| Publication | Date of Publication | Type |
|---|
| \textsc{Ascon} v1.2: lightweight authenticated encryption and hashing | 2021-08-10 | Paper |
| Practical forgeries for ORANGE | 2020-08-04 | Paper |
| Algebraic cryptanalysis of variants of \textsc{Frit} | 2020-07-21 | Paper |
| Improved (semi-free-start/near-) collision and distinguishing attacks on round-reduced RIPEMD-160 | 2020-05-21 | Paper |
| Efficient collision attack frameworks for RIPEMD-160 | 2020-03-09 | Paper |
| Fault attacks on nonce-based authenticated encryption: application to Keyak and Ketje | 2019-02-20 | Paper |
| Statistical ineffective fault attacks on masked AES with fault countermeasures | 2019-01-23 | Paper |
| Rasta: a cipher with low ANDdepth and few ANDs per bit | 2018-09-12 | Paper |
| Cryptanalysis of Reduced NORX | 2018-05-09 | Paper |
| Analysis of the Kupyna-256 Hash Function | 2018-05-09 | Paper |
| Collisions and semi-free-start collisions for round-reduced RIPEMD-160 | 2018-04-06 | Paper |
| Cryptanalysis of Simpira v1 | 2018-02-16 | Paper |
| Statistical Fault Attacks on Nonce-Based Authenticated Encryption Schemes | 2017-02-01 | Paper |
| Square Attack on 7-Round Kiasu-BC | 2016-10-04 | Paper |
| Improved Rebound Attacks on AESQ: Core Permutation of CAESAR Candidate PAEQ | 2016-09-02 | Paper |
| Higher-Order Cryptanalysis of LowMC | 2016-05-19 | Paper |
| Forgery Attacks on Round-Reduced ICEPOLE-128 | 2016-05-19 | Paper |
| Malicious Hashing: Eve’s Variant of SHA-1 | 2016-04-13 | Paper |
| Differential Cryptanalysis of SipHash | 2016-04-13 | Paper |
| Heuristic Tool for Linear Cryptanalysis with Applications to CAESAR Candidates | 2016-03-23 | Paper |
| Analysis of SHA-512/224 and SHA-512/256 | 2016-03-23 | Paper |
| Cryptanalysis of Ascon | 2016-03-02 | Paper |
| ALE: AES-Based Lightweight Authenticated Encryption | 2015-09-18 | Paper |
| Branching Heuristics in Differential Collision Search with Applications to SHA-512 | 2015-09-18 | Paper |
| Collision Attack on 5 Rounds of Grøstl | 2015-09-18 | Paper |
| Related-Key Forgeries for Prøst-OTR | 2015-09-18 | Paper |
| Key Recovery Attacks on Recent Authenticated Ciphers | 2015-09-17 | Paper |
| The rebound attack and subspace distinguishers: application to Whirlpool | 2015-05-12 | Paper |
| Collision Attack on the Hamsi-256 Compression Function | 2014-08-20 | Paper |
| Differential Cryptanalysis of Keccak Variants | 2014-01-17 | Paper |
| Improved Cryptanalysis of Reduced RIPEMD-160 | 2013-12-10 | Paper |
| Fides: Lightweight Authenticated Cipher with Side-Channel Resistance for Constrained Hardware | 2013-10-10 | Paper |
| Improving Local Collisions: New Attacks on Reduced SHA-256 | 2013-05-31 | Paper |
| Differential Analysis of the LED Block Cipher | 2013-03-19 | Paper |
| Collisions for the WIDEA-8 Compression Function | 2013-03-18 | Paper |
| Finding Collisions for Round-Reduced SM3 | 2013-03-18 | Paper |
| Collision Attacks on the Reduced Dual-Stream Hash Function RIPEMD-128 | 2013-01-08 | Paper |
| Cryptanalysis of Round-Reduced HAS-160 | 2012-11-01 | Paper |
| Memoryless near-collisions via coding theory | 2012-02-15 | Paper |
| Boomerang Distinguisher for the SIMD-512 Compression Function | 2011-12-16 | Paper |
| Second-Order Differential Collisions for Reduced SHA-256 | 2011-12-02 | Paper |
| Finding SHA-2 Characteristics: Searching through a Minefield of Contradictions | 2011-12-02 | Paper |
| Preimage Attacks against PKC98-Hash and HAS-V | 2011-10-27 | Paper |
| Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512 | 2010-05-04 | Paper |
| Rebound Attacks on the Reduced Grøstl Hash Function | 2010-03-16 | Paper |
| A Distinguisher for the Compression Function of SIMD-512 | 2009-12-17 | Paper |
| Rebound Distinguishers: Results on the Full Whirlpool Compression Function | 2009-12-15 | Paper |
| MD5 Is Weaker Than Weak: Attacks on Concatenated Combiners | 2009-12-15 | Paper |
| Practical Collisions for SHAMATA-256 | 2009-12-09 | Paper |
| Improved Cryptanalysis of the Reduced Grøstl Compression Function, ECHO Permutation and AES Block Cipher | 2009-12-09 | Paper |
| Preimage Attacks on 3-Pass HAVAL and Step-Reduced MD5 | 2009-11-03 | Paper |
| Collisions and Other Non-random Properties for Step-Reduced SHA-256 | 2009-11-03 | Paper |
| Structural Attacks on Two SHA-3 Candidates: Blender-n and DCH-n | 2009-09-29 | Paper |
| On Free-Start Collisions and Collisions for TIB3 | 2009-09-29 | Paper |
| The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl | 2009-08-11 | Paper |
| Cryptanalysis of Vortex | 2009-07-07 | Paper |
| Two Passes of Tiger Are Not One-Way | 2009-07-07 | Paper |
| Cryptanalysis of MDC-2 | 2009-05-12 | Paper |
| Analysis of Step-Reduced SHA-256 | 2009-04-02 | Paper |
| The Impact of Carries on the Complexity of Collision Attacks on SHA-1 | 2009-04-02 | Paper |
| Cryptanalysis of the GOST Hash Function | 2009-02-10 | Paper |
| A (Second) Preimage Attack on the GOST Hash Function | 2008-09-18 | Paper |
| Collisions for Round-Reduced LAKE | 2008-07-08 | Paper |
| On the Collision Resistance of RIPEMD-160 | 2008-06-17 | Paper |
| Cryptanalysis of the Tiger Hash Function | 2008-05-15 | Paper |
| Colliding Message Pair for 53-Step HAS-160 | 2008-05-06 | Paper |
| Weaknesses in the HAS-V Compression Function | 2008-05-06 | Paper |
| Improved Collision Attack on the Hash Function Proposed at PKC’98 | 2008-05-06 | Paper |
| Cryptanalysis of Reduced Variants of the FORK-256 Hash Function | 2008-04-17 | Paper |
| Update on Tiger | 2008-04-11 | Paper |
| Collisions for 70-Step SHA-1: On the Full Cost of Collision Search | 2008-03-25 | Paper |
