[1] R Beaulieu,D Shors,J Smith,et al.The SIMON and SPECK families of lightweight block ciphers[DB/OL].http://eprint.iacr.org/2013/404/2013-06-20.
[2] D Hong,J K Lee,D C Kim,et al.LEA:A 128-bit block cipher for fast encryption on common processors[A].International Workshop on Information Security Applications[C].Heidelberg:Springer,2013.3-27.
[3] D J Wheeler,R M Needham.TEA,a tiny encryption algorithm[A].FSE 1995[C].Heidelberg:Springer,LNCS,1995.363-366.
[4] R M Needham,D J Wheeler l.TEA extensions[R].Cambridge:University of Cambridge,1997.
[5] D Hong,J Sung,S Hong,J Lim,et al.HIGHT:A new block cipher suitable for low-resource device[A].Cryptographic Hardware and Embedded Systems-CHES 2006[C].Heidelberg:Springer,2006.46-59.
[6] N Mouha,B Mennink,A Van Herrewege,D Watanabe,B Preneel,I Ver-bauwhede.Chaskey:An efficient MAC algorithm for 32-bit microcontrollers[A].Selected Areas in Cryptography-SAC 2014[C].Heidelberg:Springer,2014.306-323.
[7] D Dinu,L Perrin,A Udovenko,V Velichkov,et al.Design strategies for ARX with provable bounds:Sparx and LAX[A].ASIACRYPT 2016[C].Heidelberg:Springer,2016.484-513.
[8] L R Knudsen.DEAL a 128-bit block cipher[R].Bergen:Department of Informatics,University of Bergen,1998.
[9] E Biham,A Biryukov,A Shamir.Cryptanalysis of Skipjack reduced to 31 rounds using impossibledifferentials[A].EUROCRYPT 1999[C].Heidelberg:Springer,1999.291-311.
[10] C W Phan.Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES)[J].Information Processing Letters,2004,91(1),33-38.
[11] D Yang,W Qi,H Chen.Impossible differential attack on QARMA family of block ciphers[DB/OL].http://eprint.iacr.org/2018/334,2018-04-11.
[12] A Bogdanov,V Rijmen.Linear hulls with correlation zero and linear cryptanalysis of block ciphers[J].Designs,Codes and Cryptography,2014,70(3):369-383.
[13] J Kim,S Hong,J Lim.Impossible differential cryptanalysis using matrix method[J].Discrete Mathematics,2010,310(5):988-1002.
[14] Y Luo,X Lai,Z Wu,G Gong.A unified method for finding impossible differentials of block cipher structures[J].Information Sciences,2014,263(1):211-220.
[15] S Wu,M Wang.Automatic search of truncated impossible differentials for word-oriented block ciphers[A].INDOCRYPT 2012[C].Heidelberg:Springer,2012.283-302.
[16] T Cui,K Jia,K Fu,et al.New automatic search tool for impossible differentials and zero-correlation linearapproximations[DB/OL].http://eprint.iacr.org/2016/689,2018-11-21.
[17] Y Sasaki,Y Todo.New impossible differential search tool from design and cryptanalysis aspects revealing structural properties of several ciphers[A].EUROCRYPT 2017[C].Heidelberg:Springer,2017,185-215.
[18] N Mouha,B Preneel.Towards finding optimal differential characteristics for ARX:Application to Salsa20[DB/OL].http://eprint.iacr.org/2013/328,2013-11-23.
[19] L Song,Z Huang,Q Yang.Automatic differential analysis of ARX block ciphers with application to SPECK and LEA[A].ACISP 2016[C].Heidelberg:Springer,2016.379-394.
[20] Y Liu,Q Wang,V Rijmen.Automatic search of linear trails in ARX with applications to SPECK and Chaskey[A].ACNS 2016[C].Heidelberg:Springer,2016.485-499.
[21] S Kölbl,G.Leander,T Tiessen.Observations on the SIMON block cipher family[A].CRYPTO 2015[C].Heidelberg:Springer,2015.161-185.
[22] H Lipmaa,S Moriai.Efficient algorithms for computing differential properties of addition[A].FSE 2002[C].Heidelberg:Springer,2002.336-350.
[23] E Schulte-Geers.On CCZ-equivalence of addition mod 2n[J].Designs,Codes and Cryptography,2013,66(1-3):111-127.
[24] A Bogdanov,M Wang.Zero correlation linear cryptanalysis with reduced data complexity[A].FSE 2012[C].Heidelberg:Springer,2012.29-48.
[25] H Lee,H Kang,D Hong et al.New impossible differential characteristic of SPECK64 using MILP[DB/OL].http://eprint.iacr.org/2016/1137,2016-12-21.
[26] J Lu.Cryptanalysis of reduced versions of the HIGHT block cipher from CHES 2006[A].ICISC 2007[C].Heidelberg:Springer,2007.11-26.
[27] L Wen,M Wang,A Bogdanov,H Chen.Multidimensional zero-correlation attacks on lightweight block cipher HIGHT:Improved cryptanalysis of an ISO standard[J].Information Processing Letters,2014,114(6):322-330. |