E. Andreeva, A. Bogdanov, Y. Dodis, B. Mennink, and J. P. Steinberger, On the Indifferentiability of Key-Alternating Ciphers, Advances in Cryptology -CRYPTO 2013 (Proceedings, Part I), vol.8042, pp.531-550, 2013.

E. Andreeva, A. Bogdanov, and B. Mennink, Towards Understanding the Known-Key Security of Block Ciphers, Fast Software Encryption -FSE 2013, vol.8424, pp.348-366, 2013.

M. Bellare and D. Cash, Pseudorandom Functions and Permutations Provably Secure against Related-Key Attacks, Advances in Cryptology -CRYPTO 2010, vol.6223, pp.666-684, 2010.

E. Biham, O. Dunkelman, and N. Keller, Related-Key Boomerang and Rectangle Attacks, Advances in Cryptology -EUROCRYPT 2005, vol.3494, pp.507-525, 2005.

M. Bellare and T. Kohno, A Theoretical Treatment of Related-Key Attacks: RKAPRPs, RKA-PRFs, and Applications, Advances in Cryptology -EURO-CRYPT 2003, vol.2656, pp.491-506, 2003.

A. Bogdanov, L. R. Knudsen, G. Leander, F. Standaert, J. P. Steinberger et al., Key-Alternating Ciphers in a Provable Setting: Encryption Using a Small Number of Public Permutations -(Extended Abstract), Advances in Cryptology -EUROCRYPT 2012, vol.7237, pp.45-62, 2012.

A. Biryukov, D. Khovratovich, and I. Nikoli?, Distinguisher and Related-Key Attack on the Full AES-256, Advances in Cryptology -CRYPTO 2009, vol.5677, pp.231-249, 2009.

J. Black, P. Rogaway, and T. Shrimpton, Black-Box Analysis of the Block-CipherBased Hash-Function Constructions from PGV, Advances in Cryptology -CRYPTO 2002, vol.2442, pp.320-335, 2002.

R. Canetti, O. Goldreich, and S. Halevi, The Random Oracle Methodology, Revisited (Preliminary Version), Symposium on Theory of Computing -STOC '98, pp.209-218

S. Chen, R. Lampe, J. Lee, Y. Seurin, and J. P. Steinberger, Minimizing the Two-Round Even-Mansour Cipher, Advances in Cryptology -CRYPTO 2014 (Proceedings, Part I), vol.8616, pp.39-56, 2014.
URL : https://hal.archives-ouvertes.fr/hal-02176881

S. Chen and J. Steinberger, Tight Security Bounds for Key-Alternating Ciphers, Advances in Cryptology -EUROCRYPT 2014, vol.8441, pp.327-350, 2014.

J. Daemen, Limitations of the Even-Mansour Construction, Advances in Cryptology -ASIACRYPT '91, vol.739, pp.495-498, 1991.

O. Dunkelman, N. Keller, and A. Shamir, Minimalism in Cryptography: The EvenMansour Scheme Revisited, Advances in Cryptology -EUROCRYPT 2012, vol.7237, pp.336-354, 2012.

Y. Dodis, T. Ristenpart, and T. Shrimpton, Salvaging Merkle-Damgård for Practical Applications, Advances in Cryptology -EUROCRYPT 2009, vol.5479, pp.371-388, 2009.

S. Even and Y. Mansour, A Construction of a Cipher from a Single Pseudorandom Permutation, Journal of Cryptology, vol.10, issue.3, pp.151-162, 1997.

P. Farshim and G. Procter, The Related-Key Security of Iterated Even-Mansour Ciphers, Fast Software Encryption -FSE 2015, 2015.

D. Goldenberg and M. Liskov, On Related-Secret Pseudorandomness, Theory of Cryptography -TCC 2010, vol.5978, pp.255-272, 2010.

T. Holenstein, R. Künzler, and S. Tessaro, The Equivalence of the Random Oracle Model and the Ideal Cipher Model, Revisited, Symposium on Theory of Computing -STOC 2011, pp.89-98, 2011.

T. Iwata and T. Kohno, New Security Proofs for the 3GPP Confidentiality and Integrity Algorithms, Fast Software Encryption -FSE, vol.3017, pp.427-445, 2004.

J. Jean, I. Nikolic, and T. Peyrin, Tweaks and Keys for Block Ciphers: The TWEAKEY Framework, Advances in Cryptology -ASIACRYPT 2014 -Proceedings, Part II, vol.8874, pp.274-288, 2014.

E. Kiltz, K. Pietrzak, and M. Szegedy, Digital Signatures with Minimal Overhead from Indifferentiable Random Invertible Functions, Advances in Cryptology -CRYPTO 2013 (Proceedings, Part I), vol.8042, pp.571-588, 2013.

L. R. Knudsen and V. Rijmen, Known-Key Distinguishers for Some Block Ciphers, Advances in Cryptology -ASIACRYPT 2007, vol.4833, pp.315-324, 2007.

R. Lampe, J. Patarin, and Y. Seurin, An Asymptotically Tight Security Analysis of the Iterated Even-Mansour Cipher, Advances in Cryptology -ASIACRYPT 2012, vol.7658, pp.278-295, 2012.

M. Liskov, R. L. Rivest, and D. Wagner, Tweakable Block Ciphers, Advances in Cryptology -CRYPTO 2002, vol.2442, pp.31-46, 2002.

R. Lampe and Y. Seurin, How to Construct an Ideal Cipher from a Small Set of Public Permutations, Advances in Cryptology -ASIACRYPT 2013 (Proceedings, Part I), vol.8269, pp.444-463, 2013.

S. Lucks, Ciphers Secure against Related-Key Attacks, Fast Software Encryption -FSE, vol.3017, pp.359-370, 2004.

A. Mandal, J. Patarin, and Y. Seurin, On the Public Indifferentiability and Correlation Intractability of the 6-Round Feistel Construction, Theory of Cryptography Conference -TCC 2012, vol.7194, pp.285-302, 2012.

M. Ueli, R. Maurer, C. Renner, . Holenstein, and . Indifferentiability, Impossibility Results on Reductions, and Applications to the Random Oracle Methodology, Theory of Cryptography Conference-TCC, vol.2951, pp.21-39, 2004.

K. Nyberg and L. R. Knudsen, Provable Security Against Differential Cryptanalysis, Advances in Cryptology -CRYPTO '92, vol.740, pp.566-574, 1992.

J. Patarin, The "Coefficients H" Technique, Selected Areas in Cryptography -SAC, vol.5381, pp.328-345, 2008.

P. Rogaway, Formalizing Human Ignorance, Progress in Cryptology -VIETCRYPT, vol.4341, pp.211-228, 2006.

T. Ristenpart, H. Shacham, and T. Shrimpton, Careful with Composition: Limitations of the Indifferentiability Framework, Advances in Cryptology -EUROCRYPT 2011, vol.6632, pp.487-506, 2011.

J. Steinberger, Improved Security Bounds for Key-Alternating Ciphers via Hellinger Distance. IACR Cryptology ePrint Archive, 2012.

R. S. Winternitz, A Secure One-Way Hash Function Built from DES, IEEE Symposium on Security and Privacy, pp.88-90, 1984.

K. Yoneyama, S. Miyagawa, and K. Ohta, Leaky Random Oracle. IEICE Transactions, issue.8, pp.1795-1807, 2009.