Established in 2014, we are a group of cryptography researchers from Nanyang Technological University in Singapore. Supported by university and government research fundings, we focus on research of symmetric-key cryptography and lightweight cryptography. We are physically hosted by the Division of Mathematical Sciences and are part of the Coding and Cryptography Research Group

Recent key research activities: Security Evaluation of Keccak

Hiring: OCT 2018 - we have openings for postdocs and senior research scientists on topics of Fully Homomorphic Encryption, Multi-Party Computation, Searchable Encryption, Differential Privacy, and systems research. Details are available here:

2018-03-05: Joint with L. Song, J. Guo, and D. Shi, the paper entitled "New MILP Modeling: Improved Conditional Cube Attacks to Keccak-based Constructions" won the Kejte cryptanalysis prize.
2018-02-08: Joint with C. Chaigneau, T. Fuhr, H. Gilbert, J. Guo, J. Jean, J. R. Reinhard, L. Song, the paper entitled "Key-Recovery Attacks on Full Kravatte" won the Best Paper Award of FSE 2018. The paper broke the full Kravatte (a PRF design based on the SHA-3 round function), and several subsequent patched versions.
2017-02-26: We solved the 6-round collision challenge of Keccak[r=1440,c=160,nr=6], refer to this announcement and acknowledgement by the Keccak Team.
2016-12-12: Meicheng solved the 4-round preimage challenge of Keccak[r=1440, c=160, nr=4], refer to this announcement and acknowledgement by the Keccak Team.
2016-08-15: CLOC+SILC is selected into the 3rd round of CAESAR competition.
2016-08-01: PHOTON is now part of ISO lightweight hash function standards ISO/IEC 29192-5:2016.
2016-07-11: We solved the 5-round collision challenge of Keccak[r=640,c=160, nr=5], refer to this announcement and acknowledgement by the Keccak Team.
2016-05-27: We solved the 5-round collision challenge of Keccak[r=1440,c=160, nr=5], refer to this announcement and acknowledgement by the Keccak Team.
2016-04-25: We solved the 3-round preimage challenge of Keccak[r=1440, c=160, nr=3] and Keccak[r=640, c=160, nr=3], refer to this announcement and acknowledgement by the Keccak Team.


Team Leader:

Jian Guo


Phone: +65 6514 8399

Interests: Symmetric-Key Cryptography, Lightweight Cryptography


Zhenzhen Bao


Phone: +65 6513 7440

Interests: Symmetric-Key Cryptography


Phone: +65 8286 6354

Interests: Symmetric-Key Cryptography



Wenying Zhang  Shandong Normal University, China 27/08/2018 - 

Tetsu Iwata  Nagoya University, Japan 12/02/2018 - 22/02/2018
Tetsu Iwata  Nagoya University, Japan 17/10/2016 - 31/03/2017
Jingmei Liu  Xidian University, China 01/03/2016 - 01/03/2017
Lei Wang  Shanghai Jiao Tong University, China 04/02/2017 - 10/02/2017
Vesselin Velichkov  Luxembourg University, Luxembourg 12/12/2016 - 16/12/2016
Qingju Wang  Katholieke Universiteit Leuven, Belgium 08/08/2016 - 15/10/2016
Florian Mendel  Graz University of Technology, Austria 28/09/2015 - 30/10/2015
Lei Zhang  Chinese Academy of Sciences, China 26/09/2015 - 10/10/2015
Lei Wang  Shanghai Jiao Tong University, China 20/09/2015 - 04/10/2015
Liting Zhang  Chinese Academy of Sciences, China 28/08/2015 - 27/10/2015
Bing Sun  National University of Defense Technology, China 13/07/2015 - 12/10/2015
Bin Zhang  Chinese Academy of Sciences, China 17/11/2014 - 21/11/2014

PhD Students:

Yi Tu School of Physical and Mathematical Sciences,
Nanyang Technological University, Singapore
07/2018 -
Guozhen Liu
(with Qiu Wei Dong)
Information and Safety Engineering College,
Shanghai Jiao Tong University, China
08/2017 -
Jiale Guo
(with Lam Kwok Yan)
School of Computer Science and Engineering,
Nanyang Technological University, Singapore
07/2017 -
Haoyang Wang
(with Thomas Peyrin)
School of Physical and Mathematical Sciences,
Nanyang Technological University, Singapore
07/2016 -

Exchange Students:

Tao Ye Guilin University of Electronic Technology, China 19/11/2018 - 18/11/2019
Xianrui Qin Shandong University, China 14/09/2018 - 31/12/2018

Tingting Cui  Shandong University, China 10/02/2017 - 25/08/2017
Jiale Guo  Shandong University, China 10/11/2016 - 02/03/2017
Ning Luo  Shandong University, China 10/11/2016 - 14/02/2017
Guozhen Liu  Shanghai Jiao Tong University, China 15/07/2016 - 31/02/2017
Guohong Liao  South China Normal University, China 15/07/2016 - 12/10/2016
Kexin Qiao  Chinese Academy of Sciences, China 01/12/2015 - 31/05/2016
Haoyang Wang  Shandong University, China 01/08/2015 - 31/08/2015
Jingyuan Zhao  Shandong University, China 17/02/2015 - 16/05/2015

Past Members:

Name  Duration @ CATF Current Position
Meicheng Liu  12/05/2015 - 30/09/2016 Associate Professor, Chinese Academy of Sciences, China
Subhadeep Banik  01/03/2016 - 29/06/2017 Postdoc Researcher, EPFL, Switzerland



  1. C. Cid, T. Huang, T. Peyrin, Y. Sasaki, L. Song: Boomerang Connectivity Table: a New Cryptanalysis Tool, EUROCRYPT 2018
  2. Z. Bao, J. Guo, L. Wang: Functional Graph and Its Applications in Generic Attacks on Iterated Hash Constructions, FSE 2018 / ToSC 2018 Issue 1 [Experiment codes]
  3. C. Chaigneau, T. Fuhr, H. Gilbert, J. Guo, J. Jean, J. R. Reinhard, L. Song: Key-Recovery Attacks on Full Kravatte, FSE 2018 / ToSC 2018 Issue 1
    ~ the Best Paper Award, invited to JoC ~
  4. L. Song, J. Guo, D. Shi, S. Ling: New MILP Modeling: Improved Conditional Cube Attacks on Keccak-based Constructions. ASIACRYPT 2018 [Verification codes][Model]
  5. L. Song, J. Guo: Cube-Attack-Like Cryptanalysis of Round-Reduced Keccak Using MILP. FSE 2019/ToSC 2018 Issue 3 [Verification codes]
  6. Y. Liu, Y. Sasaki, L. Song, G. Wang, Cryptanalysis of Reduced sLiSCP Permutation in Sponge-Hash and Duplex-AE Modes, SAC 2018


    1. Z. Bao, L. Wang, J. Guo, D. Gu: Functional Graph Revisited: Updates on (Second) Preimage Attacks on Hash Combiners, CRYPTO 2017. [Experiment codes]
    2. L. Song, G. Liao, J. Guo: Non-Full Sbox Linearization: Applications to Collision Attacks on Round-Reduced Keccak, CRYPTO 2017. [Keccak GPU implementations]
    3. K. Qiao, L. Song, M. Liu, J. Guo: New Collision Attacks on Round-Reduced Keccak, EUROCRYPT 2017.
    4. S. Banik, S. Pandey, T. Peyrin, Y. Sasaki, S. Sim, Y. Todo: GIFT: A Small Present. CHES 2017.
    5. S. Banik, T. Isobe, T. Cui, J. Guo: Some Cryptanalysis Results on Lizard, FSE 2018 / ToSC 2017 Issue 4
    6. G. Liu, M. Ghosh, L. Song: Security Analysis of SKINNY under Related-Tweakey Settings, FSE 2018 / ToSC 2017 Issue 3
    7. C. Cid, T. Huang, T. Peyrin, Y. Sasaki, L. Song: Cryptanalysis of Deoxys and its Internal Tweakable Block Ciphers, FSE 2018 / ToSC 2017 Issue 3
    8. S. Banik, A. Bogdanov, T. Isobe, M. B. Jepsen: Analysis of Software Countermeasures for Whitebox Encryption, FSE 2017 / ToSC 2017 Issue 1.
    9. S. Banik, A. Bogdanov, F. Regazzoni: Efficient Configurations for Block Ciphers with Unified ENC/DEC Paths. IEEE HOST 2017
    10. G. Zhang, M. Liu, A distinguisher on PRESENT-like permutations with application to SPONGENT. Journal of Science China Information Sciences, 2017
    11. S. Banik, T. Isobe and M. Morii: Analysis and Improvements of the Full Spritz Stream Cipher. IEICE Transactions A, 2017.
    12. R. Ankele, S. Banik, A. Chakrabarti, E. List, F. Mendel, S. Sim, G. Wang: Related Key Impossible Differential Attack on Reduced Round SKINNY. ACNS 2017.


    1. L. Wang, J. Guo, G. Zhang, J. Zhao, D. Gu: How to Build Fully Secure Tweakable Blockciphers from Classical Blockciphers, ASIACRYPT 2016.
    2. J. Guo, M. Liu, L. Song: Linear Structures: Applications to Cryptanalysis of Round-Reduced Keccak, ASIACRYPT 2016.
    3. B. Sun, M. Liu, J. Guo, L. Qu, V. Rijmen: New Insights on AES-Like SPN Ciphers, CRYPTO 2016.
    4. B. Sun, M. Liu, J. Guo, V. Rijmen, R. Li: Provable Security Evaluation of Structures against Impossible Differential and Zero Correlation Linear Cryptanalysis, EUROCRYPT 2016.
    5. M. Liu, S. Sim: Lightweight MDS Generalized Circulant Matrices, FSE 2016.
    6. S. Banik, T. Isobe: Cryptanalysis of the Full Spritz Stream Cipher, FSE 2016.
    7. J. Guo, J. Jean, I. Nikolić, Y. Sasaki: Meet-in-the-Middle Attacks on Classes of Contracting and Expanding Feistel Constructions, FSE 2017 / ToSC 2016 Issue 2.
    8. J. Guo, J. Jean, I. Nikolić, K. Qiao, Y. Sasaki, S. M. Sim: Invariant Subspace Attack Against Midori64 and The Resistance Criteria for S-box Designs, FSE 2017 / ToSC 2016 Issue 1.
    9. S. Banik, A. Bogdanov, T. Fanni, C. Sau, L. Raffo, F. Palumbo, F. Regazzoni: Adaptable AES Implementation with Power gating Support, ACM Computing Frontiers 2016.
    10. L. Song, Z. Huang, Q. Yang: Automatic Differential Analysis of ARX Block Ciphers with Application to SPECK and LEA, ACISP 2016.
    11. D. Sijacic, A. Kidmose, B. Yang, S. Banik, B. Bilgin, A. Bogdanov, I. Verbauwhede: Hold your breath, PRIMATEs are lightweight. SAC 2016.
    12. S. Jha, S. Banik, T. Isobe, T. Ohigashi. Some results on the use of RC4 in TLS. Indocrypt 2016.
    13. S. Banik, A. Bogdanov, F. Regazzoni. Atomic-AES: A Compact Implementation of the AES Encryption/Decryption Core. Indocrypt 2016.