At the Asiacrypt 2003 conference Billet and Gilbert introduce a block cipher, which, to quote them, has the following paradoxical traceability properties: it is computationally ea...
Many popular stream ciphers apply a filter/combiner to the state of one or several LFSRs. Algebraic attacks on such ciphers [10, 11] are possible, if there is a multivariate relat...
Abstract. In a related-key attack, the adversary is allowed to transform the secret key and request encryptions of plaintexts under the transformed key. This paper studies the secu...
Abstract. Even and Mansour [EM97] proposed a block cipher construction that takes a publicly computable random permutation oracle P and XORs different keys prior to and after appl...
A T-function is a mapping from n-bit words to n-bit words in which for each 0 ≤ i < n, bit i of any output word can depend only on bits 0, 1, . . . , i of any input word. All ...