Small Stretch Problem of the DCT Scheme and How to Fix It
DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the mult...
Ausführliche Beschreibung
Autor*in: |
Yuchao Chen [verfasserIn] Tingting Guo [verfasserIn] Lei Hu [verfasserIn] Lina Shang [verfasserIn] Shuping Mao [verfasserIn] Peng Wang [verfasserIn] |
---|
Format: |
E-Artikel |
---|---|
Sprache: |
Englisch |
Erschienen: |
2024 |
---|
Schlagwörter: |
---|
Übergeordnetes Werk: |
In: IACR Transactions on Symmetric Cryptology - Ruhr-Universität Bochum, 2018, (2024), 1 |
---|---|
Übergeordnetes Werk: |
year:2024 ; number:1 |
Links: |
---|
DOI / URN: |
10.46586/tosc.v2024.i1.114-134 |
---|
Katalog-ID: |
DOAJ099726483 |
---|
LEADER | 01000naa a22002652 4500 | ||
---|---|---|---|
001 | DOAJ099726483 | ||
003 | DE-627 | ||
005 | 20240414050310.0 | ||
007 | cr uuu---uuuuu | ||
008 | 240414s2024 xx |||||o 00| ||eng c | ||
024 | 7 | |a 10.46586/tosc.v2024.i1.114-134 |2 doi | |
035 | |a (DE-627)DOAJ099726483 | ||
035 | |a (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e | ||
040 | |a DE-627 |b ger |c DE-627 |e rakwb | ||
041 | |a eng | ||
050 | 0 | |a TK7885-7895 | |
100 | 0 | |a Yuchao Chen |e verfasserin |4 aut | |
245 | 1 | 0 | |a Small Stretch Problem of the DCT Scheme and How to Fix It |
264 | 1 | |c 2024 | |
336 | |a Text |b txt |2 rdacontent | ||
337 | |a Computermedien |b c |2 rdamedia | ||
338 | |a Online-Ressource |b cr |2 rdacarrier | ||
520 | |a DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. | ||
650 | 4 | |a DCT | |
650 | 4 | |a Deterministic Authenticated Encryption | |
650 | 4 | |a AEAD | |
650 | 4 | |a BRW polynomial | |
650 | 4 | |a Forgery Attack | |
650 | 4 | |a Stretch | |
653 | 0 | |a Computer engineering. Computer hardware | |
700 | 0 | |a Tingting Guo |e verfasserin |4 aut | |
700 | 0 | |a Lei Hu |e verfasserin |4 aut | |
700 | 0 | |a Lina Shang |e verfasserin |4 aut | |
700 | 0 | |a Shuping Mao |e verfasserin |4 aut | |
700 | 0 | |a Peng Wang |e verfasserin |4 aut | |
773 | 0 | 8 | |i In |t IACR Transactions on Symmetric Cryptology |d Ruhr-Universität Bochum, 2018 |g (2024), 1 |w (DE-627)875248705 |w (DE-600)2878628-2 |x 2519173X |7 nnns |
773 | 1 | 8 | |g year:2024 |g number:1 |
856 | 4 | 0 | |u https://doi.org/10.46586/tosc.v2024.i1.114-134 |z kostenfrei |
856 | 4 | 0 | |u https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e |z kostenfrei |
856 | 4 | 0 | |u https://tosc.iacr.org/index.php/ToSC/article/view/11403 |z kostenfrei |
856 | 4 | 2 | |u https://doaj.org/toc/2519-173X |y Journal toc |z kostenfrei |
912 | |a GBV_USEFLAG_A | ||
912 | |a SYSFLAG_A | ||
912 | |a GBV_DOAJ | ||
912 | |a GBV_ILN_11 | ||
912 | |a GBV_ILN_20 | ||
912 | |a GBV_ILN_22 | ||
912 | |a GBV_ILN_23 | ||
912 | |a GBV_ILN_24 | ||
912 | |a GBV_ILN_31 | ||
912 | |a GBV_ILN_39 | ||
912 | |a GBV_ILN_40 | ||
912 | |a GBV_ILN_60 | ||
912 | |a GBV_ILN_62 | ||
912 | |a GBV_ILN_63 | ||
912 | |a GBV_ILN_65 | ||
912 | |a GBV_ILN_69 | ||
912 | |a GBV_ILN_70 | ||
912 | |a GBV_ILN_73 | ||
912 | |a GBV_ILN_95 | ||
912 | |a GBV_ILN_105 | ||
912 | |a GBV_ILN_110 | ||
912 | |a GBV_ILN_151 | ||
912 | |a GBV_ILN_161 | ||
912 | |a GBV_ILN_170 | ||
912 | |a GBV_ILN_213 | ||
912 | |a GBV_ILN_230 | ||
912 | |a GBV_ILN_267 | ||
912 | |a GBV_ILN_285 | ||
912 | |a GBV_ILN_293 | ||
912 | |a GBV_ILN_370 | ||
912 | |a GBV_ILN_602 | ||
912 | |a GBV_ILN_2014 | ||
912 | |a GBV_ILN_4012 | ||
912 | |a GBV_ILN_4037 | ||
912 | |a GBV_ILN_4112 | ||
912 | |a GBV_ILN_4125 | ||
912 | |a GBV_ILN_4126 | ||
912 | |a GBV_ILN_4249 | ||
912 | |a GBV_ILN_4305 | ||
912 | |a GBV_ILN_4306 | ||
912 | |a GBV_ILN_4307 | ||
912 | |a GBV_ILN_4313 | ||
912 | |a GBV_ILN_4322 | ||
912 | |a GBV_ILN_4323 | ||
912 | |a GBV_ILN_4324 | ||
912 | |a GBV_ILN_4325 | ||
912 | |a GBV_ILN_4326 | ||
912 | |a GBV_ILN_4335 | ||
912 | |a GBV_ILN_4338 | ||
912 | |a GBV_ILN_4367 | ||
912 | |a GBV_ILN_4700 | ||
951 | |a AR | ||
952 | |j 2024 |e 1 |
author_variant |
y c yc t g tg l h lh l s ls s m sm p w pw |
---|---|
matchkey_str |
article:2519173X:2024----::mlsrthrbeotecshm |
hierarchy_sort_str |
2024 |
callnumber-subject-code |
TK |
publishDate |
2024 |
allfields |
10.46586/tosc.v2024.i1.114-134 doi (DE-627)DOAJ099726483 (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e DE-627 ger DE-627 rakwb eng TK7885-7895 Yuchao Chen verfasserin aut Small Stretch Problem of the DCT Scheme and How to Fix It 2024 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch Computer engineering. Computer hardware Tingting Guo verfasserin aut Lei Hu verfasserin aut Lina Shang verfasserin aut Shuping Mao verfasserin aut Peng Wang verfasserin aut In IACR Transactions on Symmetric Cryptology Ruhr-Universität Bochum, 2018 (2024), 1 (DE-627)875248705 (DE-600)2878628-2 2519173X nnns year:2024 number:1 https://doi.org/10.46586/tosc.v2024.i1.114-134 kostenfrei https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e kostenfrei https://tosc.iacr.org/index.php/ToSC/article/view/11403 kostenfrei https://doaj.org/toc/2519-173X Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2024 1 |
spelling |
10.46586/tosc.v2024.i1.114-134 doi (DE-627)DOAJ099726483 (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e DE-627 ger DE-627 rakwb eng TK7885-7895 Yuchao Chen verfasserin aut Small Stretch Problem of the DCT Scheme and How to Fix It 2024 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch Computer engineering. Computer hardware Tingting Guo verfasserin aut Lei Hu verfasserin aut Lina Shang verfasserin aut Shuping Mao verfasserin aut Peng Wang verfasserin aut In IACR Transactions on Symmetric Cryptology Ruhr-Universität Bochum, 2018 (2024), 1 (DE-627)875248705 (DE-600)2878628-2 2519173X nnns year:2024 number:1 https://doi.org/10.46586/tosc.v2024.i1.114-134 kostenfrei https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e kostenfrei https://tosc.iacr.org/index.php/ToSC/article/view/11403 kostenfrei https://doaj.org/toc/2519-173X Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2024 1 |
allfields_unstemmed |
10.46586/tosc.v2024.i1.114-134 doi (DE-627)DOAJ099726483 (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e DE-627 ger DE-627 rakwb eng TK7885-7895 Yuchao Chen verfasserin aut Small Stretch Problem of the DCT Scheme and How to Fix It 2024 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch Computer engineering. Computer hardware Tingting Guo verfasserin aut Lei Hu verfasserin aut Lina Shang verfasserin aut Shuping Mao verfasserin aut Peng Wang verfasserin aut In IACR Transactions on Symmetric Cryptology Ruhr-Universität Bochum, 2018 (2024), 1 (DE-627)875248705 (DE-600)2878628-2 2519173X nnns year:2024 number:1 https://doi.org/10.46586/tosc.v2024.i1.114-134 kostenfrei https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e kostenfrei https://tosc.iacr.org/index.php/ToSC/article/view/11403 kostenfrei https://doaj.org/toc/2519-173X Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2024 1 |
allfieldsGer |
10.46586/tosc.v2024.i1.114-134 doi (DE-627)DOAJ099726483 (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e DE-627 ger DE-627 rakwb eng TK7885-7895 Yuchao Chen verfasserin aut Small Stretch Problem of the DCT Scheme and How to Fix It 2024 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch Computer engineering. Computer hardware Tingting Guo verfasserin aut Lei Hu verfasserin aut Lina Shang verfasserin aut Shuping Mao verfasserin aut Peng Wang verfasserin aut In IACR Transactions on Symmetric Cryptology Ruhr-Universität Bochum, 2018 (2024), 1 (DE-627)875248705 (DE-600)2878628-2 2519173X nnns year:2024 number:1 https://doi.org/10.46586/tosc.v2024.i1.114-134 kostenfrei https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e kostenfrei https://tosc.iacr.org/index.php/ToSC/article/view/11403 kostenfrei https://doaj.org/toc/2519-173X Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2024 1 |
allfieldsSound |
10.46586/tosc.v2024.i1.114-134 doi (DE-627)DOAJ099726483 (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e DE-627 ger DE-627 rakwb eng TK7885-7895 Yuchao Chen verfasserin aut Small Stretch Problem of the DCT Scheme and How to Fix It 2024 Text txt rdacontent Computermedien c rdamedia Online-Ressource cr rdacarrier DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch Computer engineering. Computer hardware Tingting Guo verfasserin aut Lei Hu verfasserin aut Lina Shang verfasserin aut Shuping Mao verfasserin aut Peng Wang verfasserin aut In IACR Transactions on Symmetric Cryptology Ruhr-Universität Bochum, 2018 (2024), 1 (DE-627)875248705 (DE-600)2878628-2 2519173X nnns year:2024 number:1 https://doi.org/10.46586/tosc.v2024.i1.114-134 kostenfrei https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e kostenfrei https://tosc.iacr.org/index.php/ToSC/article/view/11403 kostenfrei https://doaj.org/toc/2519-173X Journal toc kostenfrei GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 AR 2024 1 |
language |
English |
source |
In IACR Transactions on Symmetric Cryptology (2024), 1 year:2024 number:1 |
sourceStr |
In IACR Transactions on Symmetric Cryptology (2024), 1 year:2024 number:1 |
format_phy_str_mv |
Article |
institution |
findex.gbv.de |
topic_facet |
DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch Computer engineering. Computer hardware |
isfreeaccess_bool |
true |
container_title |
IACR Transactions on Symmetric Cryptology |
authorswithroles_txt_mv |
Yuchao Chen @@aut@@ Tingting Guo @@aut@@ Lei Hu @@aut@@ Lina Shang @@aut@@ Shuping Mao @@aut@@ Peng Wang @@aut@@ |
publishDateDaySort_date |
2024-01-01T00:00:00Z |
hierarchy_top_id |
875248705 |
id |
DOAJ099726483 |
language_de |
englisch |
fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000naa a22002652 4500</leader><controlfield tag="001">DOAJ099726483</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20240414050310.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">240414s2024 xx |||||o 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.46586/tosc.v2024.i1.114-134</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)DOAJ099726483</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK7885-7895</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Yuchao Chen</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Small Stretch Problem of the DCT Scheme and How to Fix It</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2024</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">DCT</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Deterministic Authenticated Encryption</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">AEAD</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">BRW polynomial</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Forgery Attack</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Stretch</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer engineering. Computer hardware</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Tingting Guo</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Lei Hu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Lina Shang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Shuping Mao</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Peng Wang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">In</subfield><subfield code="t">IACR Transactions on Symmetric Cryptology</subfield><subfield code="d">Ruhr-Universität Bochum, 2018</subfield><subfield code="g">(2024), 1</subfield><subfield code="w">(DE-627)875248705</subfield><subfield code="w">(DE-600)2878628-2</subfield><subfield code="x">2519173X</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">year:2024</subfield><subfield code="g">number:1</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doi.org/10.46586/tosc.v2024.i1.114-134</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://tosc.iacr.org/index.php/ToSC/article/view/11403</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">https://doaj.org/toc/2519-173X</subfield><subfield code="y">Journal toc</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_DOAJ</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_11</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_20</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_22</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_23</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_31</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_39</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_40</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_60</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_62</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_63</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_69</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_73</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_95</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_105</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_110</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_151</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_161</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_170</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_213</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_230</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_267</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_285</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_293</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_370</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_602</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2014</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4012</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4037</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4112</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4125</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4126</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4249</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4305</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4306</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4307</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4313</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4322</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4324</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4325</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4326</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4335</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4338</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4367</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4700</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="j">2024</subfield><subfield code="e">1</subfield></datafield></record></collection>
|
callnumber-first |
T - Technology |
author |
Yuchao Chen |
spellingShingle |
Yuchao Chen misc TK7885-7895 misc DCT misc Deterministic Authenticated Encryption misc AEAD misc BRW polynomial misc Forgery Attack misc Stretch misc Computer engineering. Computer hardware Small Stretch Problem of the DCT Scheme and How to Fix It |
authorStr |
Yuchao Chen |
ppnlink_with_tag_str_mv |
@@773@@(DE-627)875248705 |
format |
electronic Article |
delete_txt_mv |
keep |
author_role |
aut aut aut aut aut aut |
collection |
DOAJ |
remote_str |
true |
callnumber-label |
TK7885-7895 |
illustrated |
Not Illustrated |
issn |
2519173X |
topic_title |
TK7885-7895 Small Stretch Problem of the DCT Scheme and How to Fix It DCT Deterministic Authenticated Encryption AEAD BRW polynomial Forgery Attack Stretch |
topic |
misc TK7885-7895 misc DCT misc Deterministic Authenticated Encryption misc AEAD misc BRW polynomial misc Forgery Attack misc Stretch misc Computer engineering. Computer hardware |
topic_unstemmed |
misc TK7885-7895 misc DCT misc Deterministic Authenticated Encryption misc AEAD misc BRW polynomial misc Forgery Attack misc Stretch misc Computer engineering. Computer hardware |
topic_browse |
misc TK7885-7895 misc DCT misc Deterministic Authenticated Encryption misc AEAD misc BRW polynomial misc Forgery Attack misc Stretch misc Computer engineering. Computer hardware |
format_facet |
Elektronische Aufsätze Aufsätze Elektronische Ressource |
format_main_str_mv |
Text Zeitschrift/Artikel |
carriertype_str_mv |
cr |
hierarchy_parent_title |
IACR Transactions on Symmetric Cryptology |
hierarchy_parent_id |
875248705 |
hierarchy_top_title |
IACR Transactions on Symmetric Cryptology |
isfreeaccess_txt |
true |
familylinks_str_mv |
(DE-627)875248705 (DE-600)2878628-2 |
title |
Small Stretch Problem of the DCT Scheme and How to Fix It |
ctrlnum |
(DE-627)DOAJ099726483 (DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e |
title_full |
Small Stretch Problem of the DCT Scheme and How to Fix It |
author_sort |
Yuchao Chen |
journal |
IACR Transactions on Symmetric Cryptology |
journalStr |
IACR Transactions on Symmetric Cryptology |
callnumber-first-code |
T |
lang_code |
eng |
isOA_bool |
true |
recordtype |
marc |
publishDateSort |
2024 |
contenttype_str_mv |
txt |
author_browse |
Yuchao Chen Tingting Guo Lei Hu Lina Shang Shuping Mao Peng Wang |
class |
TK7885-7895 |
format_se |
Elektronische Aufsätze |
author-letter |
Yuchao Chen |
doi_str_mv |
10.46586/tosc.v2024.i1.114-134 |
author2-role |
verfasserin |
title_sort |
small stretch problem of the dct scheme and how to fix it |
callnumber |
TK7885-7895 |
title_auth |
Small Stretch Problem of the DCT Scheme and How to Fix It |
abstract |
DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. |
abstractGer |
DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. |
abstract_unstemmed |
DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack. |
collection_details |
GBV_USEFLAG_A SYSFLAG_A GBV_DOAJ GBV_ILN_11 GBV_ILN_20 GBV_ILN_22 GBV_ILN_23 GBV_ILN_24 GBV_ILN_31 GBV_ILN_39 GBV_ILN_40 GBV_ILN_60 GBV_ILN_62 GBV_ILN_63 GBV_ILN_65 GBV_ILN_69 GBV_ILN_70 GBV_ILN_73 GBV_ILN_95 GBV_ILN_105 GBV_ILN_110 GBV_ILN_151 GBV_ILN_161 GBV_ILN_170 GBV_ILN_213 GBV_ILN_230 GBV_ILN_267 GBV_ILN_285 GBV_ILN_293 GBV_ILN_370 GBV_ILN_602 GBV_ILN_2014 GBV_ILN_4012 GBV_ILN_4037 GBV_ILN_4112 GBV_ILN_4125 GBV_ILN_4126 GBV_ILN_4249 GBV_ILN_4305 GBV_ILN_4306 GBV_ILN_4307 GBV_ILN_4313 GBV_ILN_4322 GBV_ILN_4323 GBV_ILN_4324 GBV_ILN_4325 GBV_ILN_4326 GBV_ILN_4335 GBV_ILN_4338 GBV_ILN_4367 GBV_ILN_4700 |
container_issue |
1 |
title_short |
Small Stretch Problem of the DCT Scheme and How to Fix It |
url |
https://doi.org/10.46586/tosc.v2024.i1.114-134 https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e https://tosc.iacr.org/index.php/ToSC/article/view/11403 https://doaj.org/toc/2519-173X |
remote_bool |
true |
author2 |
Tingting Guo Lei Hu Lina Shang Shuping Mao Peng Wang |
author2Str |
Tingting Guo Lei Hu Lina Shang Shuping Mao Peng Wang |
ppnlink |
875248705 |
callnumber-subject |
TK - Electrical and Nuclear Engineering |
mediatype_str_mv |
c |
isOA_txt |
true |
hochschulschrift_bool |
false |
doi_str |
10.46586/tosc.v2024.i1.114-134 |
callnumber-a |
TK7885-7895 |
up_date |
2024-07-04T00:05:12.456Z |
_version_ |
1803604734727159808 |
fullrecord_marcxml |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000naa a22002652 4500</leader><controlfield tag="001">DOAJ099726483</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20240414050310.0</controlfield><controlfield tag="007">cr uuu---uuuuu</controlfield><controlfield tag="008">240414s2024 xx |||||o 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.46586/tosc.v2024.i1.114-134</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)DOAJ099726483</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)DOAJ0c2762feb6ac4c9589a747b284b6ba0e</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="050" ind1=" " ind2="0"><subfield code="a">TK7885-7895</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Yuchao Chen</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Small Stretch Problem of the DCT Scheme and How to Fix It</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2024</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">Computermedien</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Online-Ressource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">DCT is a beyond-birthday-bound (BBB) deterministic authenticated encryption (DAE) mode proposed by Forler et al. in ACISP 2016, ensuring integrity by redundancy. The instantiation of DCT employs the BRW polynomial, which is more efficient than the usual polynomial in GCM by reducing half of the multiplication operations. However, we show that DCT suffers from a small stretch problem similar to GCM. When the stretch length τ is small, choosing a special m-block message, we can reduce the number of queries required by a successful forgery to O(2τ/m). We emphasize that this attack efficiently balances space and time complexity but does not contradict the security bounds of DCT. Finally, we propose an improved scheme named Robust DCT (RDCT) with a minor change to DCT, which improves the security when τ is small and makes it resist the above attack.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">DCT</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Deterministic Authenticated Encryption</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">AEAD</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">BRW polynomial</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Forgery Attack</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Stretch</subfield></datafield><datafield tag="653" ind1=" " ind2="0"><subfield code="a">Computer engineering. Computer hardware</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Tingting Guo</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Lei Hu</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Lina Shang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Shuping Mao</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="0" ind2=" "><subfield code="a">Peng Wang</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">In</subfield><subfield code="t">IACR Transactions on Symmetric Cryptology</subfield><subfield code="d">Ruhr-Universität Bochum, 2018</subfield><subfield code="g">(2024), 1</subfield><subfield code="w">(DE-627)875248705</subfield><subfield code="w">(DE-600)2878628-2</subfield><subfield code="x">2519173X</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">year:2024</subfield><subfield code="g">number:1</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doi.org/10.46586/tosc.v2024.i1.114-134</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://doaj.org/article/0c2762feb6ac4c9589a747b284b6ba0e</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="u">https://tosc.iacr.org/index.php/ToSC/article/view/11403</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="u">https://doaj.org/toc/2519-173X</subfield><subfield code="y">Journal toc</subfield><subfield code="z">kostenfrei</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_DOAJ</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_11</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_20</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_22</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_23</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_31</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_39</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_40</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_60</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_62</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_63</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_69</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_73</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_95</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_105</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_110</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_151</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_161</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_170</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_213</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_230</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_267</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_285</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_293</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_370</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_602</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2014</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4012</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4037</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4112</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4125</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4126</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4249</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4305</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4306</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4307</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4313</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4322</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4324</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4325</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4326</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4335</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4338</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4367</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4700</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="j">2024</subfield><subfield code="e">1</subfield></datafield></record></collection>
|
score |
7.4004335 |