Bibliography
Major publications by the team in recent years
-
1M. Abdalla, M. Bellare, D. Catalano, E. Kiltz, T. Kohno, T. Lange, J. Malone-Lee, G. Neven, P. Paillier, H. Shi.
Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, in: Journal of Cryptology, July 2008, vol. 21, no 3, p. 350–391. -
2M. Abdalla, C. Chevalier, D. Pointcheval.
Smooth Projective Hashing for Conditionally Extractable Commitments, in: Advances in Cryptology – Proceedings of CRYPTO '09, Lecture Notes in Computer Science, Springer, 2009, vol. 5677, p. 671–689. -
3B. Blanchet, D. Pointcheval.
Automated Security Proofs with Sequences of Games, in: Advances in Cryptology – Proceedings of CRYPTO '06, Lecture Notes in Computer Science, Springer, 2006, vol. 4117, p. 538–554. -
4C. Bouillaguet, P. Derbez, P.-A. Fouque.
Automatic Search of Attacks on Round-Reduced AES and Applications, in: Advances in Cryptology – Proceedings of CRYPTO '11, Lecture Notes in Computer Science, Springer, 2011, vol. 6841, p. 169–187. -
5C. Delerablée, D. Pointcheval.
Dynamic Threshold Public-Key Encryption, in: Advances in Cryptology – Proceedings of CRYPTO '08, Lecture Notes in Computer Science, Springer, 2008, vol. 5157, p. 317–334. -
6V. Dubois, P.-A. Fouque, A. Shamir, J. Stern.
Practical Cryptanalysis of SFLASH, in: Advances in Cryptology – Proceedings of CRYPTO '07, Lecture Notes in Computer Science, Springer, 2007, vol. 4622, p. 1–12. -
7P.-A. Fouque, G. Leurent, Phong Q. Nguyen.
Full Key-Recovery Attacks on HMAC/NMAC-MD4 and NMAC-MD5, in: Advances in Cryptology – Proceedings of CRYPTO '07, Lecture Notes in Computer Science, Springer, 2007, vol. 4622, p. 13–30. -
8P.-A. Fouque, G. Macario-Rat, J. Stern.
Key Recovery on Hidden Monomial Multivariate Schemes, in: Advances in Cryptology – Proceedings of EUROCRYPT '08, Lecture Notes in Computer Science, Springer, 2008, vol. 4965, p. 19–30. -
9E. Fujisaki, T. Okamoto, D. Pointcheval, J. Stern.
RSA–OAEP is Secure under the RSA Assumption, in: Journal of Cryptology, 2004, vol. 17, no 2, p. 81–104. -
10N. Gama, P. Q. Nguyen.
Finding Short Lattice Vectors within Mordell's Inequality, in: Proc. 40th ACM Symposium on the Theory of Computing (STOC '08), ACM, 2008, p. 207–216. -
11P. Q. Nguyen, O. Regev.
Learning a Parallelepiped: Cryptanalysis of GGH and NTRU Signatures, in: J. Cryptology, 2009, vol. 22, no 2, p. 139–160. -
12P. Q. Nguyen, D. Stehlé.
An LLL Algorithm with Quadratic Complexity, in: SIAM J. Comput., 2009, vol. 39, no 3, p. 874-903.
Doctoral Dissertations and Habilitation Theses
-
13O. Blazy.
Preuves de connaissances interactives et non-interactives, Université Paris VII, 2012. -
14R. Lescuyer.
Outils cryptographiques pour les accréditations anonymes, Université Paris VII, 2012. -
15D. Masgana Leresteux.
Injection de fautes et de logiciels sur les implémentations cryptographiques, Université Paris VII, 2012.
Articles in International Peer-Reviewed Journals
-
16M. Abdalla, A. De Caro, D. H. Phan.
Generalized Key Delegation for Wildcarded Identity-Based and Inner-Product Encryption, in: IEEE Transactions on Information Forensics & Security, 2012, vol. 7, no 6, p. 1695–1706. -
17A. Barenghi, L. Breveglieri, I. Koren, D. Naccache.
Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures, in: Proceedings of the IEEE, 2012, vol. 100, no 11, p. 3056-3076. -
18C. Bouillaguet, P. Derbez, O. Dunkelman, P.-A. Fouque, N. Keller, V. Rijmen.
Low-Data Complexity Attacks on AES, in: IEEE Transactions on Information Theory, 2012, vol. 58, no 11, p. 7002-7017. -
19E. Brier, W. Fang, D. Naccache.
How to Scatter a Secret?, in: Cryptologia, 2012, vol. 36, no 1, p. 46-54. -
20J. Briet, A. Naor, O. Regev.
Locally decodable codes and the failure of cotype for projective tensor products, in: Electronic Research Announcements in Mathematical Sciences, 2012, vol. 19, p. 120–130. -
21H. Buhrman, O. Regev, G. Scarpa, R. de Wolf.
Near-Optimal and Explicit Bell Inequality Violations, in: Israel Journal of Mathematics, 2012, To appear. -
22A. Chakrabarti, O. Regev.
An Optimal Lower Bound on the Communication Complexity of Gap Hamming Distance, in: SIAM Journal on Computing, 2012, To appear. -
23E. Domenjoud, D. Jamet, D. Vergnaud, L. Vuillon.
Enumeration formula for (2, n)-cubes in discrete planes, in: Discrete Applied Mathematics, 2012, vol. 160, no 15, p. 2158-2171. -
24I. Haviv, O. Regev.
Entropy-based Bounds on Dimension Reduction in , in: Israel Journal of Mathematics, 2012, To appear. -
25I. Haviv, O. Regev.
Tensor-based Hardness of the Shortest Vector Problem to within Almost Polynomial Factors, in: Theory of Computing, 2012, To appear. -
26A. Naor, O. Regev.
Krivine schemes are optimal, in: Proceedings of the AMS, 2012, To appear. -
27H. Q. Ngo, D. H. Phan, D. Pointcheval.
Black-box Trace&Revoke Codes, in: Algorithmica, 2012, To appear.
http://hal. inria. fr/ hal-00763979 -
28O. Regev, T. Vidick.
Elementary Proofs of Grothendieck Theorems for Completely Bounded Norms, in: Journal of Operator Theory, 2012, To appear.
International Conferences with Proceedings
-
29M. Abdalla, D. Fiore, V. Lyubashevsky.
From Selective to Full Security: Semi-generic Transformations in the Standard Model, in: Public Key Cryptography (PKC '12), Darmstadt, Germany, M. Fischlin, J. Buchmann, M. Manulis (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7293, p. 316-333. -
30M. Abdalla, P.-A. Fouque, V. Lyubashevsky, M. Tibouchi.
Tightly-Secure Signatures from Lossy Identification Schemes, in: Advances in Cryptology – Proc. EUROCRYPT 2012, D. Pointcheval, T. Johansson (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7237, p. 572-590. -
31M. Abdalla, J.-J. Vie.
Leakage-Resilient Spatial Encryption, in: Second International Conference on Cryptology and Information Security (Latincrypt '12), Santiago, Chile, A. Hevia, G. Neven (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7533, p. 78–99. -
32M. Abdalla, A. De Caro, K. Mochetti.
Lattice-Based Hierarchical Inner Product Encryption, in: Second International Conference on Cryptology and Information Security (Latincrypt '12), Santiago, Chile, A. Hevia, G. Neven (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7533, p. 121–138. -
33G. Barthe, D. Pointcheval, S. Zanella-Béguelin.
Verified Security of Redundancy-Free Encryption from Rabin and RSA, in: Proceedings of the 19th ACM Conference on Computer and Communications Security (CCS '12), Raleigh, NC, USA, T. Yu, G. Danezis, V. D. Gligor (editors), ACM Press, 2012, p. 724–735.
http://hal. inria. fr/ hal-00764871 -
34A. Bauer, D. Vergnaud, J.-C. Zapalowicz.
Inferring Sequences Produced by Nonlinear Pseudorandom Number Generators Using Coppersmith's Methods, in: Public Key Cryptography (PKC '12), Darmstadt, Germany, M. Fischlin, J. Buchmann, M. Manulis (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7293, p. 609-626. -
35O. Blazy, D. Pointcheval, D. Vergnaud.
Compact Round-Optimal Partially-Blind Signatures, in: The 8th Conference on Security in Communication Networks (SCN '12), Amalfi, Italy, I. Visconti, R. De Prisco (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7485, p. 95–112.
http://hal. inria. fr/ hal-00764863 -
36O. Blazy, D. Pointcheval, D. Vergnaud.
Round-Optimal Privacy-Preserving Protocols with Smooth Projective Hash Functions, in: 9th Theory of Cryptography Conference (TCC '12), Taormina, Italy, R. Cramer (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 7194, p. 94–111.
http://hal. inria. fr/ hal-00672939 -
37S. Briais, S. Caron, J.-M. Cioranesco, J.-L. Danger, S. Guilley, J.-H. Jourdan, A. Milchior, D. Naccache, T. Porteboeuf.
3D Hardware Canaries, in: Cryptographic Hardware and Embedded Systems (CHES '12), E. Prouff, P. Schaumont (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7428, p. 1-22. -
38S. Briais, J.-M. Cioranesco, J.-L. Danger, S. Guilley, D. Naccache, T. Porteboeuf.
Random Active Shield, in: Workshop on Fault Diagnosis and Tolerance in Cryptography (FDTC '12), G. Bertoni, B. Gierlichs (editors), IEEE, 2012, p. 103-113. -
39B. Chung, S. Marcello, A.-P. Mirbaha, D. Naccache, K. Sabeg.
Operand Folding Hardware Multipliers, in: Cryptography and Security: From Theory to Applications, D. Naccache (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 6805, p. 319-328. -
40G. Claret, M. Mathieu, D. Naccache, G. Seguin.
Physical Simulation of Inarticulate Robots, in: Cryptography and Security: From Theory to Applications, D. Naccache (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 6805, p. 491-499. -
41J.-S. Coron, D. Naccache, M. Tibouchi.
Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the Integers, in: Advances in Cryptology – Proc. EUROCRYPT 2012, D. Pointcheval, T. Johansson (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7237, p. 446-464. -
42J. P. Degabriele, A. Lehmann, K. G. Paterson, N. P. Smart, M. Strefler.
On the Joint Security of Encryption and Signature in EMV, in: Topics in Cryptology – Proc. CT-RSA 2012, San Francisco, CA, O. Dunkelman (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 7178, p. 116–135. -
43P. Derbez, P.-A. Fouque, J. Jean.
Faster Chosen-Key Distinguishers on Reduced-Round AES, in: INDOCRYPT '12, 2012, p. 225-243. -
44R. Dubois, A. Guillevic, M. Sengelin Le Breton.
Improved Broadcast Encryption Scheme with Constant-Size Ciphertext, in: Pairing-Based Cryptography (Pairing '12), Cologne, Germany, M. Abdalla, T. Lange (editors), Lecture Notes in Computer Science, Springer, 2012. -
45L. Ducas, A. Durmus.
Ring-LWE in Polynomial Rings, in: Public Key Cryptography (PKC '12), Lecture Notes in Computer Science, Springer, 2012, vol. 7293, p. 34-51. -
46L. Ducas, P. Q. Nguyen.
Faster Gaussian Lattice Sampling using Lazy Floating-Point Arithmetic, in: Advances in Cryptology – Proc. ASIACRYPT '12, Lecture Notes in Computer Science, Springer, 2012, vol. 7658. -
47L. Ducas, P. Q. Nguyen.
Learning a Zonotope and More: Cryptanalysis of NTRUSign Countermeasures, in: Advances in Cryptology – Proc. ASIACRYPT '12, Lecture Notes in Computer Science, Springer, 2012, vol. 7658. -
48J.-M. Dutertre, A.-P. Mirbaha, D. Naccache, A.-L. Ribotta, A. Tria, T. Vaschalde.
Fault Round Modification Analysis of the advanced encryption standard, in: IEEE International Symposium on Hardware-Oriented Security and Trust (HOST '12), IEEE, 2012, p. 140-145. -
49V. Gratzer, D. Naccache.
How to Read a Signature?, in: Cryptography and Security: From Theory to Applications, D. Naccache (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 6805, p. 480-483. -
50A. Guillevic, D. Vergnaud.
Genus 2 Hyperelliptic Curve Families with Explicit Jacobian Order Evaluation and Pairing-Friendly Constructions., in: Pairing-Based Cryptography (Pairing '12), Cologne, Germany, M. Abdalla, T. Lange (editors), Lecture Notes in Computer Science, Springer, 2012. -
51T. Güneysu, V. Lyubashevsky, T. Pöppelmann.
Practical Lattice-Based Cryptography: A Signature Scheme for Embedded Systems, in: Cryptographic Hardware and Embedded Systems (CHES '12), E. Prouff, P. Schaumont (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7428, p. 530-547. -
52S. Heyse, E. Kiltz, V. Lyubashevsky, C. Paar, K. Pietrzak.
Lapin: An Efficient Authentication Protocol Based on Ring-LPN, in: Fast Software Encryption (FSE '12), A. Canteaut (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 7549, p. 346-365. -
53J. Jean, M. Naya-Plasencia, T. Peyrin.
Improved Rebound Attack on the Finalist Grøstl, in: Fast Software Encryption (FSE '12), A. Canteaut (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 7549, p. 110-126. -
54M. Joye, T. Lepoint.
Partial key exposure on RSA with private exponents larger than N, in: Information Security Practice and Experience (ISPEC '12), Hangzhou, China, M. D. Ryan, B. Smyth, G. Wang (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7232, p. 369–380. -
55V. Lyubashevsky.
Lattice Signatures without Trapdoors, in: Advances in Cryptology – Proc. EUROCRYPT 2012, D. Pointcheval, T. Johansson (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7237, p. 738-755. -
56C. Murdica, S. Guilley, J.-L. Danger, P. Hoogvorst, D. Naccache.
Same Values Power Analysis Using Special Points on Elliptic Curves, in: Constructive Side-Channel Analysis and Secure Design (COSADE '12), W. Schindler, S. A. Huss (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7275, p. 183-198. -
57D. Naccache, D. Pointcheval.
Autotomic Signatures, in: Cryptography and Security: From Theory to Applications, D. Naccache (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 6805, p. 143–155. -
58D. H. Phan, D. Pointcheval, S. F. Shahandashti, M. Strefler.
Adaptive CCA Broadcast Encryption with Constant-Size Secret Keys and Ciphertexts, in: The 17th Australasian Conference on Information Security and Privacy (ACISP '12), Wollongong, Australia, W. Susilo, Y. Mu, J. Seberry (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7372, p. 308–321.
http://hal. inria. fr/ hal-00764852 -
59D. H. Phan, D. Pointcheval, M. Strefler.
Decentralized Dynamic Broadcast Encryption, in: The 8th Conference on Security in Communication Networks (SCN '12), Amalfi, Italy, I. Visconti, R. De Prisco (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7485, p. 166–183.
http://hal. inria. fr/ hal-00764847 -
60D. H. Phan, D. Pointcheval, M. Strefler.
Message-based Traitor Tracing with Optimal Ciphertext Rate, in: Second International Conference on Cryptology and Information Security (LatinCrypt '12), Santiago, Chile, A. Hevia, G. Neven (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7533, p. 56–77.
http://hal. inria. fr/ hal-00764842 -
61D. Pointcheval.
Password-Based Authenticated Key Exchange, in: Conference on Practice and Theory in Public-Key Cryptography (PKC '12), Darmstadt, Germany, M. Fischlin, J. Buchmann, M. Manulis (editors), Lecture Notes in Computer Science, Springer, 2012, vol. 7293, p. 390–397.
http://hal. inria. fr/ hal-00764515
Scientific Books (or Scientific Book chapters)
-
62M. Abdalla, T. Lange (editors)
The 5th International Conference on Pairing-Based Cryptography (Pairing 2012), Lecture Notes in Computer Science, Springer, Cologne, Germany, 2012, vol. 7708. -
63O. Blazy, D. Pointcheval.
Traceable Signature with Stepping Capabilities, in: Cryptography and Security: From Theory to Applications, D. Naccache (editor), Lecture Notes in Computer Science, Springer, 2012, vol. 6805, p. 108–131.
Books or Proceedings Editing
-
64D. Naccache (editor)
Cryptography and Security: From Theory to Applications - Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, Lecture Notes in Computer Science, Springer, 2012, vol. 6805. -
65D. Pointcheval, T. Johansson (editors)
The 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques (Eurocrypt '12), Lecture Notes in Computer Science, Springer, Cambridge, UK, 2012, vol. 7237.
http://hal. inria. fr/ hal-00766147
-
66M. Ajtai.
Generating Hard Instances of Lattice Problems (Extended Abstract), in: 28th Annual ACM Symposium on Theory of Computing, ACM Press, 1996, p. 99–108. -
67M. Bellare.
Practice-Oriented Provable-Security (Invited Lecture), in: ISC '97: 1st International Workshop on Information Security, E. Okamoto, G. I. Davida, M. Mambo (editors), Lecture Notes in Computer Science, Springer, 1997, vol. 1396, p. 221–231. -
68M. Bellare, D. Pointcheval, P. Rogaway.
Authenticated Key Exchange Secure against Dictionary Attacks, in: Advances in Cryptology – EUROCRYPT '00, Lecture Notes in Computer Science, Springer, 2000, vol. 1807, p. 139–155. -
69M. Bellare, P. Rogaway.
The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs, in: Advances in Cryptology – EUROCRYPT '06, Lecture Notes in Computer Science, Springer, 2006, vol. 4004, p. 409–426. -
70M. Bellare, P. Rogaway.
Random Oracles are Practical: A Paradigm for Designing Efficient Protocols, in: ACM CCS '93: 1st Conference on Computer and Communications Security, ACM Press, 1993, p. 62–73. -
71M. Bellare, P. Rogaway.
The Exact Security of Digital Signatures: How to Sign with RSA and Rabin, in: Advances in Cryptology – EUROCRYPT '96, Lecture Notes in Computer Science, Springer, 1996, vol. 1070, p. 399–416. -
72E. Biham, R. Chen, A. Joux, P. Carribault, C. Lemuet, W. Jalby.
Collisions of SHA-0 and Reduced SHA-1., in: Advances in Cryptology – EUROCRYPT '05, Lecture Notes in Computer Science, Springer, 2005, vol. 3494, p. 36–57. -
73D. R. L. Brown.
The Exact Security of ECDSA, January 2001, Contributions to IEEE P1363a.
http://grouper. ieee. org/ groups/ 1363/ -
74B. Chor, R. L. Rivest.
A Knapsack Type Public Key Cryptosystem Based On Arithmetic in Finite Fields, in: Advances in Cryptology – CRYPTO '84, Lecture Notes in Computer Science, Springer, 1985, vol. 196, p. 54–65. -
75W. Diffie, M. E. Hellman.
New Directions in Cryptography, in: IEEE Transactions on Information Theory, 1976, vol. 22, no 6, p. 644–654. -
76A. Fiat, A. Shamir.
How to Prove Yourself: Practical Solutions to Identification and Signature Problems, in: Advances in Cryptology – CRYPTO '86, Lecture Notes in Computer Science, Springer, 1987, vol. 263, p. 186–194. -
77E. Fujisaki, T. Okamoto, D. Pointcheval, J. Stern.
RSA–OAEP is Secure under the RSA Assumption, in: Journal of Cryptology, 2004, vol. 17, no 2, p. 81–104. -
78L. Lamport.
Constructing Digital Signatures from a One-Way Function, SRI Intl., 1979, no CSL 98. -
79 NIST.
Descriptions of SHA–256, SHA–384, and SHA–512, October 2000, Federal Information Processing Standards PUBlication 180–3.
http://csrc. nist. gov/ publications/ fips/ fips180-4/ fips-180-4. pdf -
80 NIST.
Secure Hash Standard (SHS), April 1993, Federal Information Processing Standards PUBlication 180, Draft. -
81 NIST.
Secure Hash Standard (SHS), April 1995, Federal Information Processing Standards PUBlication 180–1. -
82V. I. Nechaev.
Complexity of a Determinate Algorithm for the Discrete Logarithm, in: Mathematical Notes, 1994, vol. 55, no 2, p. 165–172. -
83K. Ohta, T. Okamoto.
On Concrete Security Treatment of Signatures Derived from Identification, in: Advances in Cryptology – CRYPTO '98, Lecture Notes in Computer Science, Springer, 1998, vol. 1462, p. 354–369. -
84D. Pointcheval.
Provable Security for Public-Key Schemes, Advanced Courses CRM Barcelona, Birkhauser Publishers, Basel, June 2005, p. 133–189, ISBN: 3-7643-7294-X (248 pages). -
85R. L. Rivest.
The MD4 Message-Digest Algorithm, April 1992, RFC 1320, The Internet Engineering Task Force. -
86R. L. Rivest.
The MD5 Message-Digest Algorithm, April 1992, RFC 1321, The Internet Engineering Task Force. -
87P. Shor.
Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer, in: SIAM J. on Computing, 1997, vol. 26, no 5, p. 1484–1509. -
88V. Shoup.
Sequences of games: a tool for taming complexity in security proofs, 2004, Cryptology ePrint Archive 2004/332. -
89V. Shoup.
Lower Bounds for Discrete Logarithms and Related Problems, in: Advances in Cryptology – EUROCRYPT '97, Lecture Notes in Computer Science, Springer, 1997, vol. 1233, p. 256–266. -
90S. Vaudenay.
Cryptanalysis of the Chor-Rivest Cryptosystem, in: Advances in Cryptology – CRYPTO '98, Lecture Notes in Computer Science, Springer, 1998, vol. 1462, p. 243–256. -
91X. Wang, X. Lai, D. Feng, H. Chen, X. Yu.
Cryptanalysis of the Hash Functions MD4 and RIPEMD, in: Advances in Cryptology – EUROCRYPT '05, Lecture Notes in Computer Science, Springer, 2005, vol. 3494, p. 1–18. -
92X. Wang, Y. L. Yin, H. Yu.
Finding Collisions in the Full SHA-1, in: Advances in Cryptology – CRYPTO '05, Lecture Notes in Computer Science, Springer, 2005, vol. 3621, p. 17–36. -
93X. Wang, H. Yu.
How to Break MD5 and Other Hash Functions, in: Advances in Cryptology – EUROCRYPT '05, Lecture Notes in Computer Science, Springer, 2005, vol. 3494, p. 19–35. -
94X. Wang, H. Yu, Y. L. Yin.
Efficient Collision Search Attacks on SHA-0, in: Advances in Cryptology – CRYPTO '05, Lecture Notes in Computer Science, Springer, 2005, vol. 3621, p. 1–16. -
95H. Yu, X. Wang, A. Yun, S. Park.
Cryptanalysis of the Full HAVAL with 4 and 5 Passes, in: FSE '06, Lecture Notes in Computer Science, Springer, 2006, vol. 4047, p. 89–110. -
96H. Yu, G. Wang, G. Zhang, X. Wang.
The Second-Preimage Attack on MD4, in: CANS '05, Lecture Notes in Computer Science, Springer, 2005, vol. 3810, p. 1–12.