{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T08:20:08Z","timestamp":1771489208703,"version":"3.50.1"},"reference-count":52,"publisher":"Springer Science and Business Media LLC","issue":"9","license":[{"start":{"date-parts":[[2021,7,8]],"date-time":"2021-07-08T00:00:00Z","timestamp":1625702400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,7,8]],"date-time":"2021-07-08T00:00:00Z","timestamp":1625702400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2021,9]]},"DOI":"10.1007\/s10623-021-00904-5","type":"journal-article","created":{"date-parts":[[2021,7,8]],"date-time":"2021-07-08T11:05:41Z","timestamp":1625742341000},"page":"2113-2155","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":10,"title":["Proposing an MILP-based method for the experimental verification of difference-based trails: application to SPECK, SIMECK"],"prefix":"10.1007","volume":"89","author":[{"given":"Sadegh","family":"Sadeghi","sequence":"first","affiliation":[]},{"given":"Vincent","family":"Rijmen","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6818-5342","authenticated-orcid":false,"given":"Nasour","family":"Bagheri","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,7,8]]},"reference":[{"issue":"4","key":"904_CR1","doi-asserted-by":"publisher","first-page":"99","DOI":"10.46586\/tosc.v2017.i4.99-129","volume":"2017","author":"A Abdelkhalek","year":"2017","unstructured":"Abdelkhalek A., Sasaki Y., Todo Y., Tolba M., Youssef A.M.: Milp modeling for (large) s-boxes to optimize probability of differential characteristics. IACR Trans. Symmetric Cryptol. 2017(4), 99\u2013129 (2017).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"904_CR2","doi-asserted-by":"crossref","unstructured":"Abed F., List E., Lucks S., Wenzel J.: Differential cryptanalysis of round-reduced Simon and Speck. In: International Workshop on Fast Software Encryption, pp. 525\u2013545. Springer (2014).","DOI":"10.1007\/978-3-662-46706-0_27"},{"key":"904_CR3","doi-asserted-by":"crossref","unstructured":"Ashur T., Liu Y.: Rotational cryptanalysis in the presence of constants. In: IACR Transactions on Symmetric Cryptology, pp. 57\u201370 (2016).","DOI":"10.46586\/tosc.v2016.i1.57-70"},{"key":"904_CR4","unstructured":"Aumasson J.-P., Henzen L., Meier W., Phan R.C.-W.: Sha-3 proposal blake. Submission to NIST, 92 (2008)."},{"key":"904_CR5","doi-asserted-by":"crossref","unstructured":"Beaulieu R., Treatman-Clark S., Shors D., Weeks, B., Smith, J., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In 2015 52nd ACM\/EDAC\/IEEE Design Automation Conference (DAC), pp. 1\u20136. IEEE (2015).","DOI":"10.1145\/2744769.2747946"},{"key":"904_CR6","doi-asserted-by":"crossref","unstructured":"Bernstein, D.\u00a0J.: The Salsa20 family of stream ciphers. In New stream cipher designs, pages 84\u201397. Springer, (2008).","DOI":"10.1007\/978-3-540-68351-3_8"},{"key":"904_CR7","doi-asserted-by":"crossref","unstructured":"Bernstein, D.\u00a0J., K\u00f6lbl, S., Lucks, S., Massolino, P.\u00a0M.\u00a0C., Mendel, F., Nawaz, K., Schneider, T., Schwabe, P., Standaert, F.-X., Todo, Y. et\u00a0al.: Gimli: a cross-platform permutation. In International Conference on Cryptographic Hardware and Embedded Systems, pages 299\u2013320. Springer, (2017).","DOI":"10.1007\/978-3-319-66787-4_15"},{"issue":"1","key":"904_CR8","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1007\/BF00630563","volume":"4","author":"E Biham","year":"1991","unstructured":"Biham E., Shamir A.: Differential cryptanalysis of des-like cryptosystems. Journal of CRYPTOLOGY 4(1), 3\u201372 (1991).","journal-title":"Journal of CRYPTOLOGY"},{"key":"904_CR9","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Lamberger, M., Mendel, F., Nikoli\u0107, I.: Second-order differential collisions for reduced sha-256. In International Conference on the Theory and Application of Cryptology and Information Security, pages 270\u2013287. Springer, (2011).","DOI":"10.1007\/978-3-642-25385-0_15"},{"key":"904_CR10","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Roy, A., Velichkov, V.: Differential analysis of block ciphers SIMON and SPECK. In International Workshop on Fast Software Encryption, pages 546\u2013570. Springer, (2014).","DOI":"10.1007\/978-3-662-46706-0_28"},{"key":"904_CR11","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Velichkov, V.: Automatic search for differential trails in ARX ciphers. In Cryptographers\u2019 Track at the RSA Conference, pages 227\u2013250. Springer, (2014).","DOI":"10.1007\/978-3-319-04852-9_12"},{"key":"904_CR12","doi-asserted-by":"crossref","unstructured":"Courtois, N.\u00a0T., Bard, G.\u00a0V.: Algebraic cryptanalysis of the data encryption standard. In IMA International Conference on Cryptography and Coding, pages 152\u2013169. Springer, (2007).","DOI":"10.1007\/978-3-540-77272-9_10"},{"key":"904_CR13","first-page":"689","volume":"2016","author":"T Cui","year":"2016","unstructured":"Cui T., Jia K., Fu K., Chen S., Wang M.: New Automatic Search Tool for Impossible Differentials and Zero-Correlation Linear Approximations. IACR Cryptology ePrint Archive 2016, 689 (2016).","journal-title":"IACR Cryptology ePrint Archive"},{"key":"904_CR14","doi-asserted-by":"crossref","unstructured":"Dinur, I.: Improved differential cryptanalysis of round-reduced speck. In International Workshop on Selected Areas in Cryptography, pages 147\u2013164. Springer, (2014).","DOI":"10.1007\/978-3-319-13051-4_9"},{"key":"904_CR15","doi-asserted-by":"crossref","unstructured":"ElSheikh, M., Abdelkhalek, A., Youssef, A.\u00a0M.: On MILP-Based Automatic Search for Differential Trails Through Modular Additions with Application to Bel-T. In Progress in Cryptology-AFRICACRYPT 2019 - 11th International Conference on Cryptology in Africa, Rabat, Morocco, July 9-11, 2019, Proceedings, pages 273\u2013296, (2019).","DOI":"10.1007\/978-3-030-23696-0_14"},{"key":"904_CR16","unstructured":"Ferguson, N., Lucks, S., Schneier, B., Whiting, D., Bellare, M., Kohno, T., Callas, J., Walker, J.: The Skein hash function family. Submission to NIST (round 3), 7(7.5):3, (2010)."},{"key":"904_CR17","doi-asserted-by":"crossref","unstructured":"Fu, K., Wang, M., Guo, Y., Sun, S., Hu, L.: MILP-based automatic search algorithms for differential and linear trails for speck. In International Conference on Fast Software Encryption, pages 268\u2013288. Springer, (2016).","DOI":"10.1007\/978-3-662-52993-5_14"},{"key":"904_CR18","doi-asserted-by":"crossref","unstructured":"G\u00e9rault, D., Lafourcade, P., Minier, M., Solnon, C.: Computing aes related-key differential characteristics with constraint programming. Artificial Intelligence, page 103183, (2019).","DOI":"10.1016\/j.artint.2019.103183"},{"key":"904_CR19","doi-asserted-by":"crossref","unstructured":"Gerault, D., Minier, M., Solnon, C.: Constraint programming models for chosen key differential cryptanalysis. In International Conference on Principles and Practice of Constraint Programming, pages 584\u2013601. Springer, (2016).","DOI":"10.1007\/978-3-319-44953-1_37"},{"key":"904_CR20","unstructured":"Gurobi\u00a0Optimization, L.: Gurobi optimizer reference manual, (2019)."},{"key":"904_CR21","doi-asserted-by":"crossref","unstructured":"Hadipour, H., Sadeghi, S., Niknam, M.\u00a0M., Song, L., Bagheri, N.: Comprehensive security analysis of craft. IACR Transactions on Symmetric Cryptology, pages 290\u2013317, (2019).","DOI":"10.46586\/tosc.v2019.i4.290-317"},{"key":"904_CR22","doi-asserted-by":"crossref","unstructured":"Hong, D., Lee, J.-K., Kim, D.-C., Kwon, D., Ryu, K.\u00a0H., Lee, D.-G.: LEA: A 128-bit block cipher for fast encryption on common processors. In International Workshop on Information Security Applications, pages 3\u201327. Springer, (2013).","DOI":"10.1007\/978-3-319-05149-9_1"},{"key":"904_CR23","doi-asserted-by":"crossref","unstructured":"Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B.-S., Lee, C., Chang, D., Lee, J., Jeong, K. et\u00a0al.: HIGHT: A new block cipher suitable for low-resource device. In International Workshop on Cryptographic Hardware and Embedded Systems, pages 46\u201359. Springer, (2006).","DOI":"10.1007\/11894063_4"},{"key":"904_CR24","doi-asserted-by":"crossref","unstructured":"Huang, M., Wang, L.: Automatic tool for searching for differential characteristics in arx ciphers and applications. In International Conference on Cryptology in India, pages 115\u2013138. Springer, (2019).","DOI":"10.1007\/978-3-030-35423-7_6"},{"key":"904_CR25","doi-asserted-by":"crossref","unstructured":"Khovratovich, D., Nikoli\u0107, I.: Rotational cryptanalysis of ARX. In International Workshop on Fast Software Encryption, pages 333\u2013346. Springer, (2010).","DOI":"10.1007\/978-3-642-13858-4_19"},{"key":"904_CR26","doi-asserted-by":"crossref","unstructured":"Khovratovich, D., Nikoli\u0107, I., Pieprzyk, J., Soko\u0142owski, P., Steinfeld, R.: Rotational cryptanalysis of ARX revisited. In International Workshop on Fast Software Encryption, pages 519\u2013536. Springer, (2015).","DOI":"10.1007\/978-3-662-48116-5_25"},{"key":"904_CR27","doi-asserted-by":"crossref","unstructured":"Knudsen, L.\u00a0R., Rijmen, V., Rivest, R.\u00a0L., Robshaw, M.\u00a0J.: On the design and security of RC2. In International Workshop on Fast Software Encryption, pages 206\u2013221. Springer, (1998).","DOI":"10.1007\/3-540-69710-1_14"},{"key":"904_CR28","unstructured":"K\u00f6lbl, S.: Cryptosmt: An easy to use tool for cryptanalysis of symmetric primitives (2015)."},{"key":"904_CR29","doi-asserted-by":"crossref","unstructured":"Leurent, G.: Analysis of differential attacks in arx constructions. In International Conference on the Theory and Application of Cryptology and Information Security, pages 226\u2013243. Springer, (2012).","DOI":"10.1007\/978-3-642-34961-4_15"},{"key":"904_CR30","doi-asserted-by":"crossref","unstructured":"Leurent, G., Roy, A.: Boomerang attacks on hash function using auxiliary differentials. In Cryptographers\u2019 Track at the RSA Conference, pages 215\u2013230. Springer, (2012).","DOI":"10.1007\/978-3-642-27954-6_14"},{"key":"904_CR31","doi-asserted-by":"crossref","unstructured":"Lipmaa, H., Moriai, S.: Efficient algorithms for computing differential properties of addition. In International Workshop on Fast Software Encryption, pages 336\u2013350. Springer, (2001).","DOI":"10.1007\/3-540-45473-X_28"},{"key":"904_CR32","doi-asserted-by":"crossref","unstructured":"Liu, F., Isobe, T., Meier, W.: Automatic verification of differential characteristics: Application to reduced gimli. IACR-CRYPTO-2020, (2020). https:\/\/eprint.iacr.org\/2020\/591.","DOI":"10.1007\/978-3-030-56877-1_8"},{"key":"904_CR33","doi-asserted-by":"crossref","unstructured":"Liu, Y., De\u00a0Witte, G., Ranea, A., Ashur, T.: Rotational-XOR cryptanalysis of reduced-round SPECK. IACR Transactions on Symmetric Cryptology, pages 24\u201336, (2017).","DOI":"10.46586\/tosc.v2017.i3.24-36"},{"key":"904_CR34","doi-asserted-by":"crossref","unstructured":"Liu, Y., Wang, Q., Rijmen, V.: Automatic search of linear trails in arx with applications to speck and chaskey. In International Conference on Applied Cryptography and Network Security, pages 485\u2013499. Springer, (2016).","DOI":"10.1007\/978-3-319-39555-5_26"},{"key":"904_CR35","doi-asserted-by":"crossref","unstructured":"Lu, J., Liu, Y., Ashur, T., Sun, B., Li, C.: Rotational-xor cryptanalysis of simon-like block ciphers. Information Security and Privacy-2020th Australasian Conference, ACIS, (2020).","DOI":"10.1007\/978-3-030-55304-3_6"},{"key":"904_CR36","doi-asserted-by":"crossref","unstructured":"Mendel, F., Nad, T., Schl\u00e4ffer, M.: Finding sha-2 characteristics: searching through a minefield of contradictions. In International Conference on the Theory and Application of Cryptology and Information Security, pages 288\u2013307. Springer, (2011).","DOI":"10.1007\/978-3-642-25385-0_16"},{"key":"904_CR37","doi-asserted-by":"crossref","unstructured":"Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In International Conference on Information Security and Cryptology, pages 57\u201376. Springer, (2011).","DOI":"10.1007\/978-3-642-34704-7_5"},{"key":"904_CR38","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1016\/j.ipl.2019.02.009","volume":"147","author":"S Sadeghi","year":"2019","unstructured":"Sadeghi S., Bagheri N.: Security analysis of SIMECK block cipher against related-key impossible differential. Information Processing Letters 147, 14\u201321 (2019).","journal-title":"Information Processing Letters"},{"issue":"3","key":"904_CR39","doi-asserted-by":"publisher","first-page":"124","DOI":"10.46586\/tosc.v2018.i3.124-162","volume":"2018","author":"S Sadeghi","year":"2018","unstructured":"Sadeghi S., Mohammadi T., Bagheri N.: Cryptanalysis of Reduced round SKINNY Block Cipher. IACR Trans. Symmetric Cryptol. 2018(3), 124\u2013162 (2018).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"904_CR40","doi-asserted-by":"crossref","unstructured":"Sasaki, Y.: Boomerang distinguishers on md4-family: First practical results on full 5-pass haval. In International Workshop on Selected Areas in Cryptography, pages 1\u201318. Springer, (2011).","DOI":"10.1007\/978-3-642-28496-0_1"},{"key":"904_CR41","doi-asserted-by":"crossref","unstructured":"Sasaki, Y., Todo, Y.: New impossible differential search tool from design and cryptanalysis aspects. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 185\u2013215. Springer, (2017).","DOI":"10.1007\/978-3-319-56617-7_7"},{"key":"904_CR42","doi-asserted-by":"crossref","unstructured":"Song, L., Huang, Z., Yang, Q.: Automatic differential analysis of ARX block ciphers with application to SPECK and LEA. In Australasian Conference on Information Security and Privacy, pages 379\u2013394. Springer, (2016).","DOI":"10.1007\/978-3-319-40367-0_24"},{"key":"904_CR43","unstructured":"Stein, W. et\u00a0al.: Sage: Open source mathematical software. 7 December 2009, (2008)."},{"key":"904_CR44","doi-asserted-by":"crossref","unstructured":"Sun, S., Gerault, D., Lafourcade, P., Yang, Q., Todo, Y., Qiao, K., Hu, L.: Analysis of aes, skinny, and others with constraint programming. IACR transactions on symmetric cryptology, pages 281\u2013306, (2017).","DOI":"10.46586\/tosc.v2017.i1.281-306"},{"key":"904_CR45","first-page":"2014","volume":"747","author":"S Sun","year":"2014","unstructured":"Sun S., Hu L., Wang M., Wang P., Qiao K., Ma X., Shi D., Song L., Fu K.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (related-key) differential and linear characteristics with predefined properties. Cryptology ePrint Archive, Report 747, 2014 (2014).","journal-title":"Cryptology ePrint Archive, Report"},{"key":"904_CR46","doi-asserted-by":"crossref","unstructured":"S.\u00a0Sun, L.\u00a0Hu, P.\u00a0Wang, K.\u00a0Qiao, X.\u00a0Ma, and L.\u00a0Song. Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES (L) and other bit-oriented block ciphers. In International Conference on the Theory and Application of Cryptology and Information Security, pages 158\u2013178. Springer, 2014.","DOI":"10.1007\/978-3-662-45611-8_9"},{"key":"904_CR47","doi-asserted-by":"crossref","unstructured":"Wang, G., Keller, N., Dunkelman, O.: The delicate issues of addition with respect to xor differences. In International Workshop on Selected Areas in Cryptography, pages 212\u2013231. Springer, (2007).","DOI":"10.1007\/978-3-540-77360-3_14"},{"key":"904_CR48","first-page":"551","volume":"2011","author":"S Wu","year":"2011","unstructured":"Wu S., Wang M.: Security evaluation against differential cryptanalysis for block cipher structures. IACR Cryptology ePrint Archive 2011, 551 (2011).","journal-title":"IACR Cryptology ePrint Archive"},{"key":"904_CR49","doi-asserted-by":"crossref","unstructured":"Xin, W., Liu, Y., Sun, B., Li, C.: Improved cryptanalysis on siphash. In International Conference on Cryptology and Network Security, pages 61\u201379. Springer, (2019).","DOI":"10.1007\/978-3-030-31578-8_4"},{"key":"904_CR50","doi-asserted-by":"crossref","unstructured":"Yang, G., Zhu, B., Suder, V., Aagaard, M.\u00a0D., Gong, G.: The simeck family of lightweight block ciphers. In International Workshop on Cryptographic Hardware and Embedded Systems, pages 307\u2013329. Springer, (2015).","DOI":"10.1007\/978-3-662-48324-4_16"},{"key":"904_CR51","doi-asserted-by":"crossref","unstructured":"Yao, Y., Zhang, B., Wu, W.: Automatic search for linear trails of the SPECK family. In International Conference on Information Security, pages 158\u2013176. Springer, (2015).","DOI":"10.1007\/978-3-319-23318-5_9"},{"key":"904_CR52","doi-asserted-by":"crossref","unstructured":"Zhou, C., Zhang, W., Ding, T., Xiang, Z.: Improving the milp-based security evaluation algorithm against differential\/linear cryptanalysis using a divide-and-conquer approach. IACR Transactions on Symmetric Cryptology, pages 438\u2013469, (2019).","DOI":"10.46586\/tosc.v2019.i4.438-469"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-021-00904-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10623-021-00904-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-021-00904-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,8,19]],"date-time":"2021-08-19T13:10:41Z","timestamp":1629378641000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10623-021-00904-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,7,8]]},"references-count":52,"journal-issue":{"issue":"9","published-print":{"date-parts":[[2021,9]]}},"alternative-id":["904"],"URL":"https:\/\/doi.org\/10.1007\/s10623-021-00904-5","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,7,8]]},"assertion":[{"value":"3 August 2020","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"26 May 2021","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 June 2021","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 July 2021","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}