L. Rivest, A. Shamir, L. Adelman, A method for obtaining public-key cryptosystems and digital signatures. Technical Memo MIT\/LCS\/TM-82, Massachusetts Institute of Technology, Laboratory for Computer Science (1977)"},{"key":"9238_CR56","doi-asserted-by":"crossref","unstructured":"C. Schridde, B. Freisleben, On the validity of the phi-hiding assumption in cryptographic protocols, in J. Pieprzyk, editor, ASIACRYPT\u00a02008. LNCS, vol. 5350 (Springer, Heidelberg, December 2008), pp. 344\u2013354","DOI":"10.1007\/978-3-540-89255-7_21"},{"key":"9238_CR57","doi-asserted-by":"crossref","unstructured":"Y. Seurin, On the lossiness of the Rabin trapdoor function, in H. Krawczyk, editor, PKC\u00a02014. LNCS, vol. 8383 (Springer, Heidelberg, March 2014), pp. 380\u2013398","DOI":"10.1007\/978-3-642-54631-0_22"},{"key":"9238_CR58","doi-asserted-by":"crossref","unstructured":"V. Shoup, OAEP reconsidered. J. Cryptol., 15(4), 223\u2013249 (2002)","DOI":"10.1007\/s00145-002-0133-9"},{"key":"9238_CR59","doi-asserted-by":"crossref","unstructured":"A. Smith, Y. Zhang, On the regularity of lossy RSA\u2014improved bounds and applications to padding-based encryption, in Y. Dodis, J.B. Nielsen, editors, TCC\u00a02015, Part I. LNCS, vol. 9014 (Springer, Heidelberg, March 2015), pp. 609\u2013628","DOI":"10.1007\/978-3-662-46494-6_25"},{"key":"9238_CR60","unstructured":"K. Tosu, N. Kunihiro, Optimal bounds for multi-prime phi-hiding assumption, in Information Security and Privacy\u201417th Australasian Conference, ACISP 2012, Wollongong, NSW, Australia, July 9\u201311, 2012. Proceedings (2012), pp. 1\u201314"},{"key":"9238_CR61","doi-asserted-by":"crossref","unstructured":"L. Trevisan, S.P. Vadhan, Extracting randomness from samplable distributions, in 41st FOCS (IEEE Computer Society Press, November 2000), pp. 32\u201342","DOI":"10.1109\/SFCS.2000.892063"},{"key":"9238_CR62","doi-asserted-by":"crossref","unstructured":"M.N. Wegman, L. Carter, New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci.\u00a022(3),\u00a0265\u2013279 (1981)","DOI":"10.1016\/0022-0000(81)90033-7"},{"key":"9238_CR63","doi-asserted-by":"crossref","unstructured":"S. Yilek, E. Rescorla, H. Shacham, B. Enright, S. Savage, When private keys are public: results from the 2008 debian openssl vulnerability, in Internet Measurement Conference","DOI":"10.1145\/1644893.1644896"},{"key":"9238_CR64","unstructured":"P. Zimmerman, Integer factoring records. http:\/\/www.loria.fr\/~zimmerma\/records\/factor.html"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s00145-016-9238-4\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9238-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-016-9238-4.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,10]],"date-time":"2025-06-10T20:04:50Z","timestamp":1749585890000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s00145-016-9238-4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,9,19]]},"references-count":64,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2017,7]]}},"alternative-id":["9238"],"URL":"https:\/\/doi.org\/10.1007\/s00145-016-9238-4","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,9,19]]},"assertion":[{"value":"7 November 2011","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"21 April 2016","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 September 2016","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"This content has been made available to all.","name":"free","label":"Free to read"}]}}