Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
JOC
2000
2000
A Detailed Analysis of SAFER K
In this paper we analyze the block cipher SAFER K. First, we show a weakness in the key schedule, that has the effect that for almost every key there exists on the average three and a half other keys such that the encryptions of plaintexts different in one of eight bytes yield ciphertexts also different in only one byte. Moreover, the differences in the keys, plaintexts, and ciphertexts are in the same byte. This enables us to do a related-key chosen plaintext attack on SAFER K, which finds the secret key. Also, the security of SAFER K, when used in standard hashing modes, is greatly reduced, which is illustrated. Second, we propose a new key schedule for SAFER K avoiding these problems. Third, we do differential cryptanalysis of SAFER K. We consider truncated differentials and apply them in an attack on five-round SAFER K, which finds the secret key much faster than by an exhaustive search. Key words. Cryptanalysis, Block cipher, SAFER, Truncated differentials, Collisions.
Real-time TrafficCipher Safer K | JOC 2000 | Key Schedule | SAFER |
Related Content
| Added | 19 Dec 2010 |
| Updated | 19 Dec 2010 |
| Type | Journal |
| Year | 2000 |
| Where | JOC |
| Authors | Lars R. Knudsen |
Comments (0)
Researcher Info
|
