{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,19]],"date-time":"2025-09-19T08:12:01Z","timestamp":1758269521082,"version":"3.37.3"},"reference-count":35,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2018,8,23]],"date-time":"2018-08-23T00:00:00Z","timestamp":1534982400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2019,6]]},"DOI":"10.1007\/s10623-018-0526-x","type":"journal-article","created":{"date-parts":[[2018,8,23]],"date-time":"2018-08-23T14:43:31Z","timestamp":1535035411000},"page":"1271-1296","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":6,"title":["MILP-aided cube-attack-like cryptanalysis on Keccak Keyed modes"],"prefix":"10.1007","volume":"87","author":[{"given":"Wenquan","family":"Bi","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6723-6013","authenticated-orcid":false,"given":"Xiaoyang","family":"Dong","sequence":"additional","affiliation":[]},{"given":"Zheng","family":"Li","sequence":"additional","affiliation":[]},{"given":"Rui","family":"Zong","sequence":"additional","affiliation":[]},{"given":"Xiaoyun","family":"Wang","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,8,23]]},"reference":[{"key":"526_CR1","unstructured":"Berton G., Daemen J., Peeters M., Assche G.V., Keer R.V.: CAESAR submission: Ketje v2 (2016). http:\/\/competitions.cr.yp.to\/round3\/ketjev2.pdf . Accessed 01 Aug 2018."},{"key":"526_CR2","unstructured":"Berton G., Daemen J., Peeters M., Assche G.V., Keer R.V.: CAESAR submission: Keyak v2 (2016). http:\/\/competitions.cr.yp.to\/round3\/keyakv22.pdf ."},{"key":"526_CR3","unstructured":"Berton G., Daemen J., Peeters M., Assche G.V.: The Keccak sponge function family. http:\/\/keccak.noekeon.org\/ ."},{"key":"526_CR4","doi-asserted-by":"crossref","unstructured":"Bertoni G., Daemen J., Peeters M., Assche G.V.: Duplexing the sponge: singlepass authenticated encryption and other applications. In: SAC 2011, pp. 320\u2013337 (2011).","DOI":"10.1007\/978-3-642-28496-0_19"},{"key":"526_CR5","doi-asserted-by":"publisher","first-page":"1295","DOI":"10.1007\/s10623-017-0396-7","volume":"86","author":"W Bi","year":"2017","unstructured":"Bi W., Li Z., Dong X., Li L., Wang X.: Conditional cube attack on roundreduced river keyak. Des. Codes Cryptogr. 86, 1295\u20131310 (2017).","journal-title":"Des. Codes Cryptogr."},{"key":"526_CR6","unstructured":"Cui T., Jia K., Fu K., Chen S., Wang M.: New automatic search tool for impossible differentials and zero-correlation linear approximations. In: IACR Cryptology ePrint Archive, 2016\/689 (2016)."},{"key":"526_CR7","unstructured":"Daemen J., Van Assche G.: Differential propagation analysis of Keccak. In: FSE 2012, vol. 7549, pp. 422\u2013441. Springer, New York (2012)."},{"key":"526_CR8","doi-asserted-by":"crossref","unstructured":"Dinur I., Shamir A.: Cube attacks on tweakable black box polynomials. In: EUROCRYPT 2009, pp. 278\u2013299 (2009).","DOI":"10.1007\/978-3-642-01001-9_16"},{"key":"526_CR9","doi-asserted-by":"crossref","unstructured":"Dinur I., Dunkelman O., Shamir A.: New attacks on Keccak-224 and Keccak-256. In: FSE 2012. pp. 442\u2013461. Springer, New York (2012).","DOI":"10.1007\/978-3-642-34047-5_25"},{"key":"526_CR10","doi-asserted-by":"crossref","unstructured":"Dinur I., Dunkelman O., Shamir A.: Collision attacks on up to 5 rounds of SHA-3 using generalized internal differentials. In: FSE 2013. pp. 219\u2013240. Springer, New York (2013).","DOI":"10.1007\/978-3-662-43933-3_12"},{"key":"526_CR11","doi-asserted-by":"crossref","unstructured":"Dinur I., Morawiecki P., Pieprzyk J., Srebrny M., Straus M.: Cube attacks and cube-attack-like cryptanalysis on the round-reduced Keccak sponge function. In: EUROCRYPT 2015, pp. 733\u2013761 (2015).","DOI":"10.1007\/978-3-662-46800-5_28"},{"key":"526_CR12","doi-asserted-by":"crossref","unstructured":"Dobraunig C., Eichlseder M., Mendel F.: Heuristic tool for linear cryptanalysis with applications to CAESAR candidates. In: ASIACRYPT 2015, pp. 490\u2013509 (2015).","DOI":"10.1007\/978-3-662-48800-3_20"},{"key":"526_CR13","doi-asserted-by":"crossref","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Cryptanalysis of Ascon. In: CT-RSA 2015, pp. 371\u2013387 (2015).","DOI":"10.1007\/978-3-319-16715-2_20"},{"key":"526_CR14","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Ascon v1. 2. Submission to the CAESAR Competition (2016)."},{"key":"526_CR15","doi-asserted-by":"crossref","first-page":"259","DOI":"10.46586\/tosc.v2017.i1.259-280","volume":"2017","author":"X Dong","year":"2017","unstructured":"Dong X., Li Z., Wang X., Qin L.: Cube-like attack on round-reduced initialization of Ketje Sr. IACR Trans. Symmetric Cryptol. 2017, 259\u2013280 (2017).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"526_CR16","doi-asserted-by":"crossref","unstructured":"Duc A., Guo J., Peyrin T., Wei L.: Unaligned rebound attack: application to Keccak. In: FSE 2012. pp. 402\u2013421. Springer, New York (2012).","DOI":"10.1007\/978-3-642-34047-5_23"},{"key":"526_CR17","unstructured":"Guo J., Liu M., Song L.: Linear structures: applications to cryptanalysis of round-reduced Keccak. In: ASIACRYPT 2016, Part I. pp. 249\u2013274. Springer, New York (2016)."},{"key":"526_CR18","unstructured":"http:\/\/www.gurobi.com\/ ."},{"key":"526_CR19","doi-asserted-by":"crossref","unstructured":"Huang S., Wang X., Xu G., Wang M., Zhao J.: Conditional cube attack on reduced-round Keccak sponge function. In: EUROCRYPT 2017, pp. 259\u2013288 (2017).","DOI":"10.1007\/978-3-319-56614-6_9"},{"key":"526_CR20","unstructured":"Li Z., Bi W., Dong X., Wang X.: Improved conditional cube attacks on Keccak keyed modes with milp method. Cryptology ePrint Archive, Report 2017\/804 (2017). http:\/\/eprint.iacr.org\/2017\/804 ."},{"issue":"1","key":"526_CR21","doi-asserted-by":"crossref","first-page":"175","DOI":"10.46586\/tosc.v2017.i1.175-202","volume":"2017","author":"Z Li","year":"2017","unstructured":"Li Z., Dong X., Wang X.: Conditional cube attack on round-reduced ASCON. IACR Trans. Symmetric Cryptol. 2017(1), 175\u2013202 (2017).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"526_CR22","unstructured":"Mella S., Daemen J., Assche G.V.: New techniques for trail bounds and application to differential trails in Keccak. IACR Trans. Symmetric Cryptol. 2017(1), 329\u2013357 (2017). http:\/\/tosc.iacr.org\/index.php\/ToSC\/article\/view\/597 ."},{"key":"526_CR23","doi-asserted-by":"crossref","unstructured":"Morawiecki P., Pieprzyk J., Srebrny M.: Rotational cryptanalysis of roundreduced Keccak. In: FSE2013. pp. 241\u2013262. Springer, New York (2013).","DOI":"10.1007\/978-3-662-43933-3_13"},{"key":"526_CR24","doi-asserted-by":"crossref","unstructured":"Mouha N., Wang Q., Gu D., Preneel B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Inscrypt 2011. pp. 57\u201376. Springer, New York (2011).","DOI":"10.1007\/978-3-642-34704-7_5"},{"key":"526_CR25","doi-asserted-by":"crossref","unstructured":"Qiao K., Song L., Liu M., Guo J.: New collision attacks on round-reduced Keccak. In: EUROCRYPT 2017. pp. 216\u2013243. Springer, New York (2017).","DOI":"10.1007\/978-3-319-56617-7_8"},{"key":"526_CR26","doi-asserted-by":"crossref","unstructured":"Sasaki Y., Todo Y.: New impossible differential search tool from design and cryptanalysis aspects\u2014revealing structural properties of several ciphers. In: EUROCRYPT 2017, Part III. pp. 185\u2013215 (2017).","DOI":"10.1007\/978-3-319-56617-7_7"},{"key":"526_CR27","doi-asserted-by":"crossref","unstructured":"Song L., Liao G., Guo J.: Non-full sbox linearization: applications to collision attacks on round-reduced Keccak. In: CRYPTO 2017. pp. 428\u2013451. Springer, New York (2017).","DOI":"10.1007\/978-3-319-63715-0_15"},{"key":"526_CR28","unstructured":"Song L., Guo J., Shi D.: New milp modeling: improved conditional cube attacks to Keccak-based constructions. Cryptology ePrint Archive, Report 2017\/1030 (2017). https:\/\/eprint.iacr.org\/2017\/1030.pdf ."},{"key":"526_CR29","unstructured":"Sun S., Hu L., Wang P., Qiao K., Ma X., Song L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: ASIACRYPT 2014. pp. 158\u2013178. Springer, New York (2014)."},{"key":"526_CR30","doi-asserted-by":"crossref","unstructured":"Wang X., Yu H.: How to break MD5 and other hash functions. In: EUROCRYPT 2005. pp. 19\u201335. Springer, New York (2005).","DOI":"10.1007\/11426639_2"},{"key":"526_CR31","doi-asserted-by":"crossref","unstructured":"Wang X., Yin Y.L., Yu H.: Finding Collisions in the Full SHA-1. In: CRYPTO 2005. pp. 17\u201336. Springer, New York (2005).","DOI":"10.1007\/11535218_2"},{"key":"526_CR32","unstructured":"Xiang Z., Zhang W., Bao Z., Lin D.: Applying milp method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: ASIACRYPT 2016, Part I. pp. 648\u2013678. Springer, New York (2016)."},{"key":"526_CR33","unstructured":"Ye C., Tian T.: New insights into divide-and-conquer attacks on the round-reduced Keccak-mac. Cryptology ePrint Archive, Report 2018\/059 (2018). https:\/\/eprint.iacr.org\/2018\/059.pdf ."},{"key":"526_CR34","unstructured":"Zong R., Dong X., Wang X.: Related-tweakey impossible differential attack on reduced-round Deoxys-BC-25 cryptology ePrint Archive, Report 2018\/680 (2018). https:\/\/eprint.iacr.org\/2018\/680 ."},{"key":"526_CR35","unstructured":"Zong R., Dong X., Wang X.: MILP-paided related-tweak\/key impossible differential attack and its applications to QARMA, Joltik-BC. Cryptology ePrint Archive, Report 2018\/142 (2018). https:\/\/eprint.iacr.org\/2018\/142 ."}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-018-0526-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s10623-018-0526-x\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-018-0526-x.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,8,30]],"date-time":"2022-08-30T03:08:58Z","timestamp":1661828938000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s10623-018-0526-x"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,8,23]]},"references-count":35,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2019,6]]}},"alternative-id":["526"],"URL":"https:\/\/doi.org\/10.1007\/s10623-018-0526-x","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"type":"print","value":"0925-1022"},{"type":"electronic","value":"1573-7586"}],"subject":[],"published":{"date-parts":[[2018,8,23]]},"assertion":[{"value":"19 January 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 July 2018","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"24 July 2018","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 August 2018","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}