Remember Me
Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:

OpenAIRE is about to release its new face with lots of new content and services.
During September, you may notice downtime in services, while some functionalities (e.g. user registration, validation, claiming) will be temporarily disabled.
We apologize for the inconvenience, please stay tuned!
For further information please contact helpdesk[at]openaire.eu

fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
IACR Transactions on Symmetric Cryptology (ToSC)
102 Publications
OpenAIRE 3.0 (OA, funding)


  • Cryptanalysis of PMACx, PMAC2x, and SIVx

    Minematsu, Kazuhiko; Iwata, Tetsu (2017)
    At CT-RSA 2017, List and Nandi proposed two variable input length pseudorandom functions (VI-PRFs) called PMACx and PMAC2x, and a deterministic authenticated encryption scheme called SIVx. These schemes use a tweakable block cipher (TBC) as the underlying primitive, and are provably secure up to the query complexity of 2n, where n denotes the block length of the TBC. In this paper, we falsify the provable security claims by presenting concrete attacks. We show that with the query complexity o...

    Mixture Differential Cryptanalysis: a New Approach to Distinguishers and Attacks on round-reduced AES

    Grassi, Lorenzo (2018)
    At Eurocrypt 2017 the first secret-key distinguisher for 5-round AES - based on the “multiple-of-8” property - has been presented. Although it allows to distinguish a random permutation from an AES-like one, it seems rather hard to implement a key-recovery attack different than brute-force like using such a distinguisher. In this paper we introduce “Mixture Differential Cryptanalysis” on round-reduced AESlike ciphers, a way to translate the (complex) “multiple-of-8” 5-round distinguisher into...

    Meet-in-the-Middle Attacks on Classes of Contracting and Expanding Feistel Constructions

    Guo, Jian; Jean, Jérémy; Nikolic, Ivica; Sasaki, Yu (2017)
    We show generic attacks on unbalanced Feistel ciphers based on the meet-in-the-middle technique. We analyze two general classes of unbalanced Feistel structures, namely contracting Feistels and expanding Feistels. In both of the cases, we consider the practical scenario where the round functions are keyless and known to the adversary. In the case of contracting Feistels with 4 branches, we show attacks on 16 rounds when the key length k (in bits) is as large as the block length n (in bits), a...

    Security Notions for Bidirectional Channels

    Marson, Giorgia Azzurra; Poettering, Bertram (2017)
    Projects: EC | ERCC (615074)
    This paper closes a definitional gap in the context of modeling cryptographic two-party channels. We note that, while most security models for channels consider exclusively unidirectional communication, real-world protocols like TLS and SSH are rather used for bidirectional interaction. The motivational question behind this paper is: Can analyses conducted with the unidirectional setting in mind—including the current ones for TLS and SSH—also vouch for security in the case of bidirectional ch...

    Fast Correlation Attacks on Grain-like Small State Stream Ciphers

    Zhang, Bin; Gong, Xinxin; Meier, Willi (2017)
    In this paper, we study the security of Grain-like small state stream ciphers by fast correlation attacks, which are commonly regarded as classical cryptanalytic methods against LFSR-based stream ciphers. We extend the cascaded structure adopted in such primitives in general and show how to restore the full internal state part-by-part if the non-linear combining function meets some characteristic. As a case study, we present a key recovery attack against Fruit, a tweaked version of Sprout tha...
  • No data provider research data found
  • Latest Documents Timeline

    Chart is loading... It may take a bit of time. Please be patient and don't reload the page.

    Document Types

    Chart is loading... It may take a bit of time. Please be patient and don't reload the page.

    Funders in data provider publications

    Chart is loading... It may take a bit of time. Please be patient and don't reload the page.

    Projects with most Publications

    Chart is loading... It may take a bit of time. Please be patient and don't reload the page.

Share - Bookmark

Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.
More information Ok