| Publication | Date of Publication | Type |
|---|
| The exact multi-user security of 2-key triple DES | 2024-11-12 | Paper |
| The exact multi-user security of (tweakable) key alternating ciphers with a single permutation | 2024-11-12 | Paper |
| Designing S-boxes providing stronger security against differential cryptanalysis for ciphers using byte-wise XOR | 2024-10-14 | Paper |
| KIVR: committing authenticated encryption using redundancy and application to GCM, CCM, and more | 2024-05-31 | Paper |
| Secret can be public: low-memory AEAD mode for high-order masking | 2023-06-30 | Paper |
| Double-block-length hash function for minimum memory size | 2023-05-12 | Paper |
| \textsf{Elastic-Tweak}: a framework for short tweak tweakable block cipher | 2023-05-12 | Paper |
| A card-minimal three-input and protocol using two shuffles | 2023-03-30 | Paper |
| Optimizing Online Permutation-Based AE Schemes for Lightweight Applications | 2022-12-09 | Paper |
| Out of oddity -- new cryptanalytic techniques against symmetric primitives optimized for integrity proof systems | 2022-12-07 | Paper |
| Rate-one AE with security under RUP | 2022-11-02 | Paper |
| Quantum collision attacks on reduced SHA-256 and SHA-512 | 2022-03-31 | Paper |
| Finding hash collisions with quantum computers by using differential trails with smaller probability than birthday bound | 2022-03-23 | Paper |
| Lightweight authenticated encryption mode suitable for threshold implementation | 2022-03-23 | Paper |
| On the design of bit permutation based ciphers. The interplay among S-box, bit permutation and key-addition | 2021-02-23 | Paper |
| Lesamnta-LW revisited: improved security analysis of primitive and new PRF mode | 2021-02-23 | Paper |
| Quantum algorithm for the multicollision problem | 2020-10-12 | Paper |
| GIFT: A Small Present | 2020-06-24 | Paper |
| A practical forgery attack on Lilliput-AE | 2020-06-15 | Paper |
| Related-key boomerang attacks on GIFT with automated trail search including BCT effect | 2020-05-27 | Paper |
| Quantum attacks without superposition queries: the offline Simon's algorithm | 2020-05-20 | Paper |
| Correlation of quadratic Boolean functions: cryptanalysis of all versions of full MORUS | 2020-03-09 | Paper |
| Improved quantum multicollision-finding algorithm | 2020-02-25 | Paper |
| Cryptanalysis of ForkAES | 2020-01-30 | Paper |
| Quantum chosen-ciphertext attacks against Feistel ciphers | 2020-01-28 | Paper |
| Universal forgery and multiple forgeries of MergeMAC and generalized constructions | 2020-01-28 | Paper |
| Cryptanalysis against symmetric-key schemes with online classical queries and offline quantum computations | 2020-01-21 | Paper |
| Nonlinear invariant attack: practical attack on full SCREAM, iSCREAM, and Midori64 | 2019-11-27 | Paper |
| Beyond conventional security in sponge-based authenticated encryption modes | 2019-08-13 | Paper |
| Cryptanalysis of reduced sLiSCP permutation in sponge-hash and duplex-AE modes | 2019-02-20 | Paper |
| Cryptanalysis of MORUS | 2019-01-23 | Paper |
| Integer linear programming for three-subset meet-in-the-middle attacks: application to GIFT | 2018-10-24 | Paper |
| Analyzing key schedule of \textsc{Simon}: iterative key differences and application to related-key impossible differentials | 2018-10-24 | Paper |
| Quantum Demiric-Selçuk meet-in-the-middle attacks: applications to 6-round generic Feistel constructions | 2018-10-17 | Paper |
| Tight Bounds of Differentially and Linearly Active S-Boxes and Division Property of Lilliput | 2018-09-14 | Paper |
| Related-key boomerang attacks on full ANU lightweight block cipher | 2018-08-10 | Paper |
| Improved related-tweakey boomerang attacks on Deoxys-BC | 2018-07-17 | Paper |
| Boomerang Connectivity Table: a new cryptanalysis tool | 2018-07-09 | Paper |
| Cryptanalysis of Reduced NORX | 2018-05-09 | Paper |
| Quantum multicollision-finding algorithm | 2018-03-08 | Paper |
| New differential bounds and division property of Lilliput: block cipher with extended generalized Feistel network | 2018-02-16 | Paper |
| New Impossible Differential Search Tool from Design and Cryptanalysis Aspects | 2017-06-23 | Paper |
| A New Algorithm for the Unbalanced Meet-in-the-Middle Problem | 2017-02-01 | Paper |
| Nonlinear Invariant Attack | 2017-01-06 | Paper |
| The SKINNY Family of Block Ciphers and Its Low-Latency Variant MANTIS | 2016-10-27 | Paper |
| On the Design Rationale of Simon Block Cipher: Integral Attacks and Impossible Differential Attacks against Simon Variants | 2016-10-04 | Paper |
| Improved Rebound Attacks on AESQ: Core Permutation of CAESAR Candidate PAEQ | 2016-09-02 | Paper |
| Extended meet-in-the-middle attacks on some Feistel constructions | 2016-07-21 | Paper |
| A New Mode of Operation for Incremental Authenticated Encryption with Associated Data | 2016-05-19 | Paper |
| Analysis of the CAESAR Candidate Silver | 2016-05-19 | Paper |
| Practical Cryptanalysis of PAES | 2016-04-13 | Paper |
| Refinements of the k-tree Algorithm for the Generalized Birthday Problem | 2016-03-23 | Paper |
| How to Incorporate Associated Data in Sponge-Based Authenticated Encryption | 2016-03-02 | Paper |
| Meet-in-the-Middle Technique for Integral Attacks against Feistel Ciphers | 2015-12-04 | Paper |
| Bitwise Partial-Sum on HIGHT: A New Tool for Integral Analysis Against ARX Designs | 2015-10-16 | Paper |
| Improved Single-Key Distinguisher on HMAC-MD5 and Key Recovery Attacks on Sandwich-MAC-MD5 | 2015-10-01 | Paper |
| Equivalent Key Recovery Attacks Against HMAC and NMAC with Whirlpool Reduced to 7 Rounds | 2015-09-18 | Paper |
| Cryptanalysis of Reduced-Round SIMON32 and SIMON48 | 2015-09-10 | Paper |
| Message Extension Attack against Authenticated Encryptions: Application to PANDA | 2015-02-10 | Paper |
| Meet-in-the-Middle Attacks on Generic Feistel Constructions | 2015-01-16 | Paper |
| Generic Attacks on Strengthened HMAC: n-bit Secure HMAC Requires Key in All Blocks | 2014-10-14 | Paper |
| Generic State-Recovery and Forgery Attacks on ChopMD-MAC and on NMAC/HMAC | 2014-09-15 | Paper |
| New Property of Diffusion Switching Mechanism on CLEFIA and Its Application to DFA | 2014-09-15 | Paper |
| How to Construct Sufficient Conditions for Hash Functions | 2014-08-21 | Paper |
| Double-SP Is Weaker Than Single-SP: Rebound Attacks on Feistel Ciphers with Several Rounds | 2014-08-20 | Paper |
| Updates on Generic Attacks against HMAC and NMAC | 2014-08-07 | Paper |
| Memoryless Unbalanced Meet-in-the-Middle Attacks: Impossible Results and Applications | 2014-07-07 | Paper |
| An automated evaluation tool for improved rebound attack: new distinguishers and proposals of shiftbytes parameters for Grøstl | 2014-03-28 | Paper |
| Preimage attacks on Feistel-SP functions: impact of omitting the last network twist | 2014-01-24 | Paper |
| Limited-birthday distinguishers for hash functions. Collisions beyond the birthday bound can be meaningful | 2013-12-10 | Paper |
| Cryptanalysis of HMAC/NMAC-Whirlpool | 2013-12-10 | Paper |
| Related-key boomerang attacks on KATAN32/48/64 | 2013-06-28 | Paper |
| Comprehensive study of integral analysis on 22-round LBlock | 2013-06-04 | Paper |
| Multi-differential Cryptanalysis on Reduced DM-PRESENT-80: Collisions and Other Differential Properties | 2013-06-04 | Paper |
| Key-Dependent Weakness of AES-Based Ciphers under Clockwise Collision Distinguisher | 2013-06-04 | Paper |
| Polynomial-advantage cryptanalysis of 3D cipher and 3D-based hash function | 2013-04-04 | Paper |
| Boomerang distinguishers for full HAS-160 compression function | 2013-04-04 | Paper |
| Generic Related-Key Attacks for HMAC | 2013-03-19 | Paper |
| Investigating fundamental security requirements on whirlpool: improved preimage and collision attacks | 2013-03-19 | Paper |
| Improved integral analysis on tweaked Lesamnta | 2012-11-01 | Paper |
| Improved known-key distinguishers on Feistel-SP ciphers and application to Camellia | 2012-09-07 | Paper |
| Preimage attacks on full-ARIRANG: analysis of DM-mode with middle feed-forward | 2012-08-17 | Paper |
| Three-subset meet-in-the-middle attack on reduced XTEA | 2012-07-23 | Paper |
| Cryptanalyses on a Merkle-Damgård based MAC -- almost universal forgery and distinguishing-\(H\) attacks | 2012-06-29 | Paper |
| New truncated differential cryptanalysis on 3D block cipher | 2012-06-29 | Paper |
| Boomerang distinguishers on MD4-family: first practical results on full 5-pass HAVAL | 2012-06-08 | Paper |
| Experimental verification of super-Sbox analysis -- confirmation of detailed attack complexity | 2011-11-10 | Paper |
| Preimage attacks against PKC98-Hash and HAS-V | 2011-10-27 | Paper |
| Preimage attacks on step-reduced RIPEMD-128 and RIPEMD-160 | 2011-07-29 | Paper |
| Known-key distinguishers on 11-round Feistel and collision attacks on its hashing modes | 2011-07-07 | Paper |
| Meet-in-the-middle preimage attacks on AES hashing modes and an application to Whirlpool | 2011-07-07 | Paper |
| Preimage attacks on full-ARIRANG (poster) | 2011-07-07 | Paper |
| Collisions of MMO-MD5 and their impact on original MD5 | 2011-06-29 | Paper |
| (Second) preimage attacks on step-reduced RIPEMD/RIPEMD-128 with a new local-collision approach | 2011-02-11 | Paper |
| Non-full-active Super-Sbox analysis: applications to ECHO and Grøstl | 2010-12-07 | Paper |
| Finding preimages of Tiger up to 23 steps | 2010-07-13 | Paper |
| Rebound attack on the full Lane compression function | 2009-12-15 | Paper |
| Preimages for step-reduced SHA-2 | 2009-12-15 | Paper |
| Cryptanalyses of narrow-pipe mode of operation in AURORA-512 hash function | 2009-12-09 | Paper |
| Preimage Attacks on One-Block MD4, 63-Step MD5 and More | 2009-11-03 | Paper |
| Bit-Free Collision: Application to APOP Attack | 2009-10-28 | Paper |
| Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1 | 2009-10-20 | Paper |
| Meet-in-the-Middle Attacks Using Output Truncation in 3-Pass HAVAL | 2009-09-29 | Paper |
| Meet-in-the-Middle Preimage Attacks on Double-Branch Hash Functions: Application to RIPEMD and Others | 2009-06-25 | Paper |
| Finding Preimages in Full MD5 Faster Than Exhaustive Search | 2009-05-12 | Paper |
| A New Strategy for Finding a Differential Path of SHA-1 | 2009-03-06 | Paper |
| Preimage Attacks on 3, 4, and 5-Pass HAVAL | 2009-02-10 | Paper |
| New Message Difference for MD4 | 2008-09-16 | Paper |
| Preimage Attacks on Step-Reduced MD5 | 2008-07-08 | Paper |
| Password Recovery on Challenge and Response: Impossible Differential Attack on Hash Function | 2008-06-13 | Paper |
| Improved Collision Search for SHA-0 | 2008-04-24 | Paper |
| Security of MD5 Challenge and Response: Extension of APOP Password Recovery Attack | 2008-04-24 | Paper |
| Information Security and Cryptology - ICISC 2005 | 2007-05-02 | Paper |
