| Publication | Date of Publication | Type |
|---|
| \texttt{Horst} meets \textit{Fluid}-SPN: Griffin for zero-knowledge applications | 2024-02-02 | Paper |
| Truncated differential properties of the diagonal set of inputs for 5-round AES | 2023-07-26 | Paper |
| An algebraic attack on ciphers with low-degree round functions: application to full MiMC | 2023-03-21 | Paper |
| Feistel structures for MPC, and more | 2022-08-25 | Paper |
| A Signature-Based Gr\"obner Basis Algorithm with Tail-Reduced Reductors (M5GB) | 2022-08-01 | Paper |
| Weak-key distinguishers for AES | 2022-03-25 | Paper |
| On a generalization of substitution-permutation networks: the HADES design strategy | 2022-03-23 | Paper |
| Revisiting Gilbert's known-key distinguisher | 2020-07-15 | Paper |
| Algebraic cryptanalysis of STARK-friendly designs: application to MARVELlous and MiMC | 2020-05-11 | Paper |
| Linear equivalence of block ciphers with partial non-linear layers: application to LowMC | 2020-02-04 | Paper |
| Zero-sum partitions of PHOTON permutations | 2020-01-21 | Paper |
| Rasta: a cipher with low ANDdepth and few ANDs per bit | 2018-09-12 | Paper |
| A New Structural-Differential Property of 5-Round AES | 2017-06-13 | Paper |
| MiMC: Efficient Encryption and Cryptographic Hashing with Minimal Multiplicative Complexity | 2017-02-01 | Paper |
| Practical Low Data-Complexity Subspace-Trail Cryptanalysis of Round-Reduced PRINCE | 2016-12-21 | Paper |
| Analyzing Permutations for AES-like Ciphers: Understanding ShiftRows | 2016-03-02 | Paper |
| Improved Cryptanalysis of the Block Cipher KASUMI | 2015-12-04 | Paper |
| The LOCAL Attack: Cryptanalysis of the Authenticated Encryption Scheme ALE | 2015-10-01 | Paper |
| Ciphers for MPC and FHE | 2015-09-30 | Paper |
| Linear Distinguishers in the Key-less Setting: Application to PRESENT | 2015-09-18 | Paper |
| State-Recovery Analysis of Spritz | 2015-09-17 | Paper |
| Practical Attacks on AES-like Cryptographic Hash Functions | 2015-09-17 | Paper |
| The rebound attack and subspace distinguishers: application to Whirlpool | 2015-05-12 | Paper |
| Rotational rebound attacks on reduced Skein | 2014-09-25 | Paper |
| On Bruteforce-Like Cryptanalysis: New Meet-in-the-Middle Attacks in Symmetric Cryptanalysis | 2013-06-04 | Paper |
| PRINCE – A Low-Latency Block Cipher for Pervasive Computing Applications | 2013-03-19 | Paper |
| Bicliques for Preimages: Attacks on Skein-512 and the SHA-2 Family | 2013-01-08 | Paper |
| Narrow-Bicliques: Cryptanalysis of Full IDEA | 2012-06-29 | Paper |
| Biclique Cryptanalysis of the Full AES | 2011-12-02 | Paper |
| Improved Meet-in-the-Middle Cryptanalysis of KTANTAN (Poster) | 2011-07-07 | Paper |
| A 3-Subset Meet-in-the-Middle Attack: Cryptanalysis of the Lightweight Block Cipher KTANTAN | 2011-03-15 | Paper |
| Rotational Rebound Attacks on Reduced Skein | 2010-12-07 | Paper |
| Advanced Meet-in-the-Middle Preimage Attacks: First Results on Full Tiger, and Improved Results on MD4 and SHA-2 | 2010-12-07 | Paper |
| Second-Preimage Analysis of Reduced SHA-1 | 2010-10-25 | Paper |
| Cryptanalysis of the 10-Round Hash and Full Compression Function of SHAvite-3-512 | 2010-05-04 | Paper |
| Rebound Attacks on the Reduced Grøstl Hash Function | 2010-03-16 | Paper |
| Rebound Distinguishers: Results on the Full Whirlpool Compression Function | 2009-12-15 | Paper |
| MD5 Is Weaker Than Weak: Attacks on Concatenated Combiners | 2009-12-15 | Paper |
| Improved Cryptanalysis of the Reduced Grøstl Compression Function, ECHO Permutation and AES Block Cipher | 2009-12-09 | Paper |
| Collisions and Other Non-random Properties for Step-Reduced SHA-256 | 2009-11-03 | Paper |
| The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl | 2009-08-11 | Paper |
| Cryptanalysis of Vortex | 2009-07-07 | Paper |
| Cryptanalysis of MDC-2 | 2009-05-12 | Paper |
| Analysis of Step-Reduced SHA-256 | 2009-04-02 | Paper |
| The Impact of Carries on the Complexity of Collision Attacks on SHA-1 | 2009-04-02 | Paper |
| Analysis of the Hash Function Design Strategy Called SMASH | 2009-02-24 | Paper |
| Cryptanalysis of the GOST Hash Function | 2009-02-10 | Paper |
| Preimages for Reduced SHA-0 and SHA-1 | 2009-02-10 | Paper |
| Searching for Messages Conforming to Arbitrary Sets of Conditions in SHA-256 | 2009-01-22 | Paper |
| Threshold Implementations Against Side-Channel Attacks and Glitches | 2008-11-11 | Paper |
| A (Second) Preimage Attack on the GOST Hash Function | 2008-09-18 | Paper |
| New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba | 2008-09-18 | Paper |
| The Grindahl Hash Functions | 2008-09-16 | Paper |
| On the Collision Resistance of RIPEMD-160 | 2008-06-17 | Paper |
| Correlated Keystreams in Moustique | 2008-06-13 | Paper |
| Improved Collision Attack on the Hash Function Proposed at PKC’98 | 2008-05-06 | Paper |
| Finding SHA-1 Characteristics: General Results and Applications | 2008-04-24 | Paper |
| Second Preimages for SMASH | 2008-04-17 | Paper |
| Collisions for 70-Step SHA-1: On the Full Cost of Collision Search | 2008-03-25 | Paper |
| On Authentication with HMAC and Non-random Properties | 2008-03-07 | Paper |
| Breaking a New Hash Function Design Strategy Called SMASH | 2007-11-15 | Paper |
| Impact of Rotations in SHA-1 and Related Hash Functions | 2007-11-15 | Paper |
| Cryptography and Coding | 2006-11-01 | Paper |
