{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,6]],"date-time":"2026-03-06T01:26:21Z","timestamp":1772760381309,"version":"3.50.1"},"reference-count":33,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T00:00:00Z","timestamp":1682899200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2023,7]]},"DOI":"10.1007\/s00145-023-09455-5","type":"journal-article","created":{"date-parts":[[2023,5,1]],"date-time":"2023-05-01T20:01:37Z","timestamp":1682971297000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["Latin Dances Reloaded: Improved Cryptanalysis Against Salsa and ChaCha, and the Proposal of Forr\u00f3"],"prefix":"10.1007","volume":"36","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7545-5040","authenticated-orcid":false,"given":"Murilo","family":"Coutinho","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6296-6041","authenticated-orcid":false,"given":"Iago","family":"Passos","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3863-3714","authenticated-orcid":false,"given":"Juan C. Grados","family":"V\u00e1squez","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6821-920X","authenticated-orcid":false,"given":"Santanu","family":"Sarkar","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7100-7304","authenticated-orcid":false,"given":"F\u00e1bio L. L.","family":"de Mendon\u00e7a","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1101-3029","authenticated-orcid":false,"suffix":"Jr.","given":"Rafael T.","family":"de Sousa","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5159-9517","authenticated-orcid":false,"given":"F\u00e1bio","family":"Borges","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,5,1]]},"reference":[{"key":"9455_CR1","doi-asserted-by":"crossref","unstructured":"D.J. Bernstein, The Salsa20 family of stream ciphers, in Robshaw, M.J.B., Billet, O., eds.: New Stream Cipher Designs\u2014The eSTREAM Finalists. Lecture Notes in Computer Science, vol. 4986 (Springer, 2008), pp. 84\u201397","DOI":"10.1007\/978-3-540-68351-3_8"},{"key":"9455_CR2","unstructured":"D.J. Bernstein, ChaCha, a variant of Salsa20, in Workshop Record of SASC, vol.\u00a08 (2008), pp. 3\u20135"},{"key":"9455_CR3","doi-asserted-by":"crossref","unstructured":"D. Dinu, L. Perrin, A. Udovenko, V. Velichkov, J. Gro\u00dfsch\u00e4dl, A. Biryukov, Design strategies for ARX with provable bounds: Sparx and LAX, in Cheon, J.H., Takagi, T., eds.: Advances in Cryptology\u2014ASIACRYPT 2016\u201422nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4\u20138, 2016, Proceedings, Part I. Lecture Notes in Computer Science, vol. 10031 (2016), pp. 484\u2013513","DOI":"10.1007\/978-3-662-53887-6_18"},{"key":"9455_CR4","doi-asserted-by":"crossref","unstructured":"C. Beierle, A. Biryukov, L. Cardoso Dos\u00a0Santos, J. Groszsch\u00e4dl, L.P. Perrin, A. Udovenko, V. Velichkov, Q. Wang, Schwaemm and Esch: lightweight authenticated encryption and hashing using the Sparkle permutation family (2019)","DOI":"10.46586\/tosc.v2020.iS1.208-261"},{"key":"9455_CR5","unstructured":"J.P. Aumasson, L. Henzen, W. Meier, R.C.W. Phan, SHA-3 proposal BLAKE. Submission to NIST 92 (2008)"},{"key":"9455_CR6","doi-asserted-by":"crossref","unstructured":"M.J.B. Robshaw, O. Billet, eds., New Stream Cipher Designs\u2014The eSTREAM Finalists. Lecture Notes in Computer Science, vol. 4986. (Springer, 2008)","DOI":"10.1007\/978-3-540-68351-3"},{"key":"9455_CR7","unstructured":"IANIX: Salsa20 usage and deployment. https:\/\/ianix.com\/pub\/salsa20-deployment.html (2021) Accessed: 2021-02-02"},{"key":"9455_CR8","doi-asserted-by":"crossref","unstructured":"D.J. Bernstein, The Poly1305-AES message-authentication code, in Gilbert, H., Handschuh, H., eds.: Fast Software Encryption: 12th International Workshop, FSE 2005, Paris, France, February 21\u201323, 2005, Revised Selected Papers. Lecture Notes in Computer Science, vol. 3557 (Springer, 2005), pp. 32\u201349","DOI":"10.1007\/11502760_3"},{"key":"9455_CR9","first-page":"1","volume":"7905","author":"A Langley","year":"2016","unstructured":"A. Langley, W. Chang, N. Mavrogiannopoulos, J. Str\u00f6mbergson, S. Josefsson, ChaCha20-Poly1305 cipher suites for transport layer security (TLS). RFC7905, 1\u20138 (2016)","journal-title":"RFC"},{"key":"9455_CR10","unstructured":"IANIX: ChaCha usage and deployment. https:\/\/ianix.com\/pub\/chacha-deployment.html (2020) Accessed: 2020-01-13"},{"key":"9455_CR11","doi-asserted-by":"crossref","unstructured":"S. Fischer, W. Meier, C. Berbain, J. Biasse, M.J.B. Robshaw, Non-randomness in estream candidates Salsa20 and TSC-4, in Barua, R., Lange, T., eds.: Progress in Cryptology\u2014INDOCRYPT 2006, 7th International Conference on Cryptology in India, Kolkata, India, December 11\u201313, 2006, Proceedings. Lecture Notes in Computer Science, vol. 4329 (Springer, 2006), pp. 2\u201316","DOI":"10.1007\/11941378_2"},{"key":"9455_CR12","unstructured":"J.C.H. Castro, J.M. Est\u00e9vez-Tapiador, J. Quisquater, On the Salsa20 core function, in Nyberg, K., ed.: Fast Software Encryption, 15th International Workshop, FSE 2008, Lausanne, Switzerland, February 10\u201313, 2008, Revised Selected Papers. Lecture Notes in Computer Science, vol. 5086 (Springer, 2008), pp. 462\u2013469"},{"key":"9455_CR13","first-page":"328","volume":"2013","author":"N Mouha","year":"2013","unstructured":"N. Mouha, B. Preneel, A proof that the ARX cipher Salsa20 is secure against differential cryptanalysis. IACR Cryptol. ePrint Arch.2013, 328 (2013)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"9455_CR14","first-page":"375","volume":"2005","author":"P Crowley","year":"2005","unstructured":"P. Crowley, Truncated differential cryptanalysis of five rounds of Salsa20. IACR Cryptol. ePrint Arch.2005, 375 (2005)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"9455_CR15","doi-asserted-by":"crossref","unstructured":"J. Aumasson, S. Fischer, S. Khazaei, W. Meier, C. Rechberger, New features of latin dances: analysis of Salsa, ChaCha, and Rumba, in Nyberg, K., ed.: Fast Software Encryption, 15th International Workshop, FSE 2008, Lausanne, Switzerland, February 10\u201313, 2008, Revised Selected Papers. Lecture Notes in Computer Science, vol. 5086 (Springer, 2008), pp. 470\u2013488","DOI":"10.1007\/978-3-540-71039-4_30"},{"key":"9455_CR16","doi-asserted-by":"crossref","unstructured":"Z. Shi, B. Zhang, D. Feng, W. Wu, Improved key recovery attacks on reduced-round Salsa20 and ChaCha, in Kwon, T., Lee, M., Kwon, D., eds.: Information Security and Cryptology\u2014ICISC 2012. Lecture Notes in Computer Science, vol. 7839 (Springer, 2012), pp. 337\u2013351","DOI":"10.1007\/978-3-642-37682-5_24"},{"key":"9455_CR17","first-page":"217","volume":"2015","author":"S Maitra","year":"2015","unstructured":"S. Maitra, G. Paul, W. Meier, Salsa20 cryptanalysis: New moves and revisiting old styles. IACR Cryptol. ePrint Arch.2015, 217 (2015)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"9455_CR18","doi-asserted-by":"publisher","first-page":"88","DOI":"10.1016\/j.dam.2016.02.020","volume":"208","author":"S Maitra","year":"2016","unstructured":"S. Maitra, Chosen IV cryptanalysis on reduced round ChaCha and Salsa. Discrete. Appl. Math.208, 88\u201397 (2016)","journal-title":"Discrete Appl. Math."},{"key":"9455_CR19","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1016\/j.dam.2017.04.034","volume":"227","author":"S Dey","year":"2017","unstructured":"S. Dey, S. Sarkar, Improved analysis for reduced round Salsa and Chacha. Discrete Appl. Math.227, 58\u201369 (2017)","journal-title":"Discrete Appl. Math."},{"issue":"2","key":"9455_CR20","first-page":"261","volume":"2016","author":"AR Choudhuri","year":"2016","unstructured":"A.R. Choudhuri, S. Maitra, Significantly improved multi-bit differentials for reduced round Salsa and ChaCha. IACR Trans. Symmetric Cryptol.2016(2), 261\u2013287 (2016)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"9455_CR21","doi-asserted-by":"publisher","first-page":"30197","DOI":"10.1109\/ACCESS.2019.2892647","volume":"7","author":"L Ding","year":"2019","unstructured":"L. Ding, Improved related-cipher attack on Salsa20 stream cipher. IEEE Access7, 30197\u201330202 (2019)","journal-title":"IEEE Access"},{"key":"9455_CR22","first-page":"350","volume":"2020","author":"M Coutinho","year":"2020","unstructured":"M. Coutinho, T.C.S. Neto, New multi-bit differentials to improve attacks against ChaCha. IACR Cryptol. ePrint Arch.2020, 350 (2020)","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"9455_CR23","doi-asserted-by":"crossref","unstructured":"C. Beierle, G. Leander, Y. Todo, Improved differential-linear attacks with applications to ARX ciphers, in Micciancio, D., Ristenpart, T., eds.: Advances in Cryptology\u2014CRYPTO 2020\u201440th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17\u201321, 2020, Proceedings, Part III. Lecture Notes in Computer Science, vol. 12172 (Springer, 2020), pp. 329\u2013358","DOI":"10.1007\/978-3-030-56877-1_12"},{"key":"9455_CR24","doi-asserted-by":"crossref","unstructured":"M. Coutinho, T.C.S. Neto, Improved linear approximations to ARX ciphers and attacks against chacha, in Canteaut, A., Standaert, F., eds.: Advances in Cryptology\u2014EUROCRYPT 2021\u201440th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17\u201321, Proceedings, Part I. Lecture Notes in Computer Science, vol. 12696 (Springer, 2021), pp. 711\u2013740","DOI":"10.1007\/978-3-030-77870-5_25"},{"key":"9455_CR25","doi-asserted-by":"crossref","unstructured":"S. Dey, H.K. Garai, S. Sarkar, N.K. Sharma, Revamped differential-linear cryptanalysis on reduced round chacha (Springer-Verlag, 2022)","DOI":"10.1007\/978-3-031-07082-2_4"},{"key":"9455_CR26","doi-asserted-by":"crossref","unstructured":"Z. Niu, S. Sun, Y. Liu, C. Li, Rotational differential-linear distinguishers of ARX Ciphers with arbitrary output linear masks. Cryptology ePrint Archive (2022)","DOI":"10.1007\/978-3-031-15802-5_1"},{"key":"9455_CR27","doi-asserted-by":"crossref","unstructured":"M. Coutinho, I. Passos, J.C.G. V\u00e1squez, F.L.L. de\u00a0Mendon\u00e7a, R.T. de\u00a0Sousa\u00a0Jr., F. Borges, Latin dances reloaded: improved cryptanalysis against Salsa and ChaCha, and the proposal of Forr\u00f3, in Advances in Cryptology\u2014ASIACRYPT 2022\u201428nd International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, December 5\u20139 (2022)","DOI":"10.1007\/978-3-031-22963-3_9"},{"key":"9455_CR28","doi-asserted-by":"crossref","unstructured":"S.K. Langford, M.E. Hellman, Differential-linear cryptanalysis, in Desmedt, Y., ed.: Advances in Cryptology\u2014CRYPTO \u201994, Proceedings. Lecture Notes in Computer Science, vol. 839 (Springer, 1994), pp. 17\u201325","DOI":"10.1007\/3-540-48658-5_3"},{"issue":"3","key":"9455_CR29","doi-asserted-by":"publisher","first-page":"859","DOI":"10.1007\/s00145-016-9237-5","volume":"30","author":"C Blondeau","year":"2017","unstructured":"C. Blondeau, G. Leander, K. Nyberg, Differential-linear cryptanalysis revisited. J. Cryptol.30(3), 859\u2013888 (2017)","journal-title":"J. Cryptol."},{"key":"9455_CR30","doi-asserted-by":"crossref","unstructured":"J. Wall\u00e9n, Linear approximations of addition modulo 2$${}^{\\text{n}}$$, in Johansson, T., ed.: Fast Software Encryption, 10th International Workshop, FSE 2003, Lund, Sweden, February 24\u201326, 2003, Revised Papers. Lecture Notes in Computer Science, vol. 2887 (Springer, 2003), pp. 261\u2013273","DOI":"10.1007\/978-3-540-39887-5_20"},{"key":"9455_CR31","doi-asserted-by":"crossref","unstructured":"H. Lipmaa, S. Moriai, Efficient algorithms for computing differential properties of addition, in Matsui, M., ed.: Fast Software Encryption, 8th International Workshop, FSE 2001 Yokohama, Japan, April 2-4, 2001, Revised Papers. Lecture Notes in Computer Science, vol. 2355 (Springer, 2001), pp. 336\u2013350","DOI":"10.1007\/3-540-45473-X_28"},{"key":"9455_CR32","doi-asserted-by":"crossref","unstructured":"J. Aumasson, D.J. Bernstein, Siphash: a fast short-input PRF, in Galbraith, S.D., Nandi, M., eds.: Progress in Cryptology\u2014INDOCRYPT 2012, 13th International Conference on Cryptology in India. Lecture Notes in Computer Science, vol. 7668 (Springer, 2012), pp. 489\u2013508","DOI":"10.1007\/978-3-642-34931-7_28"},{"key":"9455_CR33","doi-asserted-by":"crossref","unstructured":"M. Coutinho, I. Passos, R.T. de\u00a0Sousa\u00a0Jr, F. Borges, Improving the security of ChaCha against differential-linear cryptanalysis (2020)","DOI":"10.5753\/sbseg.2020.19224"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-023-09455-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00145-023-09455-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-023-09455-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T16:08:48Z","timestamp":1691597328000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00145-023-09455-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,5,1]]},"references-count":33,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2023,7]]}},"alternative-id":["9455"],"URL":"https:\/\/doi.org\/10.1007\/s00145-023-09455-5","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"value":"0933-2790","type":"print"},{"value":"1432-1378","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,5,1]]},"assertion":[{"value":"27 September 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 February 2023","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 February 2023","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 May 2023","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"18"}}