Learn More
This paper proposes a novel construction, called duplex, closely related to the sponge construction, that accepts message blocks to be hashed and—at no extra cost—provides digests on the input blocks received so far. It can be proven equivalent to a cascade of sponge functions and hence inherits its security against single-stage generic aaacks. The main(More)
In this paper we present a new 128-bit block cipher called Square. The original design of Square concentrates on the resistance against diierential and linear cryptanalysis. However, after the initial design a dedicated attack was mounted that forced us to augment the number of rounds. The goal of this paper is the publication of the resulting cipher for(More)
In this paper we prove that the sponge construction introduced in [4] is indifferentiable from a random oracle when being used with a random transformation or a random permutation and discuss its implications. To our knowledge, this is the first time indifferentiability has been shown for a construction calling a random permutation (instead of an ideal(More)
We present a diierential attack on 2,5 rounds of IDEA that requires 2 10 chosen plain-text encryptions and a workload of about 2 32 multiplications modulo 2 16 +1. This attack is more powerful than all previously published general attacks on the IDEA structure. This attack does in no way aaect the security of the full 8 rounds of IDEA.