{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,9]],"date-time":"2026-01-09T21:51:23Z","timestamp":1767995483509,"version":"3.49.0"},"reference-count":43,"publisher":"Springer Science and Business Media LLC","issue":"6","license":[{"start":{"date-parts":[[2022,5,25]],"date-time":"2022-05-25T00:00:00Z","timestamp":1653436800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,5,25]],"date-time":"2022-05-25T00:00:00Z","timestamp":1653436800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2022,6]]},"DOI":"10.1007\/s10623-022-01045-z","type":"journal-article","created":{"date-parts":[[2022,5,25]],"date-time":"2022-05-25T12:02:31Z","timestamp":1653480151000},"page":"1381-1425","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["$$\\mathsf {CENCPP}^*$$: beyond-birthday-secure encryption from public permutations"],"prefix":"10.1007","volume":"90","author":[{"given":"Arghya","family":"Bhattacharjee","sequence":"first","affiliation":[]},{"given":"Avijit","family":"Dutta","sequence":"additional","affiliation":[]},{"given":"Eik","family":"List","sequence":"additional","affiliation":[]},{"given":"Mridul","family":"Nandi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,5,25]]},"reference":[{"key":"1045_CR1","unstructured":"Bernstein D.J.: Salsa20 specification. eSTREAM Project algorithm description (2005)."},{"issue":"4","key":"1045_CR2","doi-asserted-by":"publisher","first-page":"1","DOI":"10.46586\/tosc.v2017.i4.1-38","volume":"2017","author":"G Bertoni","year":"2017","unstructured":"Bertoni G., Daemen J., Hoffert S., Peeters M., Van Assche G., Van Keer R.: Farfalle: parallel permutation-based cryptography. IACR Trans. Symmetric Cryptol. 2017(4), 1\u201338 (2017).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR3","doi-asserted-by":"crossref","unstructured":"Bertoni G., Daemen J., Peeters M., Van Assche G.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: Miri A., Vaudenay S. (eds.) SAC, vol. 7118 of LNCS, pp. 320\u2013337. Springer (2011).","DOI":"10.1007\/978-3-642-28496-0_19"},{"issue":"1","key":"1045_CR4","doi-asserted-by":"publisher","first-page":"5","DOI":"10.46586\/tosc.v2020.iS1.5-30","volume":"2020","author":"T Beyne","year":"2020","unstructured":"Beyne T., Chen Y.L., Dobraunig C., Mennink B.: Dumbo, jumbo, and delirium: parallel authenticated encryption for the lightweight circus. IACR Trans. Symmetric Cryptol. 2020(1), 5\u201330 (2020).","journal-title":"IACR Trans. Symmetric Cryptol."},{"issue":"1","key":"1045_CR5","doi-asserted-by":"publisher","first-page":"314","DOI":"10.46586\/tosc.v2018.i1.314-335","volume":"2018","author":"S Bhattacharya","year":"2018","unstructured":"Bhattacharya S., Nandi M.: Revisiting variable output length XOR pseudorandom function. IACR Trans. Symmetric Cryptol. 2018(1), 314\u2013335 (2018).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR6","doi-asserted-by":"crossref","unstructured":"Bogdanov A., Knezevic M., Leander G., Toz D., Varici K., Verbauwhede I.: SPONGENT: a lightweight hash function. In: Preneel B., Takagi T. (eds.) CHES, vol. 6917 of LNCS, pp. 312\u2013325. Springer (2011).","DOI":"10.1007\/978-3-642-23951-9_21"},{"issue":"2","key":"1045_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.46586\/tosc.v2020.i2.1-39","volume":"2020","author":"A Chakraborti","year":"2020","unstructured":"Chakraborti A., Nandi M., Talnikar S., Yasuda K.: On the composition of single-keyed tweakable even-mansour for achieving BBB security. IACR Trans. Symmetric Cryptol. 2020(2), 1\u201339 (2020).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR8","doi-asserted-by":"crossref","unstructured":"Chen S., Steinberger J.P.: Tight security bounds for key-alternating ciphers. In: Nguyen P.Q., Oswald E. (eds.) EUROCRYPT, vol. 8441 of LNCS, pp. 327\u2014350. Springer (2014). Full version at https:\/\/eprint.iacr.org\/2013\/222.","DOI":"10.1007\/978-3-642-55220-5_19"},{"key":"1045_CR9","doi-asserted-by":"crossref","unstructured":"Chen Y.L., Lambooij E., Mennink B.: How to build pseudorandom functions from public random permutations. In: Boldyreva A., Micciancio D. (eds.) CRYPTO I, vol. 11692 of LNCS, pp. 266\u2013293. Springer (2019).","DOI":"10.1007\/978-3-030-26948-7_10"},{"issue":"12","key":"1045_CR10","doi-asserted-by":"publisher","first-page":"2703","DOI":"10.1007\/s10623-018-0470-9","volume":"86","author":"B Cogliati","year":"2018","unstructured":"Cogliati B., Seurin Y.: Analysis of the single-permutation encrypted Davies-Meyer construction. Des. Codes Cryptogr. 86(12), 2703\u20132723 (2018).","journal-title":"Des. Codes Cryptogr."},{"key":"1045_CR11","doi-asserted-by":"crossref","unstructured":"Dai W., Hoang V.T., Tessaro S.: Information-theoretic indistinguishability via the chi-squared method. In: Katz J., Shacham H. (eds.) CRYPTO Part III, vol. 10403 of LNCS, pp. 497\u2013523. Springer (2017). Full version at http:\/\/eprint.iacr.org\/2017\/537, latest version 20170616:190106.","DOI":"10.1007\/978-3-319-63697-9_17"},{"issue":"3","key":"1045_CR12","doi-asserted-by":"publisher","first-page":"36","DOI":"10.46586\/tosc.v2018.i3.36-92","volume":"2018","author":"N Datta","year":"2018","unstructured":"Datta N., Dutta A., Nandi M., Paul G.: Double-block hash-then-sum: a paradigm for constructing BBB secure PRF. IACR Trans. Symmetric Cryptol. 2018(3), 36\u201392 (2018).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR13","doi-asserted-by":"crossref","unstructured":"Datta N., Dutta A., Nandi M., Yasuda K.: Encrypt or decrypt? To make a single-key beyond birthday secure nonce-based MAC. In: Shacham H., Boldyreva A. (eds.) CRYPTO I, vol. 10991 of LNCS, pp. 631\u2013661. Springer (2018).","DOI":"10.1007\/978-3-319-96884-1_21"},{"issue":"2","key":"1045_CR14","doi-asserted-by":"publisher","first-page":"161","DOI":"10.46586\/tosc.v2018.i2.161-191","volume":"2018","author":"P Derbez","year":"2018","unstructured":"Derbez P., Iwata T., Sun L., Sun S., Todo Y., Wang H., Wang M.: Cryptanalysis of AES-PRF and its dual. IACR Trans. Symmetric Cryptol. 2018(2), 161\u2013191 (2018).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR15","doi-asserted-by":"crossref","unstructured":"Dinur I., Dunkelman O., Keller N., Shamir A.: Key recovery attacks on 3-round even-mansour, 8-step LED-128, and full AES$$^2$$. In: Sako K., Sarkar P. (eds.) ASIACRYPT I, vol. 8269 of LNCS, pp. 337\u2013356. Springer (2013).","DOI":"10.1007\/978-3-642-42033-7_18"},{"key":"1045_CR16","doi-asserted-by":"crossref","unstructured":"Dunkelman O., Keller N., Shamir A.: Minimalism in cryptography: the even-Mansour scheme revisited. In: Pointcheval D., Johansson T. (eds.) EUROCRYPT, vol. 7237 of LNCS, pp. 336\u2013354. Springer (2012).","DOI":"10.1007\/978-3-642-29011-4_21"},{"key":"1045_CR17","doi-asserted-by":"crossref","unstructured":"Dutta A., Nandi M.: BBB secure nonce based MAC using public permutations. In: Nitaj A., Youssef A.M. (eds.) AFRICACRYPT, vol. 12174 of LNCS, pp. 172\u2013191. Springer (2020).","DOI":"10.1007\/978-3-030-51938-4_9"},{"issue":"2","key":"1045_CR18","first-page":"39","volume":"2021","author":"A Dutta","year":"2021","unstructured":"Dutta A., Nandi M., Talnikar S.: Permutation based EDM: an inverse free BBB secure PRF. IACR Trans. Symmetric Cryptol. 2021(2), 39 (2021).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR19","doi-asserted-by":"crossref","unstructured":"Granger R., Jovanovic P., Mennink B., Neves S.: Improved masking for tweakable blockciphers with applications to authenticated encryption. In: Fischlin M., Coron J.-S. (eds.) EUROCRYPT I, vol. 9665 of LNCS, pp. 263\u2013293. Springer (2016).","DOI":"10.1007\/978-3-662-49890-3_11"},{"key":"1045_CR20","doi-asserted-by":"crossref","unstructured":"Gunsing A., Mennink B.: The summation-truncation hybrid: reusing discarded bits for free. In: Micciancio D., Ristenpart T. (eds.) CRYPTO I, vol. 12170 of LNCS, pp. 187\u2013217. Springer (2020).","DOI":"10.1007\/978-3-030-56784-2_7"},{"issue":"6","key":"1045_CR21","doi-asserted-by":"publisher","first-page":"1297","DOI":"10.1007\/s10623-018-0528-8","volume":"87","author":"C Guo","year":"2019","unstructured":"Guo C., Shen Y., Wang L., Dawu G.: Beyond-birthday secure domain-preserving PRFs from a single permutation. Des. Codes Cryptogr. 87(6), 1297\u20131322 (2019).","journal-title":"Des. Codes Cryptogr."},{"key":"1045_CR22","doi-asserted-by":"crossref","unstructured":"Guo J., Peyrin T., Poschmann A.: The PHOTON family of lightweight hash functions. In: Rogaway P. (ed.) CRYPTO, vol. 6841 of LNCS, pp. 222\u2013239. Springer (2011).","DOI":"10.1007\/978-3-642-22792-9_13"},{"key":"1045_CR23","doi-asserted-by":"crossref","unstructured":"Hoang V.T., Tessaro S.: Key-alternating ciphers and key-length extension: exact bounds and multi-user security. In: Robshaw M., Katz J. (eds.) CRYPTO I, vol. 9814 of LNCS, pp. 3\u201332. Springer (2016).","DOI":"10.1007\/978-3-662-53018-4_1"},{"key":"1045_CR24","doi-asserted-by":"crossref","unstructured":"Iwata T.: New blockcipher modes of operation with beyond the birthday bound security. In: Robshaw M.J.B. (ed.) FSE, vol. 4047 of LNCS, pp. 310\u2013327. Springer (2006).","DOI":"10.1007\/11799313_20"},{"key":"1045_CR25","unstructured":"Iwata T.: Tightness of the security bound of CENC. In: Biham E., Handschuh H., Lucks S., Rijmen V. (eds.) Symmetric cryptography, vol. 07021 of Dagstuhl Seminar Proceedings. Internationales Begegnungs- und Forschungszentrum fuer Informatik (IBFI), Schloss Dagstuhl, Germany (2007)."},{"key":"1045_CR26","first-page":"1087","volume":"2016","author":"T Iwata","year":"2016","unstructured":"Iwata T., Mennink B., Viz\u00e1r D.: CENC is optimally secure. IACR Cryptol ePrint Archive 2016, 1087 (2016).","journal-title":"IACR Cryptol ePrint Archive"},{"issue":"1","key":"1045_CR27","doi-asserted-by":"publisher","first-page":"134","DOI":"10.46586\/tosc.v2016.i1.134-157","volume":"2016","author":"T Iwata","year":"2016","unstructured":"Iwata T., Minematsu K.: Stronger security variants of GCM-SIV. IACR Trans. Symmetric Cryptol. 2016(1), 134\u2013157 (2016).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR28","doi-asserted-by":"crossref","unstructured":"Krovetz T., Rogaway P.: The software performance of authenticated-encryption modes. In: Joux A. (ed.) FSE, vol. 6733 of LNCS, pp. 306\u2013327. Springer (2011).","DOI":"10.1007\/978-3-642-21702-9_18"},{"key":"1045_CR29","doi-asserted-by":"crossref","unstructured":"Liskov M.D., Rivest R.L., Wagner D.A.: Tweakable block ciphers. In: Yung M. (ed.) CRYPTO, vol. 2442 of LNCS, pp. 31\u201346. Springer (2002).","DOI":"10.1007\/3-540-45708-9_3"},{"key":"1045_CR30","doi-asserted-by":"crossref","unstructured":"McGrew D.A., Viega J.: The security and performance of the galois\/counter mode (GCM) of operation. In: Canteaut A., Viswanathan K. (eds.) INDOCRYPT, vol. 3348 of LNCS, pp. 343\u2013355. Springer (2004).","DOI":"10.1007\/978-3-540-30556-9_27"},{"key":"1045_CR31","doi-asserted-by":"crossref","unstructured":"Mennink B., Neves S.: Encrypted Davies-Meyer and Its dual: towards optimal security using mirror theory. In: Katz J., Shacham H. (eds.) CRYPTO, Part III, vol. 10403 of LNCS, pp. 556\u2013583. Springer (2017). Full version at https:\/\/eprint.iacr.org\/2017\/473.","DOI":"10.1007\/978-3-319-63697-9_19"},{"issue":"3","key":"1045_CR32","doi-asserted-by":"publisher","first-page":"228","DOI":"10.46586\/tosc.v2017.i3.228-252","volume":"2017","author":"B Mennink","year":"2017","unstructured":"Mennink B., Neves S.: Optimal PRFs from blockcipher designs. IACR Trans. Symmetric Cryptol. 2017(3), 228\u2013252 (2017).","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1045_CR33","doi-asserted-by":"crossref","unstructured":"Minematsu K.: Parallelizable rate-1 authenticated encryption from pseudorandom functions. In: Nguyen P.Q., Oswald E. (eds.) EUROCRYPT, vol. 8441 of LNCS, pp. 275\u2013292. Springer (2014).","DOI":"10.1007\/978-3-642-55220-5_16"},{"key":"1045_CR34","doi-asserted-by":"crossref","unstructured":"Mouha N., Mennink B., Van Herrewege A., Watanabe D., Preneel B., Verbauwhede I.: Chaskey: an efficient MAC algorithm for 32-bit microcontrollers. In: Joux A., Youssef A.M. (eds.) SAC, vol. 8781 of LNCS, pp. 306\u2013323. Springer (2014).","DOI":"10.1007\/978-3-319-13051-4_19"},{"key":"1045_CR35","doi-asserted-by":"crossref","unstructured":"Naito Y.: Blockcipher-based macs: beyond the birthday bound without message length. In: Takagi T., Peyrin T. (eds.) ASIACRYPT III, vol. 10626 of LNCS, pp. 446\u2013470. Springer (2017).","DOI":"10.1007\/978-3-319-70700-6_16"},{"key":"1045_CR36","doi-asserted-by":"crossref","unstructured":"Nandi M.: Mind the composition: birthday bound attacks on EWCDMD and SoKAC21. In: Canteaut A., Ishai Y. (eds.) EUROCRYPT I, vol. 12105 of LNCS, pp. 203\u2013220. Springer (2020).","DOI":"10.1007\/978-3-030-45721-1_8"},{"key":"1045_CR37","unstructured":"NIST. SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. Federal Information Processing Standards (FIPS) Publication, 202 (2015)."},{"key":"1045_CR38","doi-asserted-by":"crossref","unstructured":"Patarin J.: The \u201cCoefficients H\u201d technique. In: Avanzi R.M., Keliher L., Sica F. (eds.) SAC, vol. 5381 of LNCS, pp. 328\u2013345. Springer (2008).","DOI":"10.1007\/978-3-642-04159-4_21"},{"key":"1045_CR39","first-page":"287","volume":"2010","author":"J Patarin","year":"2010","unstructured":"Patarin J.: Introduction to mirror theory: analysis of systems of linear equalities and linear non equalities for cryptography. IACR Cryptol Archive 2010, 287 (2010).","journal-title":"IACR Cryptol Archive"},{"key":"1045_CR40","unstructured":"Sasaki Y., Todo Y., Aoki K., Naito Y., Sugawara T., Murakami Y., Matsui M., Hirose S.: Minalpher v1.1. 29 (2015). Second-round submission to the CAESAR competition."},{"key":"1045_CR41","doi-asserted-by":"crossref","unstructured":"Yasuda K.: The sum of CBC MACs is a secure PRF. In: Pieprzyk J. (ed.) CT-RSA, vol. 5985 of LNCS, pp. 366\u2013381. Springer (2010).","DOI":"10.1007\/978-3-642-11925-5_25"},{"key":"1045_CR42","doi-asserted-by":"crossref","unstructured":"Yasuda K.: A new variant of PMAC: beyond the birthday bound. In: Rogaway P. (ed.) CRYPTO, vol. 6841 of LNCS, pp. 596\u2013609. Springer (2011).","DOI":"10.1007\/978-3-642-22792-9_34"},{"key":"1045_CR43","doi-asserted-by":"crossref","unstructured":"Zhang L., Wu W., Sui H., Wang P.: 3kf9: enhancing 3GPP-MAC beyond the birthday bound. In: Wang X., Sako K. (eds.) ASIACRYPT, vol. 7658 of LNCS, pp. 296\u2013312. Springer (2012).","DOI":"10.1007\/978-3-642-34961-4_19"}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-022-01045-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10623-022-01045-z\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-022-01045-z.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,3]],"date-time":"2022-06-03T12:12:39Z","timestamp":1654258359000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10623-022-01045-z"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,25]]},"references-count":43,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2022,6]]}},"alternative-id":["1045"],"URL":"https:\/\/doi.org\/10.1007\/s10623-022-01045-z","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,25]]},"assertion":[{"value":"6 March 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 September 2021","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"14 April 2022","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"25 May 2022","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}