{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,27]],"date-time":"2026-01-27T13:01:27Z","timestamp":1769518887965,"version":"3.49.0"},"reference-count":37,"publisher":"Springer Science and Business Media LLC","issue":"8","license":[{"start":{"date-parts":[[2024,3,30]],"date-time":"2024-03-30T00:00:00Z","timestamp":1711756800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2024,3,30]],"date-time":"2024-03-30T00:00:00Z","timestamp":1711756800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"funder":[{"DOI":"10.13039\/501100003626","name":"Defense Acquisition Program Administration","doi-asserted-by":"publisher","award":["UD210027XD"],"award-info":[{"award-number":["UD210027XD"]}],"id":[{"id":"10.13039\/501100003626","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100005073","name":"Agency for Defense Development","doi-asserted-by":"publisher","award":["UD210027XD"],"award-info":[{"award-number":["UD210027XD"]}],"id":[{"id":"10.13039\/501100005073","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100017354","name":"Military Crypto Research Center","doi-asserted-by":"publisher","award":["UD210027XD"],"award-info":[{"award-number":["UD210027XD"]}],"id":[{"id":"10.13039\/100017354","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Des. Codes Cryptogr."],"published-print":{"date-parts":[[2024,8]]},"DOI":"10.1007\/s10623-024-01383-0","type":"journal-article","created":{"date-parts":[[2024,3,30]],"date-time":"2024-03-30T08:01:45Z","timestamp":1711785705000},"page":"2197-2217","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["Preimage attacks on reduced-round Ascon-Xof"],"prefix":"10.1007","volume":"92","author":[{"given":"Seungjun","family":"Baek","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Giyoon","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2608-8878","authenticated-orcid":false,"given":"Jongsung","family":"Kim","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2024,3,30]]},"reference":[{"key":"1383_CR1","doi-asserted-by":"publisher","unstructured":"Bar-On A., Dunkelman O, Keller N., Weizman A.: Dlct: a new tool for differential-linear cryptanalysis. In: EUROCRYPT 2019. pp. 313\u2013342. Springer (2019). https:\/\/doi.org\/10.1007\/978-3-030-17653-2_11.","DOI":"10.1007\/978-3-030-17653-2_11"},{"key":"1383_CR2","unstructured":"Bernstein Daniel J.: Second preimages for 6 (7 (8??)) rounds of keccak? Posted on the NIST mailing list (2010). https:\/\/ehash.iaik.tugraz.at\/uploads\/6\/65\/NIST-mailing-list_Bernstein-Daemen.txt."},{"key":"1383_CR3","doi-asserted-by":"publisher","unstructured":"Bertoni G., Daemen J., Peeters M., Assche G.V.: Duplexing the sponge: single-pass authenticated encryption and other applications. In: SAC 2011. pp. 320\u2013337. Springer (2011). https:\/\/doi.org\/10.1007\/978-3-642-28496-0_19.","DOI":"10.1007\/978-3-642-28496-0_19"},{"key":"1383_CR4","unstructured":"Bertoni G., Daemen J., Peeters M., Van\u00a0Assche G.: Sponge functions. In: ECRYPT hash workshop. Citeseer (2007). https:\/\/csrc.nist.rip\/groups\/ST\/hash\/documents\/JoanDaemen.pdf."},{"key":"1383_CR5","doi-asserted-by":"publisher","unstructured":"Civek A.B., Tezcan C.: Differential-linear attacks on permutation ciphers revisited: Experiments on ascon and drygascon. In: ICISSP 2022. pp. 202\u2013209. SCITEPRESS (2022). https:\/\/doi.org\/10.5220\/0010982600003120.","DOI":"10.5220\/0010982600003120"},{"key":"1383_CR6","unstructured":"Dobraunig C., Eichlseder M., Mangard S., Mendel F., Mennink B., Primas R., Unterluggauer T.: Isap. Submission as a Finalist to the NIST Lightweight Crypto Standardization Process (2021). https:\/\/csrc.nist.gov\/Projects\/lightweight-cryptography\/finalists."},{"key":"1383_CR7","doi-asserted-by":"publisher","unstructured":"Dobraunig C., Eichlseder M., Mendel F.: Heuristic tool for linear cryptanalysis with applications to caesar candidates. In: ASIACRYPT 2015. pp. 490\u2013509. Springer (2015). https:\/\/doi.org\/10.1007\/978-3-662-48800-3_20.","DOI":"10.1007\/978-3-662-48800-3_20"},{"key":"1383_CR8","doi-asserted-by":"publisher","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Cryptanalysis of ascon. In: CT-RSA 2015. pp. 371\u2013387. Springer (2015). https:\/\/doi.org\/10.1007\/978-3-319-16715-2_20.","DOI":"10.1007\/978-3-319-16715-2_20"},{"key":"1383_CR9","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Ascon v1.2. Submission to Round 3 of the CAESAR competition (2016). https:\/\/competitions.cr.yp.to\/round3\/asconv12.pdf."},{"key":"1383_CR10","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Preliminary analysis of ascon-xof and ascon-hash. Technique Report (2019). https:\/\/ascon.iaik.tugraz.at\/files\/Preliminary_Analysis_of_Ascon-Xof_and_Ascon-Hash_v01.pdf."},{"issue":"3","key":"1383_CR11","doi-asserted-by":"publisher","first-page":"33","DOI":"10.1007\/s00145-021-09398-9","volume":"34","author":"C Dobraunig","year":"2021","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Ascon v1.2: lightweight authenticated encryption and hashing. J. Cryptol. 34(3), 33 (2021). https:\/\/doi.org\/10.1007\/s00145-021-09398-9.","journal-title":"J. Cryptol."},{"key":"1383_CR12","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Ascon v1.2 submission to nist. LWC Final round submission (2021). https:\/\/csrc.nist.gov\/Projects\/lightweight-cryptography\/finalists."},{"key":"1383_CR13","unstructured":"Dobraunig C., Eichlseder M., Mendel F., Schl\u00e4ffer M.: Ascon resources. https:\/\/ascon.iaik.tugraz.at\/resources.html. Accessed Oct 2022."},{"key":"1383_CR14","doi-asserted-by":"publisher","first-page":"237","DOI":"10.5220\/0006387302370246","volume":"2017","author":"AD Dwivedi","year":"2017","unstructured":"Dwivedi A.D., Klou\u010dek M., Morawiecki P., Nikolic I., Pieprzyk J., W\u00f6jtowicz S.: Sat-based cryptanalysis of authenticated ciphers from the Caesar competition. ICETE 2017, 237\u2013246 (2017). https:\/\/doi.org\/10.5220\/0006387302370246.","journal-title":"ICETE"},{"key":"1383_CR15","doi-asserted-by":"publisher","unstructured":"Dworkin M.: Sha-3 standard: Permutation-based hash and extendable-output functions (2015). https:\/\/doi.org\/10.6028\/NIST.FIPS.202.","DOI":"10.6028\/NIST.FIPS.202"},{"key":"1383_CR16","unstructured":"Dworkin M., Feldman L., Witte G.: Additional secure hash algorithm standards offer new opportunities for data protection (2015). https:\/\/tsapps.nist.gov\/publication\/get_pdf.cfm?pub_id=919417."},{"issue":"1","key":"1383_CR17","doi-asserted-by":"publisher","first-page":"64","DOI":"10.46586\/tosc.v2022.i1.64-87","volume":"2022","author":"J Erlacher","year":"2022","unstructured":"Erlacher J., Mendel F., Eichlseder M.: Bounds for the security of ascon against differential and linear cryptanalysis. IACR Trans. Symmetric Cryptol. 2022(1), 64\u201387 (2022). https:\/\/doi.org\/10.46586\/tosc.v2022.i1.64-87.","journal-title":"IACR Trans. Symmetric Cryptol."},{"issue":"3","key":"1383_CR18","doi-asserted-by":"publisher","first-page":"102","DOI":"10.46586\/tosc.v2021.i3.102-136","volume":"2021","author":"D Gerault","year":"2021","unstructured":"Gerault D., Peyrin T., Tan Q.Q.: Exploring differential-based distinguishers and forgeries for ascon. IACR Trans. Symmetric Cryptol. 2021(3), 102\u2013136 (2021). https:\/\/doi.org\/10.46586\/tosc.v2021.i3.102-136.","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1383_CR19","unstructured":"G\u00f6lo\u011flu F., Rijmen V., Wang Q.: On the division property of s-boxes. Cryptology ePrint Archive (2016). http:\/\/eprint.iacr.org\/2016\/188."},{"key":"1383_CR20","doi-asserted-by":"publisher","unstructured":"Jovanovic P., Luykx A., Mennink B.: Beyond 2 c\/2 security in sponge-based authenticated encryption modes. In: ASIACRYPT 2014. pp. 85\u2013104. Springer (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_5.","DOI":"10.1007\/978-3-662-45611-8_5"},{"key":"1383_CR21","doi-asserted-by":"crossref","unstructured":"Kelsey J., Chang S.j., Perlner R.: Sha-3 derived functions: cshake, kmac, tuplehash, and parallelhash. NIST special publication 800, 185 (2016). https:\/\/www.nist.gov\/publications\/sha-3-derived-functions-cshake-kmac-tuplehash-and-parallelhash.","DOI":"10.6028\/NIST.SP.800-185"},{"key":"1383_CR22","doi-asserted-by":"publisher","unstructured":"Leander G., Tezcan C., Wiemer F.: Searching for subspace trails and truncated differentials. IACR Trans. Symmetric Cryptol. 2018(1), 74\u2013100 (2018). https:\/\/doi.org\/10.13154\/tosc.v2018.i1.74-100.","DOI":"10.13154\/tosc.v2018.i1.74-100"},{"issue":"3","key":"1383_CR23","doi-asserted-by":"publisher","first-page":"74","DOI":"10.46586\/tosc.v2023.i3.74-100","volume":"2023","author":"H Li","year":"2023","unstructured":"Li H., He L., Chen S., Guo J., Qiu W.: Automatic preimage attack framework on ascon using a linearize-and-guess approach. IACR Trans. Symmetric Cryptol. 2023(3), 74\u2013100 (2023).","journal-title":"IACR Trans. Symmetric Cryptol."},{"issue":"3","key":"1383_CR24","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/s11432-016-0283-3","volume":"60","author":"Y Li","year":"2017","unstructured":"Li Y., Zhang G., Wang W., Wang M.: Cryptanalysis of round-reduced ascon. Sci. China Inf. Sci. 60(3), 1\u20132 (2017). https:\/\/doi.org\/10.1007\/s11432-016-0283-3.","journal-title":"Sci. China Inf. Sci."},{"issue":"1","key":"1383_CR25","doi-asserted-by":"publisher","first-page":"175","DOI":"10.13154\/tosc.v2017.i1.175-202","volume":"2017","author":"Z Li","year":"2017","unstructured":"Li Z., Dong X., Wang X.: Conditional cube attack on round-reduced ascon. IACR Trans. Symmetric Cryptol. 2017(1), 175\u2013202 (2017). https:\/\/doi.org\/10.13154\/tosc.v2017.i1.175-202.","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1383_CR26","doi-asserted-by":"publisher","unstructured":"Liu M., Lu X., Lin D.: Differential-linear cryptanalysis from an algebraic perspective. In: CRYPTO 2021. pp. 247\u2013277. Springer (2021). https:\/\/doi.org\/10.1007\/978-3-030-84252-9_9.","DOI":"10.1007\/978-3-030-84252-9_9"},{"issue":"3","key":"1383_CR27","doi-asserted-by":"publisher","first-page":"303","DOI":"10.46586\/tosc.v2022.i3.303-340","volume":"2022","author":"RH Makarim","year":"2022","unstructured":"Makarim R.H., Rohit R.: Towards tight differential bounds of ascon: a hybrid usage of smt and milp. IACR Trans. Symmetric Cryptol. 2022(3), 303\u2013340 (2022). https:\/\/doi.org\/10.46586\/tosc.v2022.i3.303-340.","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1383_CR28","unstructured":"NIST.: Submission requirements and evaluation criteria for the lightweight cryptography standardization process (2018). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/final-lwc-submission-requirements-august2018.pdf."},{"key":"1383_CR29","doi-asserted-by":"publisher","unstructured":"Qin L., Hua J., Dong X., Yan H., Wang X.: Meet-in-the-middle preimage attacks on sponge-based hashing. In: EUROCRYPT 2023. Lecture Notes in Computer Science, vol. 14007, pp. 158\u2013188. Springer (2023). https:\/\/doi.org\/10.1007\/978-3-031-30634-1_6.","DOI":"10.1007\/978-3-031-30634-1_6"},{"key":"1383_CR30","unstructured":"Qin L., Zhao B., Hua J., Dong X., Wang X.: Weak-diffusion structure: Meet-in-the-middle attacks on sponge-based hashing revisited. IACR Cryptol. ePrint Arch. p.\u00a0518 (2023). https:\/\/eprint.iacr.org\/2023\/518."},{"issue":"1","key":"1383_CR31","doi-asserted-by":"publisher","first-page":"130","DOI":"10.46586\/tosc.v2021.i1.130-155","volume":"2021","author":"R Rohit","year":"2021","unstructured":"Rohit R., Hu K., Sarkar S., Sun S.: Misuse-free key-recovery and distinguishing attacks on 7-round ascon. IACR Trans. Symmetric Cryptol. 2021(1), 130\u2013155 (2021). https:\/\/doi.org\/10.46586\/tosc.v2021.i1.130-155.","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"1383_CR32","doi-asserted-by":"publisher","unstructured":"Sun S., Hu L., Wang P., Qiao K., Ma X., Song L.: Automatic security evaluation and (related-key) differential characteristic search: Application to simon, present, lblock, DES(L) and other bit-oriented block ciphers. In: ASIACRYPT 2014. Lecture Notes in Computer Science, vol.\u00a08873, pp. 158\u2013178. Springer (2014). https:\/\/doi.org\/10.1007\/978-3-662-45611-8_9.","DOI":"10.1007\/978-3-662-45611-8_9"},{"key":"1383_CR33","doi-asserted-by":"publisher","unstructured":"Todo Y.: Structural evaluation by generalized integral property. In: EUROCRYPT 2015. pp. 287\u2013314. Springer (2015). https:\/\/doi.org\/10.1007\/978-3-662-46800-5_12.","DOI":"10.1007\/978-3-662-46800-5_12"},{"key":"1383_CR34","unstructured":"Weatherley R.: Additional modes for lwc finalists technical report, version 1.0 (2021). https:\/\/rweather.github.io\/lwc-finalists\/lwc-modes-v1-0.pdf."},{"key":"1383_CR35","unstructured":"Wiethuechter A., Card S.W., Moskowitz R.: DRIP Entity Tag Authentication Formats & Protocols for Broadcast Remote ID. Internet-Draft draft-ietf-drip-auth-29, Internet Engineering Task Force (Feb 2023). https:\/\/datatracker.ietf.org\/doc\/draft-ietf-drip-auth\/29\/, work in Progress."},{"issue":"5","key":"1383_CR36","doi-asserted-by":"publisher","first-page":"469","DOI":"10.1049\/iet-ifs.2018.5263","volume":"13","author":"H Yan","year":"2019","unstructured":"Yan H., Lai X., Wang L., Yu Y., Xing Y.: New zero-sum distinguishers on full 24-round Keccak-f using the division property. IET Inf. Secur. 13(5), 469\u2013478 (2019). https:\/\/doi.org\/10.1049\/iet-ifs.2018.5263.","journal-title":"IET Inf. Secur."},{"key":"1383_CR37","unstructured":"Zong R., Dong X., Wang X.: Collision attacks on round-reduced gimli-hash\/ascon-xof\/ascon-hash. IACR Cryptol. ePrint Arch. p.\u00a01115 (2019). https:\/\/eprint.iacr.org\/2019\/1115."}],"container-title":["Designs, Codes and Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-024-01383-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10623-024-01383-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10623-024-01383-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,24]],"date-time":"2024-07-24T19:04:33Z","timestamp":1721847873000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10623-024-01383-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,3,30]]},"references-count":37,"journal-issue":{"issue":"8","published-print":{"date-parts":[[2024,8]]}},"alternative-id":["1383"],"URL":"https:\/\/doi.org\/10.1007\/s10623-024-01383-0","relation":{},"ISSN":["0925-1022","1573-7586"],"issn-type":[{"value":"0925-1022","type":"print"},{"value":"1573-7586","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,3,30]]},"assertion":[{"value":"24 March 2023","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 November 2023","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"22 February 2024","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"30 March 2024","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}