{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,13]],"date-time":"2026-02-13T16:44:37Z","timestamp":1771001077100,"version":"3.50.1"},"reference-count":18,"publisher":"Walter de Gruyter GmbH","issue":"1","license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022,1,28]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>\n                    In recent years, the demand for lightweight cryptographic protocols has grown immensely. To fulfill this necessity, the National Institute of Standards and Technology (NIST) has initiated a standardization process for lightweight cryptographic encryption. NIST\u2019s call for proposal demands that the scheme should have one\n                    <jats:italic>primary<\/jats:italic>\n                    member that has a key length of 128 bits, and it should be secure up to\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_002.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:msup>\n                            <m:mrow>\n                              <m:mn>2<\/m:mn>\n                            <\/m:mrow>\n                            <m:mrow>\n                              <m:mn>50<\/m:mn>\n                            <\/m:mrow>\n                          <\/m:msup>\n                          <m:mo>\u2212<\/m:mo>\n                          <m:mn>1<\/m:mn>\n                        <\/m:math>\n                        <jats:tex-math>{2}^{50}-1<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    byte queries and\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_003.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:msup>\n                            <m:mrow>\n                              <m:mn>2<\/m:mn>\n                            <\/m:mrow>\n                            <m:mrow>\n                              <m:mn>112<\/m:mn>\n                            <\/m:mrow>\n                          <\/m:msup>\n                        <\/m:math>\n                        <jats:tex-math>{2}^{112}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    computations. In this article, we propose a tweakable block cipher (TBC)-based authenticated encryption with associated data (AEAD) scheme, which we call\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_004.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mF<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mF}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    . We provide authenticated encryption security analysis for\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_005.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mF<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mF}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    under some weaker security assumptions (stated in the article) on the underlying TBC. We instantiate a TBC using block cipher and show that the TBC achieves these weaker securities, provided the key update function has high periodicity.\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_006.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mixFeed<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mixFeed}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    is a round 2 candidate in the aforementioned lightweight cryptographic standardization competition. When we replace the key update function with the key scheduling function of Advanced Encryption Standard (AES), the\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_007.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mF<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mF}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    mode reduces to\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_008.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mixFeed<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mixFeed}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    . Recently, the low periodicity of AES key schedule is shown. Exploiting this feature, a practical attack on\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_009.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mixFeed<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mixFeed}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    is reported. We have shown that multiplication by primitive element satisfies the high periodicity property, and we have a secure instantiation of\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_010.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mF<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mF}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    , a secure variant of\n                    <jats:inline-formula>\n                      <jats:alternatives>\n                        <jats:inline-graphic xmlns:xlink=\"http:\/\/www.w3.org\/1999\/xlink\" xlink:href=\"graphic\/j_jmc-2020-0054_eq_011.png\"\/>\n                        <m:math xmlns:m=\"http:\/\/www.w3.org\/1998\/Math\/MathML\">\n                          <m:mi mathvariant=\"sans-serif\">mixFeed<\/m:mi>\n                        <\/m:math>\n                        <jats:tex-math>{\\mathsf{mixFeed}}<\/jats:tex-math>\n                      <\/jats:alternatives>\n                    <\/jats:inline-formula>\n                    .\n                  <\/jats:p>","DOI":"10.1515\/jmc-2020-0054","type":"journal-article","created":{"date-parts":[[2022,2,8]],"date-time":"2022-02-08T08:21:48Z","timestamp":1644308508000},"page":"73-97","source":"Crossref","is-referenced-by-count":2,"title":["The mF mode of authenticated encryption with associated data"],"prefix":"10.1515","volume":"16","author":[{"given":"Bishwajit","family":"Chakraborty","sequence":"first","affiliation":[{"name":"Applied Statistics Unit, Indian Statistical Institute , Kolkata , India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Mridul","family":"Nandi","sequence":"additional","affiliation":[{"name":"Applied Statistics Unit, Indian Statistical Institute , Kolkata , India"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"374","published-online":{"date-parts":[[2022,1,28]]},"reference":[{"key":"2025120600292475244_j_jmc-2020-0054_ref_001","unstructured":"N. Mouha. The design space of lightweight cryptography. in: NIST Lightweight Cryptography Workshop 2015. 2015."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_002","unstructured":"NIST. Announcing the ADVANCED ENCRYPTION STANDARD (AES), National Institute of Standards and Technology, U.S. Department of Commerce, Fedral Information Processing Standards Publication no FIPS 197. 2001."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_003","unstructured":"M. J. Dworkin. SHA-3 standard: Permutation-based hash and extendable-output functions. 2015."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_004","unstructured":"NIST. Submission Requirements and Evaluation Criteria for the Lightweight Cryptography Standardization Process. 2018.https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/final-lwc-submission-requirements-august2018.pdf"},{"key":"2025120600292475244_j_jmc-2020-0054_ref_005","doi-asserted-by":"crossref","unstructured":"M. Liskov, R.L. Rivest, D. Wagner. Tweakable block ciphers. In: Annual International Cryptology Conference. Springer; 2002. p. 31\u201346.","DOI":"10.1007\/3-540-45708-9_3"},{"key":"2025120600292475244_j_jmc-2020-0054_ref_006","unstructured":"B. Chakraborty, M. Nandi. mixFeed. Submission to NIST LwC Standardization Process (Round 2). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/lightweight-cryptography\/documents\/round-2\/spec-doc-rnd2\/mixFeed-spec-round2.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_007","unstructured":"T. Iwata, M. Khairallah, K. Minematsu, T. Peyrin. REMUS. Submission to NIST LwC Standardization Process (Round 1). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/spec-doc\/Remus-spec.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_008","unstructured":"T. Iwata, M. Khairallah, K. Minematsu, T. Peyrin. Romulus. Submission to NIST LwC Standardization Process (Round 2). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/lightweight-cryptography\/documents\/round-2\/spec-doc-rnd2\/Romulus-spec-round2.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_009","unstructured":"T. Iwata, M. Khairallah, K. Minematsu, T. Peyrin, Y. Sasaki, S. MengSim, L. Sun. Thank Goodness It\u2019s Friday (TGIF). Submission to NIST LwC Standardization Process (Round 1). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/spec-doc\/TGIF-spec.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_010","unstructured":"S. Gueron, A. Jha, M. Nandi. COMET. Submission to NIST LwC Standardization Process (Round 1). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/lightweight-cryptography\/documents\/round-2\/spec-doc-rnd2\/comet-spec-round2.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_011","doi-asserted-by":"crossref","unstructured":"P. Rogaway. Efficient instantiations of tweakable blockciphers and refinements to modes OCB and PMAC. In: International Conference on the Theory and Application of Cryptology and Information Security. Springer; 2004. p. 16\u201331.","DOI":"10.1007\/978-3-540-30539-2_2"},{"key":"2025120600292475244_j_jmc-2020-0054_ref_012","unstructured":"N. Datta, A. Jha, A. M\u00e8ge, M. Nandi. Breaking REMUS and TGIF in the light of NIST Lightweight Cryptography Standardization Project. 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Events\/lightweight-cryptography-workshop-2019\/documents\/papers\/breaking-remus-and-tgif-lwc2019.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_013","unstructured":"M. Khairallah. Weak Keys in the Rekeying Paradigm: Application to COMET and mixFeed. Cryptology ePrint Archive, Report 2019\/888. 2019. https:\/\/eprint.iacr.org\/2019\/888."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_014","unstructured":"G. Leurent, C. Pernot. New Representations of the AES Key Schedule. Cryptology ePrint Archive, Report 2020\/1253. 2020. https:\/\/eprint.iacr.org\/2020\/1253."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_015","doi-asserted-by":"crossref","unstructured":"P. Rogaway. Authenticated-encryption with associated-data. In: Proceedings of the 9th ACM Conference on Computer and communications Security; 2002. p. 98\u2013107.","DOI":"10.1145\/586110.586125"},{"key":"2025120600292475244_j_jmc-2020-0054_ref_016","unstructured":"Beierle C, Jean J, K\u00f6lbl S, Leander G, Moradi A, Peyrin T, et al. SKINNY-AEAD and SKINNY-HASH. Submission to NIST LwC Standardization Process (Round 2). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/lightweight-cryptography\/documents\/round-2\/spec-doc-rnd2\/SKINNY-spec-round2.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_017","unstructured":"R. Avanzi, S. Banik, A. Bogdanov, O. Dunkelman, S. Huang, F. Regazzoni. Qameleon v. 1.0. Submission to NIST LwC Standardization Process (Round 1). 2019. https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/Lightweight-Cryptography\/documents\/round-1\/spec-doc\/qameleon-spec.pdf."},{"key":"2025120600292475244_j_jmc-2020-0054_ref_018","unstructured":"Adomnicai A, Berger TP, Clavier C, Francq J, Huynh P, Lallemand V, et al. Lilliput-AE: a new lightweight tweakable block cipher for authenticated encryption with associated data. Submitted to NIST Lightweight Project. 2019."}],"container-title":["Journal of Mathematical Cryptology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2020-0054\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2020-0054\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,6]],"date-time":"2025-12-06T00:29:48Z","timestamp":1764980988000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.degruyterbrill.com\/document\/doi\/10.1515\/jmc-2020-0054\/html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,1,1]]},"references-count":18,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2022,2,10]]},"published-print":{"date-parts":[[2022,2,10]]}},"alternative-id":["10.1515\/jmc-2020-0054"],"URL":"https:\/\/doi.org\/10.1515\/jmc-2020-0054","relation":{},"ISSN":["1862-2984"],"issn-type":[{"value":"1862-2984","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,1,1]]}}}