{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,9]],"date-time":"2025-11-09T03:53:23Z","timestamp":1762660403430},"reference-count":102,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2023,8,5]],"date-time":"2023-08-05T00:00:00Z","timestamp":1691193600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,8,5]],"date-time":"2023-08-05T00:00:00Z","timestamp":1691193600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cryptogr. Commun."],"published-print":{"date-parts":[[2024,1]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>This survey presents the rich history of the Welch-Gong (WG) Stream cipher family. It has been a long journey that lead the WG stream ciphers to become practical. The evolutionary path is a combination of mathematical endeavour and engineering striving to transfer pure mathematical functions to practical encryption algorithms for various applications. This path began as the pioneering work on WG transformation sequences with 2-level autocorrelation, leading to important breakthroughs in the early 2000\u2019s, such as the submission of the first WG stream cipher to the eSTREAM competition in 2005 and the subsequent introduction of the WG stream cipher family <jats:italic>WG<\/jats:italic>(<jats:italic>m<\/jats:italic>,\u00a0<jats:italic>l<\/jats:italic>), followed by extensive work on particular instances proposed for various (mostly lightweight) applications. A recent construction using a WG permutation is the authenticated encryption WAGE, submitted to the NIST LWC competition in 2019. The story of the WG stream cipher is by far not finished. The future opens numerous possibilities for WG stream ciphers and WAGE, with applications in both lightweight environments and in high-performance computing. We conclude the survey with new ideas and open problems.<\/jats:p>","DOI":"10.1007\/s12095-023-00656-0","type":"journal-article","created":{"date-parts":[[2023,8,5]],"date-time":"2023-08-05T05:01:43Z","timestamp":1691211703000},"page":"129-165","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["The welch-gong stream cipher - evolutionary path"],"prefix":"10.1007","volume":"16","author":[{"given":"N.","family":"Zidari\u010d","sequence":"first","affiliation":[]},{"given":"K.","family":"Mandal","sequence":"additional","affiliation":[]},{"given":"G.","family":"Gong","sequence":"additional","affiliation":[]},{"given":"M.","family":"Aagaard","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,8,5]]},"reference":[{"key":"656_CR1","unstructured":"Aagaard, M., AlTawy, R.,\u00a0Gong, G.,\u00a0Mandal, K.,\u00a0Rohit, R.,\u00a0Zidaric, N.: WAGE: An authenticated cipher, round 1 submission to nist lightweight cryptography standardization project (2019). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/spec-doc\/wage-spec.pdf"},{"key":"656_CR2","unstructured":"Aagaard, M.,\u00a0AlTawy, R.,\u00a0Gong, G.,\u00a0Mandal, K.,\u00a0Rohit, R.,\u00a0Zidaric, N.: WAGE: An authenticated cipher, round 2 submission to nist lightweight cryptography standardization project (2019). https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-2\/spec-doc-rnd2\/wage-spec-round2.pdf"},{"key":"656_CR3","doi-asserted-by":"crossref","unstructured":"Aagaard, M.D.,\u00a0Gong, G., Mota, R.K.: Hardware implementations of the WG-5 cipher for passive RFID tags. In 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp 29\u201334 (2013). IEEE","DOI":"10.1109\/HST.2013.6581561"},{"key":"656_CR4","unstructured":"Aagaard, M.D.,\u00a0Sattarov, M.,\u00a0Zidaric, N.: Hardware design and analysis of the ACE and WAGE ciphers. NIST LWC workshop 2019, arXiv preprint (2019). arXiv:1909.12338"},{"key":"656_CR5","unstructured":"Aagaard, M.D.,\u00a0Zidaric, N.: ASIC benchmarking of round 2 candidates in the NIST lightweight cryptography standardization process. Cryptology ePrint Archive, Paper 2021\/049 (2021). https:\/\/eprint.iacr.org\/2021\/049"},{"key":"656_CR6","doi-asserted-by":"crossref","unstructured":"Albrecht, M.,\u00a0Grassi, L.,\u00a0Rechberger, C.,\u00a0Roy, A.,\u00a0Tiessen, T.: MiMC: Efficient encryption and cryptographic hashing with minimal multiplicative complexity. In Cheon, J.H.,\u00a0Takagi, T. (eds) Advances in Cryptology \u2013 ASIACRYPT 2016. Berlin, Heidelberg. Springer Berlin Heidelberg, pp 191\u2013219 (2016)","DOI":"10.1007\/978-3-662-53887-6_7"},{"key":"656_CR7","doi-asserted-by":"crossref","unstructured":"AlTawy, R.,\u00a0Gong, G.,\u00a0Mandal, K.,\u00a0Rohit, R.: WAGE: an authenticated encryption with a twist. IACR Transactions on Symmetric Cryptology \u2013 Special Issue on Designs for the NIST Lightweight Standardisation Process, p 132\u2013159 (2020)","DOI":"10.46586\/tosc.v2020.iS1.132-159"},{"key":"656_CR8","doi-asserted-by":"crossref","unstructured":"Altawy, R.,\u00a0Rohit, R.,\u00a0He, M.,\u00a0Mandal, K.,\u00a0Yang, G.,\u00a0Gong, G.: sLISCP-Light: Towards hardware optimized Sponge-specific cryptographic permutations. ACM Trans Embed Comput Syst 17(4) (2018)","DOI":"10.1145\/3233245"},{"key":"656_CR9","doi-asserted-by":"publisher","first-page":"129","DOI":"10.1007\/978-3-319-72565-9_7","volume-title":"Selected Areas in Cryptography - SAC 2017","author":"R AlTawy","year":"2018","unstructured":"AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: sLiSCP: Simeck-based permutations for lightweight Sponge cryptographic primitives. In: Adams, C., Camenisch, J. (eds.) Selected Areas in Cryptography - SAC 2017, pp. 129\u2013150. Springer International Publishing, Cham (2018)"},{"issue":"9","key":"656_CR10","doi-asserted-by":"publisher","first-page":"1341","DOI":"10.1109\/TC.2018.2811467","volume":"67","author":"R AlTawy","year":"2018","unstructured":"AlTawy, R., Rohit, R., He, M., Mandal, K., Yang, G., Gong, G.: Towards a cryptographic minimal design: The sLiSCP family of permutations. IEEE Transactions on Computers 67(9), 1341\u20131358 (2018)","journal-title":"IEEE Transactions on Computers"},{"key":"656_CR11","doi-asserted-by":"publisher","first-page":"790","DOI":"10.1016\/j.protcy.2016.05.092","volume":"24","author":"V Ashan","year":"2016","unstructured":"Ashan, V.: Implementation of WG stream cipher with involution function. Procedia Technology 24, 790\u2013795 (2016)","journal-title":"Procedia Technology"},{"key":"656_CR12","unstructured":"Ayoub, A.: A flexible ultralight hardware security module for EPC RFID tags. PhD thesis. uwspace (2021). http:\/\/hdl.handle.net\/10012\/17613"},{"key":"656_CR13","unstructured":"Baumert, L.D.: Cyclic difference sets, volume 182. Springer (2006)"},{"key":"656_CR14","unstructured":"Ben-Sasson, E.,\u00a0Bentov, I.,\u00a0Horesh, Y.,\u00a0Riabzev, M.: Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive, Paper 2018\/046 (2018). https:\/\/eprint.iacr.org\/2018\/046"},{"key":"656_CR15","doi-asserted-by":"publisher","first-page":"103","DOI":"10.1007\/978-3-030-17653-2_4","volume-title":"Advances in Cryptology - EUROCRYPT 2019","author":"E Ben-Sasson","year":"2019","unstructured":"Ben-Sasson, E., Chiesa, A., Riabzev, M., Spooner, N., Virza, M., Ward, N.P.: Aurora: Transparent succinct arguments for R1CS. In: Ishai, Y., Rijmen, V. (eds.) Advances in Cryptology - EUROCRYPT 2019, pp. 103\u2013128. Springer International Publishing, Cham (2019)"},{"key":"656_CR16","unstructured":"Chai, Q.: Design and analysis of security schemes for low-cost RFID systems. PhD thesis. uwspace (2012). http:\/\/hdl.handle.net\/10012\/6512"},{"key":"656_CR17","doi-asserted-by":"crossref","unstructured":"Chang, A.C., Golomb, S.W.,\u00a0Gong, G., Kumar, P.V.: On the linear span of ideal autocorrelation sequences arising from the Segre hyperoval. Sequences and their Applications-Proceedings of SETA\u201998, Discrete Mathematics and Theoretical Computer Science (1999)","DOI":"10.1007\/978-1-4471-0551-0_2"},{"key":"656_CR18","doi-asserted-by":"crossref","unstructured":"Chang, X., Dai, Z.D.,\u00a0Gong, G.: Some cryptographic properties of exponential functions. In Pieprzyk J, Safavi-Naini R (eds) Advances in Cryptology \u2014 ASIACRYPT\u201994, p 413\u2013418. Berlin, Heidelberg. Springer Berlin Heidelberg (1995)","DOI":"10.1007\/BFb0000452"},{"key":"656_CR19","doi-asserted-by":"crossref","unstructured":"Courtois, N.T.,\u00a0Meier, W.: Algebraic attacks on stream ciphers with linear feedback. In Biham, E. (ed) Advances in Cryptology \u2014 EUROCRYPT 2003, p 345\u2013359. Berlin, Heidelberg. Springer Berlin Heidelberg (2003)","DOI":"10.1007\/3-540-39200-9_21"},{"issue":"1","key":"656_CR20","doi-asserted-by":"publisher","first-page":"225","DOI":"10.1023\/A:1026435428030","volume":"17","author":"JF Dillon","year":"1999","unstructured":"Dillon, J.F.: Multiplicative difference sets via additive characters. Designs, Codes and Cryptography 17(1), 225\u2013235 (1999)","journal-title":"Designs, Codes and Cryptography"},{"issue":"3","key":"656_CR21","doi-asserted-by":"publisher","first-page":"342","DOI":"10.1016\/j.ffa.2003.09.003","volume":"10","author":"JF Dillon","year":"2004","unstructured":"Dillon, J.F., Dobbertin, H.: New cyclic difference sets with singer parameters. Finite Fields and Their Applications 10(3), 342\u2013389 (2004)","journal-title":"Finite Fields and Their Applications"},{"key":"656_CR22","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.103015","volume":"63","author":"L Ding","year":"2021","unstructured":"Ding, L., Gu, D., Wang, L., Jin, C., Guan, J.: A real-time related key attack on the WG-16 stream cipher for securing 4G-LTE networks. Journal of Information Security and Applications 63, 103015 (2021)","journal-title":"Journal of Information Security and Applications"},{"issue":"4","key":"656_CR23","doi-asserted-by":"publisher","first-page":"645","DOI":"10.1109\/TIFS.2014.2307202","volume":"9","author":"L Ding","year":"2014","unstructured":"Ding, L., Jin, C., Guan, J., Wang, Q.: Cryptanalysis of lightweight WG-8 stream cipher. IEEE Transactions on Information Forensics and Security 9(4), 645\u2013652 (2014)","journal-title":"IEEE Transactions on Information Forensics and Security"},{"issue":"10","key":"656_CR24","doi-asserted-by":"publisher","first-page":"2677","DOI":"10.1093\/comjnl\/bxv024","volume":"58","author":"L Ding","year":"2015","unstructured":"Ding, L., Jin, C., Guan, J., Zhang, S., Cui, T., Han, D., Zhao, W.: Cryptanalysis of WG family of stream ciphers. The Computer Journal 58(10), 2677\u20132685 (2015)","journal-title":"The Computer Journal"},{"key":"656_CR25","first-page":"133","volume-title":"Kasami Power Functions","author":"H Dobbertin","year":"1999","unstructured":"Dobbertin, H.: Kasami Power Functions, pp. 133\u2013158. Permutation Polynomials and Cyclic Difference Sets. Springer, Netherlands, Dordrecht (1999)"},{"key":"656_CR26","unstructured":"El-Razouk, H.,\u00a0Reyhani-Masoleh, A.,\u00a0Gong, G.: New hardware implementations of the WG stream cipher, cacr report (2012). https:\/\/cacr.uwaterloo.ca\/techreports\/2012\/cacr2012-31.pdf"},{"key":"656_CR27","doi-asserted-by":"crossref","unstructured":"El-Razouk, H.,\u00a0Reyhani-Masoleh, A.,\u00a0Gong, G.: New implementations of the WG stream cipher. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, 22(9):1865\u20131878 (2013)","DOI":"10.1109\/TVLSI.2013.2280092"},{"issue":"7","key":"656_CR28","doi-asserted-by":"publisher","first-page":"2020","DOI":"10.1109\/TC.2014.2346207","volume":"64","author":"H El-Razouk","year":"2014","unstructured":"El-Razouk, H., Reyhani-Masoleh, A., Gong, G.: New hardware implementationsof $$WG(29, 11)$$ and WG-16 stream ciphers using polynomial basis. IEEE Transactions on Computers 64(7), 2020\u20132035 (2014)","journal-title":"IEEE Transactions on Computers"},{"issue":"1","key":"656_CR29","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1006\/jcta.1998.2950","volume":"87","author":"R Evans","year":"1999","unstructured":"Evans, R., Hollmann, H.D., Krattenthaler, C., Xiang, Q.: Gauss sums, jacobi sums, and p-ranks of cyclic difference sets. Journal of Combinatorial Theory, Series A 87(1), 74\u2013119 (1999)","journal-title":"Journal of Combinatorial Theory, Series A"},{"key":"656_CR30","unstructured":"Fan, X.,\u00a0Gong, G.: Specification of the stream cipher WG-16 based confidentiality and integrity algorithms, cacr report (2013). https:\/\/cacr.uwaterloo.ca\/techreports\/2013\/cacr2013-06.pdf"},{"key":"656_CR31","doi-asserted-by":"crossref","unstructured":"Fan, X.,\u00a0Mandal, K.,\u00a0Gong, G.: WG-8: A lightweight stream cipher for resource-constrained smart devices. In International Conference on Heterogeneous Networking for Quality, Reliability, Security and Robustness,p 617\u2013632. Springer (2013)","DOI":"10.1007\/978-3-642-37949-9_54"},{"key":"656_CR32","doi-asserted-by":"crossref","unstructured":"Fan, X.,\u00a0Zidaric, N.,\u00a0Aagaard, M.,\u00a0Gong, G.: Efficient hardware implementation of the stream cipher WG-16 with composite field arithmetic. In Proceedings of the 3rd international workshop on Trustworthy embedded devices, p 21\u201334. (2013)","DOI":"10.1145\/2517300.2517305"},{"key":"656_CR33","doi-asserted-by":"crossref","unstructured":"Fei, Y.,\u00a0Gong, G.,\u00a0Gongye, C.,\u00a0Mandal, K.,\u00a0Rohit, R.,\u00a0Xu, T.,\u00a0Yi, Y., Zidaric, N.: Correlation power analysis and higher-order masking implementation of WAGE. In International Conference on Selected Areas in Cryptography, p 593\u2013614. Springer (2020)","DOI":"10.1007\/978-3-030-81652-0_23"},{"key":"656_CR34","doi-asserted-by":"publisher","first-page":"544","DOI":"10.2478\/popets-2022-0027","volume":"1","author":"S Fu","year":"2022","unstructured":"Fu, S.: Gong G (2022) Polaris: Transparent succinct zero-knowledge arguments for R1CS with efficient verifier. Proc. Priv. Enhancing Technol 1, 544\u2013564 (2022)","journal-title":"Proc. Priv. Enhancing Technol"},{"issue":"12","key":"656_CR35","first-page":"1","volume":"4","author":"The GAP Group","year":"2022","unstructured":"The GAP Group: GAP - Groups. Algorithms, and Programming, Version 4(12), 1 (2022)","journal-title":"Algorithms, and Programming, Version"},{"key":"656_CR36","volume-title":"Shift Register Sequences","author":"SW Golomb","year":"1981","unstructured":"Golomb, S.W.: Shift Register Sequences. Aegean Park Press, USA (1981)"},{"key":"656_CR37","doi-asserted-by":"publisher","DOI":"10.1017\/CBO9780511546907","volume-title":"Signal design for good correlation: for wireless communication, cryptography, and radar","author":"SW Golomb","year":"2005","unstructured":"Golomb, S.W., Gong, G.: Signal design for good correlation: for wireless communication, cryptography, and radar. Cambridge University Press (2005)"},{"issue":"4","key":"656_CR38","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1007\/s12095-013-0089-7","volume":"5","author":"G Gong","year":"2013","unstructured":"Gong, G., Aagaard, M., Fan, X.: Resilience to distinguishing attacks on WG-7 cipher and their generalizations. Cryptography and Communications 5(4), 277\u2013289 (2013)","journal-title":"Cryptography and Communications"},{"key":"656_CR39","unstructured":"Gong, G.,\u00a0Gaal, P.,\u00a0Golomb, S.: A suspected infinite class of cyclic hadamard difference sets. In Proceedings of 1997 IEEE Information Theory Workshop, pp 614\u2013625. July 6-12, 1997, Longyearbyen, Svalbard, Norway (1997)"},{"issue":"6","key":"656_CR40","doi-asserted-by":"publisher","first-page":"2065","DOI":"10.1109\/18.782138","volume":"45","author":"G Gong","year":"1999","unstructured":"Gong, G., Golomb, S.W.: Transform domain analysis of DES. IEEE transactions on Information Theory 45(6), 2065\u20132073 (1999)","journal-title":"IEEE transactions on Information Theory"},{"key":"656_CR41","doi-asserted-by":"crossref","unstructured":"Gong, G.,\u00a0Khoo, K.: Additive autocorrelation of resilient boolean functions. In International Workshop on Selected Areas in Cryptography, pp 275\u2013290. Springer (2003)","DOI":"10.1007\/978-3-540-24654-1_20"},{"issue":"8","key":"656_CR42","doi-asserted-by":"publisher","first-page":"5555","DOI":"10.1109\/TIT.2011.2158480","volume":"57","author":"G Gong","year":"2011","unstructured":"Gong, G., R\u00f8njom, S., Helleseth, T., Hu, H.: Fast discrete fourier spectra attacks on stream ciphers. IEEE Transactions on Information Theory 57(8), 5555\u20135565 (2011)","journal-title":"IEEE Transactions on Information Theory"},{"key":"656_CR43","doi-asserted-by":"crossref","unstructured":"Gong, G., Youssef, A.M.: On Welch-Gong transformation sequence generators. In International Workshop on Selected Areas in Cryptography, pp 217\u2013232. Springer (2000)","DOI":"10.1007\/3-540-44983-3_16"},{"issue":"11","key":"656_CR44","doi-asserted-by":"publisher","first-page":"2837","DOI":"10.1109\/TIT.2002.804043","volume":"48","author":"G Gong","year":"2002","unstructured":"Gong, G., Youssef, A.M.: Cryptographic properties of the Welch-Gong transformation sequence generators. IEEE Transactions on Information Theory 48(11), 2837\u20132846 (2002)","journal-title":"IEEE Transactions on Information Theory"},{"issue":"4","key":"656_CR45","doi-asserted-by":"publisher","first-page":"614","DOI":"10.4153\/CJM-1962-052-2","volume":"14","author":"B Gordon","year":"1962","unstructured":"Gordon, B., Mill, W., Welch, L.: Some new difference sets. Canadian J Math 14(4), 614\u2013625 (1962)","journal-title":"Canadian J Math"},{"key":"656_CR46","unstructured":"Grassi, L.,\u00a0Khovratovich, D.,\u00a0Rechberger, C.,\u00a0Roy, A.,\u00a0Schofnegger, M.: Poseidon: A new hash function for Zero-Knowledge proof systems. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, pp 519\u2013535. (2021)"},{"key":"656_CR47","doi-asserted-by":"publisher","first-page":"674","DOI":"10.1007\/978-3-030-45724-2_23","volume-title":"Advances in Cryptology - EUROCRYPT 2020","author":"L Grassi","year":"2020","unstructured":"Grassi, L., L\u00fcftenegger, R., Rechberger, C., Rotaru, D., Schofnegger, M.: On a generalization of substitution-permutation networks: The HADES design strategy. In: Canteaut, A., Ishai, Y. (eds.) Advances in Cryptology - EUROCRYPT 2020, pp. 674\u2013704. Springer International Publishing, Cham (2020)"},{"issue":"6","key":"656_CR48","doi-asserted-by":"publisher","first-page":"975","DOI":"10.1090\/S0002-9939-1956-0082502-7","volume":"7","author":"M Hall","year":"1956","unstructured":"Hall, M.: A survey of difference sets. Proceedings of the American Mathematical Society 7(6), 975\u2013986 (1956)","journal-title":"Proceedings of the American Mathematical Society"},{"key":"656_CR49","volume-title":"Advances in Cryptology \u2013 EUROCRYPT\u201985","author":"T Herlestam","year":"1986","unstructured":"Herlestam, T.: On functions of linear shift register sequences. In: Pichler, F. (ed.) Advances in Cryptology \u2013 EUROCRYPT\u201985. Berlin, Heidelberg, Springer, Berlin Heidelberg (1986)"},{"key":"656_CR50","doi-asserted-by":"crossref","unstructured":"Joseph, M.,\u00a0Sekar, G.,\u00a0Balasubramanian, R.: Distinguishing attacks on (ultra-) lightweight WG ciphers. In International Workshop on Lightweight Cryptography for Security and Privacy, pp 45\u201359. Springer (2016)","DOI":"10.1007\/978-3-319-55714-4_4"},{"key":"656_CR51","unstructured":"Kaleem, M.K.: Physical layer approach for securing RFID systems. MASc thesis. uwspace (2013). http:\/\/hdl.handle.net\/10012\/7702"},{"issue":"4","key":"656_CR52","doi-asserted-by":"publisher","first-page":"369","DOI":"10.1016\/S0019-9958(71)90473-6","volume":"18","author":"T Kasami","year":"1971","unstructured":"Kasami, T.: The weight enumerators for several classes of subcodes of the 2nd order binary reed-muller codes. Information and Control 18(4), 369\u2013394 (1971)","journal-title":"Information and Control"},{"issue":"2","key":"656_CR53","first-page":"1208","volume":"10","author":"J Kaur","year":"2021","unstructured":"Kaur, J., Sarker, A., Kermani, M.M., Azarderakhsh, R.: Hardware constructions for error detection in lightweight Welch-Gong (WG)-oriented stream cipher WAGE benchmarked on FPGA. IEEE Transactions on Emerging Topics in Computing 10(2), 1208\u20131215 (2021)","journal-title":"IEEE Transactions on Emerging Topics in Computing"},{"key":"656_CR54","doi-asserted-by":"crossref","unstructured":"Krengel, E.: Fast WG stream cipher. In 2008 IEEE Region 8 International Conference on Computational Technologies in Electrical and Electronics Engineering, pp 31\u201335. (2008). IEEE","DOI":"10.1109\/SIBIRCON.2008.4602594"},{"key":"656_CR55","unstructured":"Lam, C.H.: Verification of pipelined ciphers. masc thesis. uwspace (2009). http:\/\/hdl.handle.net\/10012\/4267"},{"key":"656_CR56","unstructured":"Lam, C.H.,\u00a0Aagaard, M.,\u00a0Gong, G.: Hardware implementations of multi-output welch-gong ciphers, cacr report (2009). https:\/\/cacr.uwaterloo.ca\/techreports\/2011\/cacr2011-01.pdf"},{"key":"656_CR57","doi-asserted-by":"crossref","unstructured":"Luo, Y.,\u00a0Chai, Q.,\u00a0Gong, G.,\u00a0Lai, X.: A lightweight stream cipher WG-7 for RFID encryption and authentication. In 2010 IEEE Global Telecommunications Conference GLOBECOM 2010, pp. 1\u20136 (2010). IEEE","DOI":"10.1109\/GLOCOM.2010.5684215"},{"key":"656_CR58","unstructured":"Mandal, K.: Design and analysis of cryptographic pseudorandom number\/sequence generators with applications in RFID. PhD thesis. uwspace (2013). http:\/\/hdl.handle.net\/10012\/7730"},{"key":"656_CR59","doi-asserted-by":"crossref","unstructured":"Mandal, K.,\u00a0Fan, X.,\u00a0Gong, G.: Design and implementation of Warbler family of lightweight pseudorandom number generators for smart devices. ACM Trans Embed Comput Syst 15(1) (2016)","DOI":"10.1145\/2808230"},{"issue":"9","key":"656_CR60","doi-asserted-by":"publisher","first-page":"2725","DOI":"10.1109\/TC.2015.2506557","volume":"65","author":"K Mandal","year":"2016","unstructured":"Mandal, K., Gong, G.: Feedback reconstruction and implementations of pseudorandom number generators from composited de Bruijn sequences. IEEE Transactions on Computers 65(9), 2725\u20132738 (2016)","journal-title":"IEEE Transactions on Computers"},{"issue":"7","key":"656_CR61","first-page":"12","volume":"3","author":"K Mandal","year":"2016","unstructured":"Mandal, K., Gong, G.: Filtering nonlinear feedback shift registers using Welch-Gong transformations for securing RFID applications. EAI Endorsed Transactions on Security and Safety 3(7), 12 (2016)","journal-title":"EAI Endorsed Transactions on Security and Safety"},{"issue":"3","key":"656_CR62","doi-asserted-by":"publisher","first-page":"597","DOI":"10.3934\/amc.2020125","volume":"16","author":"K Mandal","year":"2022","unstructured":"Mandal, K., Gong, G.: On ideal $$t$$-tuple distribution of orthogonal functions in filtering de Bruijn generators. Advances in Mathematics of Communications 16(3), 597\u2013619 (2022)","journal-title":"Advances in Mathematics of Communications"},{"key":"656_CR63","doi-asserted-by":"crossref","unstructured":"Mandal, K.,\u00a0Gong, G.,\u00a0Fan, X.,\u00a0Aagaard, M.: On selection of optimal parameters for the WG stream cipher family. In 2013 13th Canadian Workshop on Information Theory, pp 17\u201321 (2013). IEEE","DOI":"10.1109\/CWIT.2013.6621585"},{"issue":"2","key":"656_CR64","doi-asserted-by":"publisher","first-page":"117","DOI":"10.1007\/s12095-013-0091-0","volume":"6","author":"K Mandal","year":"2014","unstructured":"Mandal, K., Gong, G., Fan, X., Aagaard, M.: Optimal parameters for the WG stream cipher family. Cryptography and Communications 6(2), 117\u2013135 (2014)","journal-title":"Cryptography and Communications"},{"issue":"12","key":"656_CR65","doi-asserted-by":"publisher","first-page":"1835","DOI":"10.1109\/TC.2020.2979460","volume":"69","author":"K Mandal","year":"2020","unstructured":"Mandal, K., Yang, B., Gong, G., Aagaard, M.: Analysis and efficient implementations of a class of composited de Bruijn sequences. IEEE Transactions on Computers 69(12), 1835\u20131848 (2020)","journal-title":"IEEE Transactions on Computers"},{"key":"656_CR66","unstructured":"Mascia, C.,\u00a0Piccione, E.,\u00a0Sala, M.: An algebraic attack on stream ciphers with application to nonlinear filter generators and WG-PRNG (2021). arXiv preprint arXiv:2112.12268"},{"key":"656_CR67","doi-asserted-by":"crossref","unstructured":"Mohajerani, K.,\u00a0Haeussler, R.,\u00a0Nagpal, R.,\u00a0Farahmand, F.,\u00a0Abdulgadir, A., Kaps, J.-P.,\u00a0Gaj, K.: FPGA benchmarking of round 2 candidates in the NIST lightweight cryptography standardization process: Methodology, metrics, tools, and results. Cryptology ePrint Archive, Paper 2020\/1207 (2020). https:\/\/eprint.iacr.org\/2020\/1207","DOI":"10.23919\/DATE51398.2021.9473930"},{"key":"656_CR68","doi-asserted-by":"crossref","unstructured":"Mohajerani, K.,\u00a0Haeussler, R.,\u00a0Nagpal, R.,\u00a0Farahmand, F.,\u00a0Abdulgadir, A., Kaps, J.-P.,\u00a0Gaj, K.: Hardware benchmarking of round 2 candidates in the NIST lightweight cryptography standardization process. In 2021 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp 164\u2013169. (2021)","DOI":"10.23919\/DATE51398.2021.9473930"},{"key":"656_CR69","unstructured":"Mota, R.K.: Role of cryptographic Welch-Gong (WG-5) stream cipher in RFID security. masc thesis. uwspace (2012). http:\/\/hdl.handle.net\/10012\/6769"},{"key":"656_CR70","unstructured":"Nawaz, Y.: Design of stream ciphers and cryptographic properties of nonlinear functions. PhD thesis. uwspace (2007). http:\/\/hdl.handle.net\/10012\/3447"},{"key":"656_CR71","unstructured":"Nawaz, Y.,\u00a0Gong, G.: The WG stream cipher, estream submission (2005). http:\/\/www.ecrypt.eu.org\/stream\/p2ciphers\/wg\/wg_p2.pdf"},{"issue":"7","key":"656_CR72","doi-asserted-by":"publisher","first-page":"1903","DOI":"10.1016\/j.ins.2007.12.002","volume":"178","author":"Y Nawaz","year":"2008","unstructured":"Nawaz, Y., Gong, G.: WG: A family of stream ciphers with designed randomness properties. Information Sciences 178(7), 1903\u20131916 (2008)","journal-title":"Information Sciences"},{"issue":"3","key":"656_CR73","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/18.669400","volume":"44","author":"J-S No","year":"1998","unstructured":"No, J.-S., Chung, H., Yun, M.-S.: Binary pseudorandom sequences of period $$2^m-1$$ with ideal autocorrelation generated by the polynomial $$z^d + (z+ 1)^d$$. IEEE Trans. Inf. Theory 44(3), 1278\u20131282 (1998)","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"3","key":"656_CR74","doi-asserted-by":"publisher","first-page":"1278","DOI":"10.1109\/18.669400","volume":"44","author":"J-S No","year":"1998","unstructured":"No, J.-S., Golomb, S.W., Gong, G., Lee, H.-K., Gaal, P.: Binary pseudorandom sequences of period $$2^m-1$$ with ideal autocorrelation. IEEE Trans. Inf. Theory 44(3), 1278\u20131282 (1998)","journal-title":"IEEE Trans. Inf. Theory"},{"issue":"6","key":"656_CR75","doi-asserted-by":"publisher","first-page":"2254","DOI":"10.1109\/18.556617","volume":"42","author":"J-S No","year":"1996","unstructured":"No, J.-S., Lee, H.-K., Chung, H., Song, H.-Y., Yang, K.: Trace representation of Legendre sequences of Mersenne prime period. IEEE Transactions on Information Theory 42(6), 2254\u20132255 (1996)","journal-title":"IEEE Transactions on Information Theory"},{"issue":"1","key":"656_CR76","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/BF00204800","volume":"8","author":"K Nyberg","year":"1995","unstructured":"Nyberg, K., Knudsen, L.R.: Provable security against a differential attack. J Cryptol 8(1), 27\u201337 (1995)","journal-title":"J Cryptol"},{"issue":"3","key":"656_CR77","doi-asserted-by":"publisher","first-page":"277","DOI":"10.1007\/s12095-012-0070-x","volume":"4","author":"MA Orumiehchiha","year":"2012","unstructured":"Orumiehchiha, M.A., Pieprzyk, J., Steinfeld, R.: Cryptanalysis of WG-7: a lightweight stream cipher. Cryptography and Communications 4(3), 277\u2013285 (2012)","journal-title":"Cryptography and Communications"},{"issue":"2","key":"656_CR78","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1007\/s13389-020-00222-x","volume":"10","author":"MA Orumiehchiha","year":"2020","unstructured":"Orumiehchiha, M.A., Rostami, S., Shakour, E., Pieprzyk, J.: A differential fault attack on the WG family of stream ciphers. Journal of Cryptographic Engineering 10(2), 189\u2013195 (2020)","journal-title":"Journal of Cryptographic Engineering"},{"key":"656_CR79","doi-asserted-by":"crossref","unstructured":"Philip, M.A., Vaithiyanathan: A survey on lightweight ciphers for IoT devices. In 2017 International Conference on Technological Advancements in Power and Energy (TAP Energy), pp. 1\u20134 (2017). IEEE","DOI":"10.1109\/TAPENERGY.2017.8397271"},{"key":"656_CR80","unstructured":"Rohit, R.: Design and cryptanalysis of lightweight symmetric key primitives. PhD thesis. uwspace (2020). http:\/\/hdl.handle.net\/10012\/15556"},{"key":"656_CR81","doi-asserted-by":"crossref","unstructured":"Rohit, R.,\u00a0AlTawy, R.,\u00a0Gong, G.: MILP-based cube attack on the reduced-round WG-5 lightweight stream cipher. In IMA International Conference on Cryptography and Coding, pp. 333\u2013351. Springer (2017)","DOI":"10.1007\/978-3-319-71045-7_17"},{"key":"656_CR82","unstructured":"R\u00f8njom, S.: Powers of subfield polynomials, cyclic codes and algebraic attacks with applications to the WG stream ciphers. In WCC2015-9th International Workshop on Coding and Cryptography 2015 (2015)"},{"issue":"1","key":"656_CR83","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1007\/s10623-016-0212-9","volume":"82","author":"S R\u00f8njom","year":"2017","unstructured":"R\u00f8njom, S.: Improving algebraic attacks on stream ciphers based on linear feedback shift register over $$\\mathbb{F} _{2^k}$$. Designs, Codes and Cryptography 82(1), 27\u201341 (2017)","journal-title":"Designs, Codes and Cryptography"},{"issue":"2","key":"656_CR84","doi-asserted-by":"publisher","first-page":"351","DOI":"10.1007\/s12095-018-0298-1","volume":"11","author":"S Rostami","year":"2019","unstructured":"Rostami, S., Shakour, E., Orumiehchiha, M.A., Pieprzyk, J.: Cryptanalysis of WG-8 and WG-16 stream ciphers. Cryptography and Communications 11(2), 351\u2013362 (2019)","journal-title":"Cryptography and Communications"},{"key":"656_CR85","unstructured":"Sattarov, M.: Hardware implementations of the lightweight Welch-Gong stream cipher family using polynomial bases. MASc thesis. uwspace (2019). http:\/\/hdl.handle.net\/10012\/14437"},{"key":"656_CR86","doi-asserted-by":"crossref","unstructured":"Scholtz, R.,\u00a0Welch, L.: GMW sequences (corresp.). IEEE Transactions on Information Theory 30(3),548\u2013553 (1984)","DOI":"10.1109\/TIT.1984.1056910"},{"issue":"2","key":"656_CR87","doi-asserted-by":"publisher","first-page":"291","DOI":"10.1007\/s12095-015-0141-x","volume":"8","author":"Y Tan","year":"2016","unstructured":"Tan, Y., Gong, G., Zhu, B.: Enhanced criteria on differential uniformity and nonlinearity of cryptographically significant functions. Cryptography and communications 8(2), 291\u2013311 (2016)","journal-title":"Cryptography and communications"},{"key":"656_CR88","doi-asserted-by":"crossref","unstructured":"Wu, H.,\u00a0Preneel, B.: Resynchronization attacks on WG and LEX. In International Workshop on Fast Software Encryption, pp. 422\u2013432. Springer (2006)","DOI":"10.1007\/11799313_27"},{"key":"656_CR89","unstructured":"Wu, T.: On message authentication in 4G LTE system. PhD thesis. uwspace (2015). http:\/\/hdl.handle.net\/10012\/9601"},{"issue":"8","key":"656_CR90","doi-asserted-by":"publisher","first-page":"1354","DOI":"10.1109\/TC.2017.2676763","volume":"66","author":"B Yang","year":"2017","unstructured":"Yang, B., Mandal, K., Aagaard, M.D., Gong, G.: Efficient composited de Bruijn sequence generators. IEEE Transactions on Computers 66(8), 1354\u20131368 (2017)","journal-title":"IEEE Transactions on Computers"},{"key":"656_CR91","unstructured":"Yang, G.: Optimized hardware implementations of lightweight cryptography. PhD thesis. uwspace (2017). http:\/\/hdl.handle.net\/10012\/11237"},{"key":"656_CR92","doi-asserted-by":"crossref","unstructured":"Yang, G.,\u00a0Fan, X.,\u00a0Aagaard, M.,\u00a0Gong, G.: Design space exploration of the lightweight stream cipher WG-8 for FPGAs and ASICs. In Proceedings of the Workshop on Embedded Systems Security, pp. 1\u201310. (2013)","DOI":"10.1145\/2527317.2527325"},{"key":"656_CR93","unstructured":"Yi, Y.,\u00a0Gong, G.,\u00a0Mandal, K.: Implementation of three LWC schemes in the WiFi 4-way handshake with software defined radio. NIST LWC workshop 2019, arXiv preprint (2019). arXiv:1909.11707"},{"key":"656_CR94","doi-asserted-by":"crossref","unstructured":"Yi, Y.,\u00a0Mandal, K.,\u00a0Gong, G.: Implementation of lightweight ciphers and their integration into entity authentication with IEEE 802.11 physical layer transmission. In International Symposium on Foundations and Practice of Security, pp. 113\u2013129. Springer (2022)","DOI":"10.1007\/978-3-031-08147-7_8"},{"key":"656_CR95","doi-asserted-by":"crossref","unstructured":"Youssef, A.M.,\u00a0Gong, G.: On the interpolation attacks on block ciphers. In International Workshop on Fast Software Encryption, pp. 109\u2013120. Springer (2000)","DOI":"10.1007\/3-540-44706-7_8"},{"key":"656_CR96","unstructured":"Yu, N.Y.: On periodic correlation of binary sequences. PhD thesis. uwspace (2007). http:\/\/hdl.handle.net\/10012\/2634"},{"key":"656_CR97","doi-asserted-by":"crossref","unstructured":"Zhang, B.Y.,\u00a0Gong, G.: Randomness properties of stream ciphers for wireless communications. In The Sixth International Workshop on Signal Design and Its Applications in Communications, pp. 107\u2013109. (2013). IEEE","DOI":"10.1109\/IWSDA.2013.6849074"},{"key":"656_CR98","unstructured":"Zidaric, N.: Hardware implementations of the WG-16 stream cipher with composite field arithmetic. MASc thesis. uwspace (2014). http:\/\/hdl.handle.net\/10012\/8844"},{"key":"656_CR99","unstructured":"Zidaric, N.: Automated design space exploration and datapath synthesis for finite field arithmetic with applications to lightweight cryptography. PhD thesis. uwspace (2020). http:\/\/hdl.handle.net\/10012\/15928"},{"issue":"1","key":"656_CR100","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1109\/TC.2018.2854757","volume":"68","author":"N Zidaric","year":"2018","unstructured":"Zidaric, N., Aagaard, M., Gong, G.: Hardware optimizations and analysis for the WG-16 cipher with tower field arithmetic. IEEE Transactions on Computers 68(1), 67\u201382 (2018)","journal-title":"IEEE Transactions on Computers"},{"key":"656_CR101","doi-asserted-by":"crossref","unstructured":"Zidaric, N.,\u00a0Aagaard, M.,\u00a0Gong, G.: Rapid hardware design for cryptographic modules with filtering structures over small finite fields. In International Workshop on the Arithmetic of Finite Fields, pp. 128\u2013145. Springer (2018)","DOI":"10.1007\/978-3-030-05153-2_7"},{"key":"656_CR102","unstructured":"Zidaric, N.,\u00a0Aagaard, M.,\u00a0Gong, G.: FSR, feedback shift register package, Version 1.2.2. GAP package (2019)"}],"container-title":["Cryptography and Communications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s12095-023-00656-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s12095-023-00656-0\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s12095-023-00656-0.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,3]],"date-time":"2024-02-03T07:21:21Z","timestamp":1706944881000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s12095-023-00656-0"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,8,5]]},"references-count":102,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1]]}},"alternative-id":["656"],"URL":"https:\/\/doi.org\/10.1007\/s12095-023-00656-0","relation":{},"ISSN":["1936-2447","1936-2455"],"issn-type":[{"value":"1936-2447","type":"print"},{"value":"1936-2455","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,8,5]]},"assertion":[{"value":"2 November 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"3 June 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"5 August 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}