Recent works have shown that quantum period-finding can be used to break many popular
constructions (some block ciphers such as Even-Mansour, multiple MACs and AEs...) in the …

In CRYPTO'03, Patarin conjectured a lower bound on the number of distinct solutions (P
1,…, P q)∈({0, 1} n) q satisfying a system of equations of the form X i⊕ X j= λ i, j such that P …

Proving security bounds in contexts with a large number of users is one of the central
problems in symmetric-key cryptography today. This paper introduces a new method for …

At CRYPTO'12, Landecker et al. introduced the cascaded LRW2 (or CLRW2) construction
and proved that it is a secure tweakable block cipher up to roughly 2^ 2n/3 2 2 n/3 queries …

Abstract Double-block Hash-then-Sum (DbHtS) MACs are a class of MACs that aim for
achieving beyond-birthday-bound security, including SUM-ECBC, PMAC_Plus, 3kf9 and …

We systematically study the security of twelve Beyond-Birthday-Bound Message
Authentication Codes (BBB MACs) in the Q2 model where attackers have quantum-query …

In CRYPTO'21, Shen et al. proved that Two-Keyed-DbHtS construction is secure up to 2 2n/3
queries in the multi-user setting independent of the number of users. Here the underlying …

In this paper, we prove that the nonce-based enhanced hash-then-mask MAC (nEHtM
nEHtM) is secure up to 2^ 3n 4 2 3 n 4 MAC queries and 2^ n 2 n verification queries …

At CRYPTO'18, Datta et al. proposed nPolyMAC and proved the security up to 2 2 n/3
authentication queries and 2 n verification queries. At EUROCRYPT'19, Dutta et al …

A growing number of lightweight block ciphers are proposed for environments such as the
Internet of Things. An important contribution to the reduced implementation cost is a block …