| year | title | booktitle | pages |
|---|
| 1 | 2008 | Various Security Analysis of a pfCM-MD Hash Domain Extension and Applications based on the Extension | eprint | online |
| 2 | 2008 | Improved Cryptanalysis of APOP-MD4 and NMAC-MD4 using New Differential Paths | eprint | online |
| 3 | 2008 | Indifferentiable Security Analysis of choppfMD, chopMD, a chopMDP, chopWPH, chopNI, chopEMD, chopCS, and chopESh Hash Domain Extensions | eprint | online |
| 4 | 2007 | New FORK-256 | eprint | online |
| 5 | 2006 | HIGHT: A New Block Cipher Suitable for Low-Resource Device | ches | online |
| 6 | 2006 | Indifferentiable Security Analysis of Popular Hash Functions with Prefix-Free Padding | asiacrypt | online |
| 7 | 2006 | A New Dedicated 256-Bit Hash Function: FORK-256 | fse | online |
| 8 | 2006 | Known-IV, Known-in-Advance-IV, and Replayed-and-Known-IV Attacks on Multiple Modes of Operation of Block Ciphers | jofc | 441-462 |
| 9 | 2005 | Security Analysis of a 2/3-Rate Double Length Compression Function in the Black-Box Model | fse | online |
| 10 | 2005 | Related-Key Rectangle Attacks on Reduced Versions of SHACAL-1 and AES-192 | fse | online |
| 11 | 2005 | On the Security of Encryption Modes of MD4, MD5 and HAVAL | eprint | online |
| 12 | 2004 | Security Analysis of a 2/3-rate Double Length Compression Function in Black-Box Model | eprint | online |
| 13 | 2004 | A Generalization of PGV-Hash Functions and Security Analysis in Black-Box Model | eprint | online |
| 14 | 2004 | Higher Order Universal One-Way Hash Functions | asiacrypt | online |
| 15 | 2004 | Related Key Differential Attacks on 27 Rounds of XTEA and Full-Round GOST | fse | 299-316 |
| 16 | 2003 | New Parallel Domain Extenders for UOWHF | asiacrypt | online |
| 17 | 2003 | Improving the Upper Bound on the Maximum Differential and the Maximum Linear Hull Probability for SPN Structures and AES | fse | online |
| 18 | 2002 | Impossible Differential Cryptanalysis of Reduced Round XTEA and TEA | fse | online |
| 19 | 2002 | Saturation Attacks on Reduced Round Skipjack | fse | online |
| 20 | 2002 | An Improved Method of Multiplication on Certain Elliptic Curves | pkc | 310-322 |
| 21 | 2002 | Amplified Boomerang Attack against Reduced-Round SHACAL | asiacrypt | online |
| 22 | 2002 | Potential Weaknesses of the Commutator Key Agreement Protocol Based on Braid Groups | eurocrypt | online |
| 23 | 2001 | Pseudorandomness from Braid Groups | crypto | 486-502 |
| 24 | 2001 | Known-IV Attacks on Triple Modes of Operation of Block Ciphers | asiacrypt | 208-221 |
| 25 | 2001 | An Efficient Implementation of Braid Groups | asiacrypt | 144-156 |
| 26 | 2001 | Impossible Differential Cryptanalysis of Zodiac | fse | 300-311 |
| 27 | 2000 | Provable Security for the Skipjack-like Structure against Differential Cryptanalysis and Linear Cryptanalysis | asiacrypt | 274-288 |
| 28 | 2000 | Provable Security against Differential and Linear Cryptanalysis for the SPN Structure | fse | 273-283 |
| 29 | 2000 | New Public-Key Cryptosystem Using Braid Groups | crypto | 166-183 |
| 30 | 1998 | A New Hash Function Based on MDx-Family and Its Application to MAC | pkc | 234-246 |
| 31 | 1996 | Conditional Correlation Attack on Nonlinear Filter Generators | asiacrypt | 360-367 |
| 32 | 1996 | On the Correlation Immune Functions and Their Nonlinearity | asiacrypt | 232-243 |
| 33 | 1995 | On the Security of the Gollmann Cascades | crypto | 148-156 |
| 34 | 1994 | Semi-bent Functions | asiacrypt | 107-118 |
