• Publications
  • Influence
Error Analysis and Detection Procedures for a Hardware Implementation of the Advanced Encryption Standard
The goal of the Advanced Encryption Standard (AES) is to achieve secure communication. The use of AES does not, however, guarantee reliable communication. Prior work has shown that even a singleExpand
  • 345
  • 40
On the Indifferentiability of the Sponge Construction
In this paper we prove that the sponge construction introduced in [4] is indifferentiable from a random oracle when being used with a random transformation or a random permutation and discuss itsExpand
  • 346
  • 34
Duplexing the sponge: single-pass authenticated encryption and other applications
This paper proposes a novel construction, called duplex, closely related to the sponge construction, that accepts message blocks to be hashed and---at no extra cost---provides digests on the inputExpand
  • 275
  • 31
Keccak sponge function family main document
  • 250
  • 22
Sponge Functions
A good cryptographic hash function should behave like a random oracle: it should not have weaknesses that a random oracle does not have. Due to the existence of inner collisions, iterated hashExpand
  • 159
  • 13
Keccak
This concluded an open competition that was remarkable both for its magnitude and the involvement of the cryptographic community. Public review is of paramount importance to increase the confidenceExpand
  • 56
  • 12
On the security of the keyed sponge construction
The advantage in differentiating the sponge construction from a random oracle is upper bounded by N22−(c+1), with N the number of calls to the underlying transformation or permutation and c theExpand
  • 66
  • 11
AES power attack based on induced cache miss and countermeasure
This paper presents a new attack against a software implementation of the Advanced Encryption Standard. The attack aims at flushing elements of the SBOX from the cache, thus inducing a cache missExpand
  • 120
  • 8
Efficient GF(pm) Arithmetic Architectures for Cryptographic Applications
Several public key cryptosystems (HFE, Quartz, Sflash, etc.) are based on the problem MQ of solving a system of multivariate quadratic equations over a finite field. At Asiacrypt 2002, Courtois andExpand
  • 74
  • 8
RadioGatún, a belt-and-mill hash function
We present an approach to design cryptographic hash functions that builds on and improves the one underlying the Panama hash function. We discuss the properties of the resulting hash functions thatExpand
  • 63
  • 8