On the distribution of linear biases: Three instructive examples, CRYPTO 2012, vol.7417, pp.50-67, 2012. ,
, Advanced Encryption Standard (AES), 2001.
On the indifferentiability of key-alternating ciphers, CRYPTO 2013, Part I. LNCS, vol.8042, pp.531-550, 2013. ,
Proving resistance against invariant attacks: How to choose the round constants, Part II, vol.10402, pp.647-678, 2017. ,
URL : https://hal.archives-ouvertes.fr/hal-01631130
Differential cryptanalysis of DES-like cryptosystems, CRYPTO'90, vol.537, pp.2-21, 1991. ,
Related-key cryptanalysis of the full AES-192 and AES-256, ASIACRYPT 2009, vol.5912, pp.1-18, 2009. ,
Distinguisher and related-key attack on the full AES-256, CRYPTO 2009, vol.5677, pp.231-249, 2009. ,
On reverse-engineering S-boxes with hidden design criteria or structure, CRYPTO 2015, Part I. LNCS, vol.9215, pp.116-140, 2015. ,
Improved parameter estimates for correlation and capacity deviates in linear cryptanalysis, IACR Trans. Symm. Cryptol, vol.2016, issue.2, pp.162-191, 2016. ,
Key-alternating ciphers in a provable setting: Encryption using a small number of public permutations -(extended abstract), EUROCRYPT 2012, vol.7237, pp.45-62, 2012. ,
Higher-order differential properties of Keccak and Luffa, FSE 2011, vol.6733, pp.252-269, 2011. ,
URL : https://hal.archives-ouvertes.fr/hal-00738195
BISONinstantiating the whitened swap-or-not construction, Cryptology ePrint Archive, 1011. ,
On the behaviors of affine equivalent sboxes regarding differential and linear attacks, EUROCRYPT 2015, Part I. LNCS, vol.9056, pp.45-74, 2015. ,
URL : https://hal.archives-ouvertes.fr/hal-01104051
Boolean Functions for Cryptography and Error Correcting Codes, Boolean Methods and Models, 2007. ,
Tight security bounds for key-alternating ciphers, EUROCRYPT 2014, vol.8441, pp.327-350, 2014. ,
Cipher and hash function design, strategies based on linear and differential cryptanalysis, 1995. ,
Block ciphers based on modular arithmetic, State and Progress in the Research of Cryptography, pp.80-89, 1993. ,
Correlation matrices, FSE'94, vol.1008, pp.275-285, 1995. ,
The block cipher rijndael, CARDIS'98, vol.1820, pp.277-284, 1998. ,
The wide trail design strategy, 8th IMA International Conference on Cryptography and Coding, vol.2260, pp.222-238, 2001. ,
The Design of Rijndael: AES -The Advanced Encryption Standard. Information Security and Cryptography, 2002. ,
Understanding two-round differentials in AES, SCN 06, vol.4116, pp.78-94, 2006. ,
Improved key recovery attacks on reduced-round AES in the single-key setting, EURO-CRYPT 2013, vol.7881, pp.371-387, 2013. ,
URL : https://hal.archives-ouvertes.fr/hal-01094304
A survey of bent functions, The NSA technical journal, vol.191, p.215, 1972. ,
A construction of a cipher from a single pseudorandom permutation, Journal of Cryptology, vol.10, issue.3, pp.151-162, 1997. ,
Improved cryptanalysis of Rijndael, FSE 2000, vol.1978, pp.213-230, 2001. ,
, A collision attack on 7 rounds of rijndael, vol.230, p.241, 2000.
Subspace trail cryptanalysis and its applications to AES, IACR Trans. Symm. Cryptol, vol.2016, issue.2, pp.192-225, 2016. ,
A new structural-differential property of 5-round AES, Part II, vol.10211, pp.289-317, 2017. ,
On the indifferentiability of key-alternating Feistel ciphers with no key derivation, TCC 2015, Part I. LNCS, vol.9014, pp.110-133, 2015. ,
An enciphering scheme based on a card shuffle, CRYPTO 2012, vol.7417, pp.1-13, 2012. ,
Key-alternating ciphers and key-length extension: Exact bounds and multi-user security, CRYPTO 2016, Part I. LNCS, vol.9814, pp.3-32, 2016. ,
Provable security against differential and linear cryptanalysis for the SPN structure, FSE 2000, vol.1978, pp.273-283, 2001. ,
The interpolation attack on block ciphers, FSE'97, vol.1267, pp.28-40, 1997. ,
Exact maximum expected differential and linear probability for two-round advanced encryption standard, IET Information Security, vol.1, issue.2, pp.53-57, 2007. ,
Linear cryptanalysis: Key schedules and tweakable block ciphers, IACR Trans. Symm. Cryptol, vol.2017, issue.1, pp.474-505, 2017. ,
Markov ciphers and differential cryptanalysis, EUROCRYPT'91, vol.547, pp.17-38, 1991. ,
Security analysis of key-alternating Feistel ciphers, FSE 2014, vol.8540, pp.243-264, 2015. ,
URL : https://hal.archives-ouvertes.fr/hal-02176873
A cryptanalysis of PRINTcipher: The invariant subspace attack, CRYPTO 2011, vol.6841, pp.206-221, 2011. ,
On correlation between the order of S-boxes and the strength of DES, EUROCRYPT'94, vol.950, pp.366-375, 1995. ,
Nonlinearity criteria for cryptographic functions, EUROCRYPT'89, vol.434, pp.549-562, 1990. ,
Cycle slicer: An algorithm for building permutations on special domains, Cryptology ePrint Archive, vol.873, 2017. ,
Linear approximation of block ciphers (rump session), EUROCRYPT'94, vol.950, pp.439-444, 1995. ,
provable" security against differential and linear cryptanalysis (invited talk), FSE 2012, vol.7549, pp.1-8, 2012. ,
Provable security against a differential attack, Journal of Cryptology, vol.8, issue.1, pp.27-37, 1995. ,
Improving the upper bound on the maximum differential and the maximum linear Hull probability for SPN structures and AES, FSE 2003, vol.2887, pp.247-260, 2003. ,
On 'bent' functions, Journal of Combinatorial Theory, Series A, vol.20, issue.3, pp.300-305, 1976. ,
Optimally secure block ciphers from ideal primitives, ASIACRYPT 2015, Part II. LNCS, vol.9453, pp.437-462, 2015. ,
Optimally secure block ciphers from ideal primitives, Cryptology ePrint Archive, vol.868, 2015. ,
Nonlinear invariant attack -practical attack on full SCREAM, iSCREAM, and Midori64, ASIACRYPT 2016, Part II, vol.10032, pp.3-33, 2016. ,
Provable security for block ciphers by decorrelation, STACS'98, vol.1373, pp.249-275, 1998. ,
The end of encryption based on card shuffling, CRYPTO 2012 Rump Session, 2012. ,