A Key-schedule Weakness in SAFER K-64
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm
Fast Software Encryption, Cambridge Security Workshop
Truncated Differentials of SAFER
Proceedings of the Third International Workshop on Fast Software Encryption
Proceedings of the 6th IMA International Conference on Cryptography and Coding
A generalization of linear cryptanalysis and the applicability of Matsui's piling-up lemma
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
New impossible differential attack on SAFER+ and SAFER++
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
Hi-index | 0.00 |
This paper presents an improved impossible differential cryptanalysis of SAFER ciphers, which uses the miss-in-the-middle technique developed by Biham et al. We analyze 3.75-round SAFER SK-64, using 2^4^5 chosen plaintexts, 2^3^8 bytes memory and 2^4^2 half round computations. Furthermore, the new impossible differential attack on 3.75-round SAFER+/128 uses 2^7^8 chosen plaintexts, 2^7^5 half round computations and 2^6^8 bytes memory. And attack on 3.75-round SAFER++/128 uses 2^7^8 data, 2^6^6 time, and 2^6^2 memory.