{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,26]],"date-time":"2025-10-26T15:09:42Z","timestamp":1761491382063,"version":"3.37.3"},"reference-count":18,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2022,3,11]],"date-time":"2022-03-11T00:00:00Z","timestamp":1646956800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,3,11]],"date-time":"2022-03-11T00:00:00Z","timestamp":1646956800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100000781","name":"European Research Council","doi-asserted-by":"publisher","award":["757731"],"award-info":[{"award-number":["757731"]}],"id":[{"id":"10.13039\/501100000781","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100003977","name":"Israel Science Foundation","doi-asserted-by":"publisher","award":["880\/18 & 3380\/19"],"award-info":[{"award-number":["880\/18 & 3380\/19"]}],"id":[{"id":"10.13039\/501100003977","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2022,4]]},"DOI":"10.1007\/s10623-022-01023-5","type":"journal-article","created":{"date-parts":[[2022,3,11]],"date-time":"2022-03-11T11:05:04Z","timestamp":1646996704000},"page":"983-1007","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Practical key recovery attacks on FlexAEAD"],"prefix":"10.1007","volume":"90","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-5799-2635","authenticated-orcid":false,"given":"Orr","family":"Dunkelman","sequence":"first","affiliation":[]},{"given":"Maria","family":"Eichlseder","sequence":"additional","affiliation":[]},{"given":"Daniel","family":"Kales","sequence":"additional","affiliation":[]},{"given":"Nathan","family":"Keller","sequence":"additional","affiliation":[]},{"given":"Ga\u00ebtan","family":"Leurent","sequence":"additional","affiliation":[]},{"given":"Markus","family":"Schofnegger","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,3,11]]},"reference":[{"key":"1023_CR1","unstructured":"Bertoni G., Daemen J., Peeters M., Van Assche G., Van Keer R.: Ketje v2. Submission to CAESAR: competition for authenticated encryption. Security, applicability, and robustness (Round 3) (2014). http:\/\/competitions.cr.yp.to\/round3\/ketjev2.pdf."},{"key":"1023_CR2","doi-asserted-by":"crossref","unstructured":"Daemen J., Rijmen V.: The Design of Rijndael: AES\u2014The Advanced Encryption Standard. Information Security and Cryptography. Springer, New York (2002).","DOI":"10.1007\/978-3-662-04722-4"},{"key":"1023_CR3","unstructured":"do\u00a0Nascimento E.M.: Algoritmo de Criptografia Leve com Utiliza\u00e7\u00e3o de Autentica\u00e7\u00e3o. Ph.D. thesis, Instituto Militar de Engenharia, Rio de Janeiro (2017). http:\/\/www.comp.ime.eb.br\/pos\/arquivos\/publicacoes\/dissertacoes\/2017\/2017-Eduardo.pdf."},{"key":"1023_CR4","doi-asserted-by":"publisher","unstructured":"do\u00a0Nascimento E.M., Xex\u00e9o J.A.M.: A flexible authenticated lightweight cipher using Even-Mansour construction. In: IEEE International Conference on Communications\u2014ICC 2017. pp.\u00a01\u20136. IEEE (2017). https:\/\/doi.org\/10.1109\/ICC.2017.7996734.","DOI":"10.1109\/ICC.2017.7996734"},{"key":"1023_CR5","unstructured":"do\u00a0Nascimento E.M., Xex\u00e9o J.A.M.: A lightweight cipher with integrated authentication. In: Simp\u00f3sio Brasileiro em Seguran\u00e7a da Informa\u00e7\u00e3o e de Sistemas Computacionais \u2013 SBSEG. pp. 25\u201332. Sociedade Brasileira de Computa\u00e7\u00e3o (2018). https:\/\/portaldeconteudo.sbc.org.br\/index.php\/sbseg_estendido\/article\/view\/4138."},{"key":"1023_CR6","unstructured":"do\u00a0Nascimento E.M., Xex\u00e9o J.A.M.: FlexAEAD. Submission to Round 1 of the NIST lightweight cryptography standardization process (2019). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/spec-doc\/FlexAEAD-spec.pdf."},{"key":"1023_CR7","unstructured":"do\u00a0Nascimento E.M., Xex\u00e9o J.A.M.: Official comment: FlexAEAD. Posting on the NIST LWC mailing list (2019). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/official-comments\/FlexAEAD-official-comment.pdf."},{"key":"1023_CR8","doi-asserted-by":"publisher","unstructured":"Eichlseder M., Kales D., Schofnegger M.: Forgery attacks on flexae and flexaead. In: Albrecht, M. (ed.) Cryptography and Coding\u201417th IMA International Conference, IMACC 2019, Oxford, UK, December 16-18, 2019, Proceedings. Lecture Notes in Computer Science, vol. 11929, pp. 200\u2013214. Springer (2019). https:\/\/doi.org\/10.1007\/978-3-030-35199-1_10.","DOI":"10.1007\/978-3-030-35199-1_10"},{"key":"1023_CR9","doi-asserted-by":"publisher","unstructured":"Jutla C.S.: Encryption modes with almost free message integrity. In: Pfitzmann, B. (ed.) Advances in Cryptology\u2014EUROCRYPT 2001. LNCS, vol.\u00a02045, pp. 529\u2013544. Springer, New York (2001). https:\/\/doi.org\/10.1007\/3-540-44987-6_32.","DOI":"10.1007\/3-540-44987-6_32"},{"issue":"4","key":"1023_CR10","doi-asserted-by":"publisher","first-page":"547","DOI":"10.1007\/s00145-008-9024-z","volume":"21","author":"CS Jutla","year":"2008","unstructured":"Jutla C.S.: Encryption modes with almost free message integrity. J. Cryptol. 21(4), 547\u2013578 (2008). https:\/\/doi.org\/10.1007\/s00145-008-9024-z.","journal-title":"J. Cryptol."},{"issue":"10","key":"1023_CR11","doi-asserted-by":"publisher","first-page":"747","DOI":"10.1109\/TC.1979.1675242","volume":"28","author":"JB Kam","year":"1979","unstructured":"Kam J.B., Davida G.I.: Structured design of substitution-permutation encryption networks. IEEE Trans. Comput. 28(10), 747\u2013753 (1979). https:\/\/doi.org\/10.1109\/TC.1979.1675242.","journal-title":"IEEE Trans. Comput."},{"key":"1023_CR12","unstructured":"M\u00e8ge A.: Official comment: FlexAEAD. Posting on the NIST LWC mailing list. https:\/\/groups.google.com\/a\/list.nist.gov\/d\/msg\/lwc-forum\/DPQVEJ5oBeU\/YXW0QjfjBQAJ."},{"key":"1023_CR13","doi-asserted-by":"publisher","unstructured":"Mouha N., Wang Q., Gu D., Preneel B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C., Yung, M., Lin, D. (eds.) Information Security and Cryptology\u2014Inscrypt 2011. LNCS, vol.\u00a07537, pp. 57\u201376. Springer, New York (2011). https:\/\/doi.org\/10.1007\/978-3-642-34704-7_5.","DOI":"10.1007\/978-3-642-34704-7_5"},{"key":"1023_CR14","unstructured":"National Institute of Standards and Technology (NIST): lightweight cryptography standardization process (2019). https:\/\/csrc.nist.gov\/projects\/lightweight-cryptography."},{"key":"1023_CR15","unstructured":"National Institute of Standards and Technology (NIST): status report on the first round of the nist lightweight cryptography standardization process (2019). https:\/\/nvlpubs.nist.gov\/nistpubs\/ir\/2019\/NIST.IR.8268.pdf."},{"key":"1023_CR16","doi-asserted-by":"publisher","unstructured":"Rahman M., Saha D., Paul G.: Cryptanalysis of FlexAEAD. In: Nitaj, A., Youssef, A.M. (eds.) Progress in Cryptology\u2014AFRICACRYPT 2020\u201412th International Conference on Cryptology in Africa, Cairo, Egypt, July 20-22, 2020, Proceedings. Lecture Notes in Computer Science, vol. 12174, pp. 152\u2013171. Springer (2020). https:\/\/doi.org\/10.1007\/978-3-030-51938-4_8.","DOI":"10.1007\/978-3-030-51938-4_8"},{"key":"1023_CR17","unstructured":"Wu H., Preneel B.: AEGIS v1.1. Submission to CAESAR: competition for authenticated encryption. Security, applicability, and robustness (Round 3 and Final Portfolio) (2014). http:\/\/competitions.cr.yp.to\/round3\/aegisv11.pdf."},{"key":"1023_CR18","unstructured":"Wu S., Wang M.: Security evaluation against differential cryptanalysis for block cipher structures. IACR Cryptology ePrint Archive, Report 2011\/551 (2011)."}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-022-01023-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10623-022-01023-5\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-022-01023-5.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,3,25]],"date-time":"2022-03-25T19:15:26Z","timestamp":1648235726000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10623-022-01023-5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,3,11]]},"references-count":18,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2022,4]]}},"alternative-id":["1023"],"URL":"https:\/\/doi.org\/10.1007\/s10623-022-01023-5","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"type":"print","value":"0925-1022"},{"type":"electronic","value":"1573-7586"}],"subject":[],"published":{"date-parts":[[2022,3,11]]},"assertion":[{"value":"27 June 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 February 2022","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 February 2022","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 March 2022","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}