{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T03:20:36Z","timestamp":1761621636539,"version":"build-2065373602"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T00:00:00Z","timestamp":1755043200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T00:00:00Z","timestamp":1755043200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Cryptol"],"published-print":{"date-parts":[[2025,10]]},"DOI":"10.1007\/s00145-025-09550-9","type":"journal-article","created":{"date-parts":[[2025,8,13]],"date-time":"2025-08-13T19:40:56Z","timestamp":1755114056000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["A New Linear Distinguisher for Four-Round AES"],"prefix":"10.1007","volume":"38","author":[{"given":"Tomer","family":"Ashur","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Erik","family":"Takke","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,8,13]]},"reference":[{"issue":"3","key":"9550_CR1","doi-asserted-by":"publisher","first-page":"1","DOI":"10.46586\/tosc.v2020.i3.1-45","volume":"2020","author":"A Aly","year":"2020","unstructured":"A. Aly, T. Ashur, E. Ben-Sasson, S. Dhooghe, A. Szepieniec, Design of symmetric-key primitives for advanced cryptographic protocols. IACR Trans. Symmetric Cryptol. 2020(3), 1\u201345 (2020)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"9550_CR2","doi-asserted-by":"crossref","unstructured":"S. Banik, A. Bogdanov, T. Isobe, K. Shibutani, H. Hiwatari, T. Akishita, F. Regazzoni, Midori: a block cipher for low energy, in T. Iwata, J.H. Cheon, editors, Advances in Cryptology\u2014ASIACRYPT 2015\u201421st International Conference on the Theory and Application of Cryptology and Information Security, Auckland, New Zealand, November 29\u2013December 3, 2015, Proceedings, Part II, Volume 9453 of Lecture Notes in Computer Science (Springer, 2015), pp. 411\u2013436","DOI":"10.1007\/978-3-662-48800-3_17"},{"key":"9550_CR3","doi-asserted-by":"crossref","unstructured":"B. Bilgin, A. Bogdanov, M. Kne\u017eevi\u0107, F. Mendel, Q. Wang, Fides: lightweight authenticated cipher with side-channel resistance for constrained hardware, in G. Bertoni and J.-S. Coron, editors, Cryptographic Hardware and Embedded Systems\u2014CHES 2013 (Springer, Berlin, 2013), pp. 142\u2013158","DOI":"10.1007\/978-3-642-40349-1_9"},{"key":"9550_CR4","doi-asserted-by":"crossref","unstructured":"E. Biham, Y. Carmeli, An improvement of linear cryptanalysis with addition operations with applications to FEAL-8X, in A. Joux, A. Youssef, editors, Selected Areas in Cryptography\u2014SAC 2014 (Springer, Cham, 2014), pp. 59\u201376","DOI":"10.1007\/978-3-319-13051-4_4"},{"key":"9550_CR5","doi-asserted-by":"crossref","unstructured":"A. Biryukov, C. De\u00a0Canni\u00e8re, M. Quisquater, On multiple linear approximations, in M. Franklin, editor, Advances in Cryptology\u2014CRYPTO 2004 (Springer, Berlin, 2004), pp. 1\u201322","DOI":"10.1007\/978-3-540-28628-8_1"},{"key":"9550_CR6","doi-asserted-by":"crossref","unstructured":"E. Biham, On Matsui\u2019s linear cryptanalysis, in A. De\u00a0Santis, editor, Advances in Cryptology\u2014EUROCRYPT\u201994 (Springer, Berlin, 1995), pp. 341\u2013355","DOI":"10.1007\/BFb0053449"},{"key":"9550_CR7","doi-asserted-by":"crossref","unstructured":"A. Bogdanov, L.R. Knudsen, G. Leander, C. Paar, A. Poschmann, M.J.B. Robshaw, Y. Seurin, C.\u00a0Vikkelsoe, PRESENT: an ultra-lightweight block cipher, in P. Paillier, I. Verbauwhede, editors, Cryptographic Hardware and Embedded Systems\u2014CHES 2007, 9th International Workshop, Vienna, Austria, September 10\u201313, 2007, Proceedings, Volume 4727 of Lecture Notes in Computer Science (Springer, 2007), pp. 450\u2013466","DOI":"10.1007\/978-3-540-74735-2_31"},{"key":"9550_CR8","doi-asserted-by":"publisher","first-page":"319","DOI":"10.1007\/s10623-016-0268-6","volume":"82","author":"C Blondeau","year":"2016","unstructured":"C. Blondeau, K. Nyberg, Joint data and key distribution of simple, multiple, and multidimensional linear cryptanalysis test statistic and its impact to data complexity. Des. Codes Cryptogr., 82, 319\u2013349 (2016)","journal-title":"Des. Codes Cryptogr."},{"issue":"3","key":"9550_CR9","doi-asserted-by":"publisher","first-page":"215","DOI":"10.46586\/tosc.v2018.i3.215-264","volume":"2018","author":"E Biham","year":"2018","unstructured":"E. Biham, S. Perle, Conditional linear cryptanalysis\u2014cryptanalysis of DES with less than $$2^{42}$$ complexity. IACR Trans. Symmetric Cryptol. 2018(3), 215\u2013264 (2018)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"9550_CR10","unstructured":"J. Daemen, Cipher and hash function design, strategies based on linear and differential cryptanalysis, PhD Thesis, K.U.Leuven (1995). http:\/\/jda.noekeon.org\/"},{"key":"9550_CR11","unstructured":"M. Dworkin, E. Barker, J. Nechvatal, J. Foti, L. Bassham, E.\u00a0Roback, J. Dray, Advanced Encryption Standard (AES), November (2001)"},{"key":"9550_CR12","doi-asserted-by":"crossref","unstructured":"J. Daemen, R. Govaerts, J. Vandewalle, Correlation matrices, in B. Preneel, editor, Fast Software Encryption (Springer, Berlin, 1995), pp. 275\u2013285","DOI":"10.1007\/3-540-60590-8_21"},{"key":"9550_CR13","doi-asserted-by":"crossref","unstructured":"J. Daemen, L. Knudsen, V. Rijmen, The block cipher square, in E. Biham, editor, Fast Software Encryption (Springer, Berlin, 1997), pp. 149\u2013165","DOI":"10.1007\/BFb0052343"},{"key":"9550_CR14","doi-asserted-by":"crossref","unstructured":"J. Daemen, V. Rijmen, The block cipher BKSQ, in J.-J. Quisquater, B. Schneier, editors, Smart Card Research and Applications (Springer, Berlin, 2000), pp. 236\u2013245","DOI":"10.1007\/10721064_22"},{"key":"9550_CR15","doi-asserted-by":"crossref","unstructured":"J. Daemen, V. Rijmen, The wide trail design strategy, in B. Honary, editor, Cryptography and Coding (Springer, Berlin, 2001), pp. 222\u2013238","DOI":"10.1007\/3-540-45325-3_20"},{"issue":"3","key":"9550_CR16","doi-asserted-by":"publisher","first-page":"221","DOI":"10.1515\/JMC.2007.011","volume":"1","author":"J Daemen","year":"2007","unstructured":"Joan Daemen, Vincent Rijmen, Probability distributions of correlation and differentials in block ciphers. J. Math. Cryptol., 1(3), 221\u2013242, (2007)","journal-title":"J. Math. Cryptol."},{"key":"9550_CR17","doi-asserted-by":"crossref","unstructured":"J. Daemen, V. Rijmen, The Design of Rijndael, 2 edition (Springer, 2020)","DOI":"10.1007\/978-3-662-60769-5"},{"key":"9550_CR18","unstructured":"P. Gauravaram, L.R. Knudsen, K. Matusiewicz, F. Mendel, C. Rechberger, M. Schl\u00e4ffer, S.S. Thomsen, Gr\u00f8stl\u2014a SHA-3 candidate, in H. Handschuh, S. Lucks, B. Preneel, P. Rogaway, editors, Symmetric Cryptography, 11.01.\u201316.01.2009, Volume 09031 of Dagstuhl Seminar Proceedings. Schloss Dagstuhl - Leibniz-Zentrum f\u00fcr Informatik, Germany (2009)"},{"key":"9550_CR19","unstructured":"L. Grassi, D. Khovratovich, C. Rechberger, A. Roy, M. Schofnegger, Poseidon: a new hash function for zero-knowledge proof systems, in M. Bailey, R. Greenstadt, editors, 30th USENIX Security Symposium, USENIX Security 2021, August 11\u201313, 2021 (USENIX Association, 2021), pp. 519\u2013535"},{"key":"9550_CR20","doi-asserted-by":"crossref","unstructured":"Z. Gong, S. Nikova, Y.W. Law. KLEIN: a new family of lightweight block ciphers, in A. Juels, C. Paar, editors, RFID. Security and Privacy\u20147th International Workshop, RFIDSec 2011, Amherst, USA, June 26\u201328, 2011, Revised Selected Papers, Volume 7055 of Lecture Notes in Computer Science (Springer, 2011), pp. 1\u201318","DOI":"10.1007\/978-3-642-25286-0_1"},{"key":"9550_CR21","doi-asserted-by":"crossref","unstructured":"J. Guo, T. Peyrin, A. Poschmann, The photon family of lightweight hash functions, in P. Rogaway, editor, Advances in Cryptology\u2014CRYPTO 2011 (Springer, Berlin, 2011), pp. 222\u2013239","DOI":"10.1007\/978-3-642-22792-9_13"},{"key":"9550_CR22","doi-asserted-by":"crossref","unstructured":"J. Guo, T. Peyrin, A. Poschmann, M. Robshaw, The LED block cipher, in B. Preneel, T. Takagi, editors, Cryptographic Hardware and Embedded Systems\u2014CHES 2011 (Springer, Berlin, 2011), pp. 326\u2013341","DOI":"10.1007\/978-3-642-23951-9_22"},{"key":"9550_CR23","doi-asserted-by":"crossref","unstructured":"M. Hermelin, J.Y. Cho, K. Nyberg, Multidimensional extension of Matsui\u2019s algorithm 2, in O. Dunkelman, editor, Fast Software Encryption (Springer, Berlin, 2009), pp. 209\u2013227","DOI":"10.1007\/978-3-642-03317-9_13"},{"issue":"1","key":"9550_CR24","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s00145-018-9308-x","volume":"32","author":"M Hermelin","year":"2019","unstructured":"M. Hermelin, J.Y. Cho, K. Nyberg, Multidimensional linear cryptanalysis. J. Cryptol. 32(1), 1\u201334 (2019)","journal-title":"J. Cryptol."},{"key":"9550_CR25","unstructured":"M. Hermelin, K. Nyberg, Linear cryptanalysis using multiple linear approximations. IACR Cryptol. ePrint Arch. p. 93 (2011)"},{"issue":"3","key":"9550_CR26","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1007\/s00145-021-09397-w","volume":"34","author":"J Jean","year":"2021","unstructured":"J. Jean, I. Nikolic, T. Peyrin, Y. Seurin. The deoxys AEAD family. J. Cryptol. 34(3), 31 (2021)","journal-title":"J. Cryptol."},{"key":"9550_CR27","doi-asserted-by":"crossref","unstructured":"L. Keliher, H. Meijer, S. Tavares, Improving the upper bound on the maximum average linear hull probability for Rijndael, in S. Vaudenay, A.M. Youssef, editors, Selected Areas in Cryptography (Springer, Berlin, 2001), pp. 112\u2013128","DOI":"10.1007\/3-540-45537-X_9"},{"key":"9550_CR28","doi-asserted-by":"crossref","unstructured":"L. Keliher, H. Meijer, S.E. Tavares, New method for upper bounding the maximum average linear hull probability for SPNs, in B. Pfitzmann, editor, Advances in Cryptology - EUROCRYPT 2001, International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, Austria, May 6\u201310, 2001, Proceeding, Volume 2045 of Lecture Notes in Computer Science (Springer, 2001), pp. 420\u2013436","DOI":"10.1007\/3-540-44987-6_26"},{"key":"9550_CR29","doi-asserted-by":"crossref","unstructured":"X. Lai, J.L. Massey, S. Murphy, Markov ciphers and differential cryptanalysis, in D.W. Davies, editor, Advances in Cryptology\u2014EUROCRYPT \u201991 (Springer, Berlin, 1991), pp. 17\u201338","DOI":"10.1007\/3-540-46416-6_2"},{"key":"9550_CR30","doi-asserted-by":"crossref","unstructured":"M. Matsui, Linear cryptanalysis method for DES cipher, in T. Helleseth, editor, Advances in Cryptology\u2014EUROCRYPT \u201993 (Springer, Berlin, 1993), pp. 386\u2013397","DOI":"10.1007\/3-540-48285-7_33"},{"issue":"3","key":"9550_CR31","doi-asserted-by":"publisher","first-page":"228","DOI":"10.46586\/tosc.v2017.i3.228-252","volume":"2017","author":"B Mennink","year":"2017","unstructured":"B. Mennink, S. Neves, Optimal prfs from blockcipher designs. IACR Trans. Symmetric Cryptol. 2017(3), 228\u2013252 (2017)","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"9550_CR32","doi-asserted-by":"crossref","unstructured":"M. Matsui, A. Yamagishi, A new method for known plaintext attack of FEAL cipher, in Advances in Cryptology\u2014EUROCRYPT \u201992, Workshop on the Theory and Application of of Cryptographic Techniques, Balatonf\u00fcred, Hungary, May 24\u201328, 1992, Proceedings, Volume 658 of Lecture Notes in Computer Science (Springer, 1992), pp. 81\u201391","DOI":"10.1007\/3-540-47555-9_7"},{"issue":"1","key":"9550_CR33","doi-asserted-by":"publisher","first-page":"58","DOI":"10.2307\/2308930","volume":"67","author":"DJ Newman","year":"1960","unstructured":"D.J. Newman, The double Dixie cup problem. Am. Math. Mon. 67(1), 58\u201361 (1960)","journal-title":"Am. Math. Mon."},{"key":"9550_CR34","doi-asserted-by":"crossref","unstructured":"K. Nyberg, Differentially uniform mappings for cryptography, in T. Helleseth, editor, Advances in Cryptology\u2014EUROCRYPT \u201993 (Springer, Berlin, 1994), pp. 55\u201364","DOI":"10.1007\/3-540-48285-7_6"},{"key":"9550_CR35","doi-asserted-by":"crossref","unstructured":"K. Nyberg, Linear approximation of block ciphers, in A. De\u00a0Santis, editor, Advances in Cryptology\u2014EUROCRYPT\u201994 (Springer, Berlin, 1995), pp. 439\u2013444","DOI":"10.1007\/BFb0053460"},{"issue":"3","key":"9550_CR36","doi-asserted-by":"publisher","first-page":"367","DOI":"10.1007\/s12095-018-0325-2","volume":"11","author":"K Nyberg","year":"2019","unstructured":"K. Nyberg, Affine linear cryptanalysis. Cryptogr. Commun. 11(3), 367\u2013377 (2019)","journal-title":"Cryptogr. Commun."},{"key":"9550_CR37","doi-asserted-by":"crossref","unstructured":"V. Rijmen, J. Daemen, B. Preneel, A. Bosselaers, E. De\u00a0Win, The cipher SHARK, in D. Gollmann, editor, Fast Software Encryption (Springer, Berlin, 1996), pp. 99\u2013111","DOI":"10.1007\/3-540-60865-6_47"},{"key":"9550_CR38","unstructured":"E. Takke, Conditional linear cryptanalysis of the advanced encryption standard. Master\u2019s thesis, Eindhoven University of Technology (2023)"},{"key":"9550_CR39","doi-asserted-by":"crossref","unstructured":"H. Wu, B. Preneel, AEGIS: a fast authenticated encryption algorithm, in T. Lange, K.E. Lauter, P. Lisonek, editors, Selected Areas in Cryptography\u2014SAC 2013\u201420th International Conference, Burnaby, BC, Canada, August 14\u201316, 2013, Revised Selected Papers, Volume 8282 of Lecture Notes in Computer Science (Springer, 2013), pp. 185\u2013201","DOI":"10.1007\/978-3-662-43414-7_10"}],"container-title":["Journal of Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-025-09550-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s00145-025-09550-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s00145-025-09550-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,28]],"date-time":"2025-10-28T03:16:24Z","timestamp":1761621384000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s00145-025-09550-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,8,13]]},"references-count":39,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2025,10]]}},"alternative-id":["9550"],"URL":"https:\/\/doi.org\/10.1007\/s00145-025-09550-9","relation":{},"ISSN":["0933-2790","1432-1378"],"issn-type":[{"type":"print","value":"0933-2790"},{"type":"electronic","value":"1432-1378"}],"subject":[],"published":{"date-parts":[[2025,8,13]]},"assertion":[{"value":"9 September 2024","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 June 2025","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 June 2025","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"13 August 2025","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"30"}}