Abstract
This paper presents several multiset and boomerang attacks on Safer++ up to 5.5 out of its 7 rounds. These are the best known attacks for this cipher and significantly improve the previously known results. The attacks in the paper are practical up to 4 rounds. The methods developed to attack Safer++ can be applied to other substitution-permutation networks with incomplete diffusion.
The work described in this paper has been supported in part by the Commission of the European Communities through the IST Programme under Contract IST-1999-12324 and by the Concerted Research Action (GOA) Mefisto-666.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer, Heidelberg (1993)
Biryukov, A., Shamir, A.: Structural cryptanalysis of SASAS. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 394–405. Springer, Heidelberg (2001)
Gilbert, H., Minier, M.: A collision attack on seven rounds of Rijndael. In: Proceedings of the Third AES Candidate Conference. National Institute of Standards and Technology, pp. 230–241 (April 2000)
Kelsey, J., Schneier, B., Wagner, D.: Key-schedule cryptanalysis of 3-WAY, IDEA, G-DES, RC4, SAFER, and Triple-DES. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 237–251. Springer, Heidelberg (1996)
Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)
Knudsen, L.R.: A detailed analysis of SAFER K. Journal of Cryptology 13(4), 417–436 (2000)
Massey, J.L.: SAFER K-64: A byte-oriented block-ciphering algorithm. In: Anderson, R. (ed.) FSE 1993. LNCS, vol. 809, pp. 1–17. Springer, Heidelberg (1994)
Massey, J.L.: On the optimality of SAFER+ diffusion. In: Proceedings of the Second AES Candidate Conference, National Institute of Standards and Technology (March 1999)
Massey, J.L., Khachatrian, G.H., Kuregian, M.K.: Nomination of SAFER++ as candidate algorithm for the New European Schemes for Signatures, Integrity, and Encryption (NESSIE). Primitive submitted to NESSIE by Cylink Corp. (September 2000)
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)
Murphy, S.: An analysis of SAFER. Journal of Cryptology 11(4), 235–251 (1998)
Nakahara Jr, J.: Cryptanalysis and Design of Block Ciphers. PhD thesis, Katholieke Universiteit Leuven (June 2003)
Nakahara Jr, J., Preneel, B., Vandewalle, J.: Linear cryptanalysis of reducedround versions of the SAFER block cipher family. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 244–261. Springer, Heidelberg (2001)
NESSIE Project – New European Schemes for Signatures, Integrity and Encryption, http://cryptonessie.org
Wagner, D.: The boomerang attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Biryukov, A., De Cannière, C., Dellkrantz, G. (2003). Cryptanalysis of Safer++ . In: Boneh, D. (eds) Advances in Cryptology - CRYPTO 2003. CRYPTO 2003. Lecture Notes in Computer Science, vol 2729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45146-4_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-45146-4_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40674-7
Online ISBN: 978-3-540-45146-4
eBook Packages: Springer Book Archive