SAFER block cipher family consists of SAFER K, SAFER SK, SAFER+ and SAFER++. As the first proposed block cipher of them, SAFER K is strengthened by SAFER SK with improved key schedule. SAFER+ is designed as an AES candidate and Bluetooth uses a customized version of it for security. SAFER++, a variant of SAFER+, is among the cryptographic primitives selected for the second phase of the NESSIE project. In this paper, we take advantage of properties of the linear transformation and S-boxes to identify new impossible differentials for SAFER SK, SAFER+, and SAFER++. Moreover, we give the impossible differential attacks on 4-round SAFER SK/128 and 4-round SAFER+/128(256), 5-round SAFER++/128 and 5.5-round SAFER++/256. Our attacks significantly improve previously known impossible differential attacks on them. Specifically, our attacks on SAFER+ are the best attack in terms of number of rounds.
Jingyuan ZHAO
Shandong University
Meiqin WANG
Shandong University
Jiazhe CHEN
Information Technology Security Evaluation Center
Yuliang ZHENG
UNC Charlotte
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Jingyuan ZHAO, Meiqin WANG, Jiazhe CHEN, Yuliang ZHENG, "New Impossible Differential Attack on SAFER Block Cipher Family" in IEICE TRANSACTIONS on Fundamentals,
vol. E98-A, no. 3, pp. 843-852, March 2015, doi: 10.1587/transfun.E98.A.843.
Abstract: SAFER block cipher family consists of SAFER K, SAFER SK, SAFER+ and SAFER++. As the first proposed block cipher of them, SAFER K is strengthened by SAFER SK with improved key schedule. SAFER+ is designed as an AES candidate and Bluetooth uses a customized version of it for security. SAFER++, a variant of SAFER+, is among the cryptographic primitives selected for the second phase of the NESSIE project. In this paper, we take advantage of properties of the linear transformation and S-boxes to identify new impossible differentials for SAFER SK, SAFER+, and SAFER++. Moreover, we give the impossible differential attacks on 4-round SAFER SK/128 and 4-round SAFER+/128(256), 5-round SAFER++/128 and 5.5-round SAFER++/256. Our attacks significantly improve previously known impossible differential attacks on them. Specifically, our attacks on SAFER+ are the best attack in terms of number of rounds.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E98.A.843/_p
Copy
@ARTICLE{e98-a_3_843,
author={Jingyuan ZHAO, Meiqin WANG, Jiazhe CHEN, Yuliang ZHENG, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={New Impossible Differential Attack on SAFER Block Cipher Family},
year={2015},
volume={E98-A},
number={3},
pages={843-852},
abstract={SAFER block cipher family consists of SAFER K, SAFER SK, SAFER+ and SAFER++. As the first proposed block cipher of them, SAFER K is strengthened by SAFER SK with improved key schedule. SAFER+ is designed as an AES candidate and Bluetooth uses a customized version of it for security. SAFER++, a variant of SAFER+, is among the cryptographic primitives selected for the second phase of the NESSIE project. In this paper, we take advantage of properties of the linear transformation and S-boxes to identify new impossible differentials for SAFER SK, SAFER+, and SAFER++. Moreover, we give the impossible differential attacks on 4-round SAFER SK/128 and 4-round SAFER+/128(256), 5-round SAFER++/128 and 5.5-round SAFER++/256. Our attacks significantly improve previously known impossible differential attacks on them. Specifically, our attacks on SAFER+ are the best attack in terms of number of rounds.},
keywords={},
doi={10.1587/transfun.E98.A.843},
ISSN={1745-1337},
month={March},}
Copy
TY - JOUR
TI - New Impossible Differential Attack on SAFER Block Cipher Family
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 843
EP - 852
AU - Jingyuan ZHAO
AU - Meiqin WANG
AU - Jiazhe CHEN
AU - Yuliang ZHENG
PY - 2015
DO - 10.1587/transfun.E98.A.843
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E98-A
IS - 3
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - March 2015
AB - SAFER block cipher family consists of SAFER K, SAFER SK, SAFER+ and SAFER++. As the first proposed block cipher of them, SAFER K is strengthened by SAFER SK with improved key schedule. SAFER+ is designed as an AES candidate and Bluetooth uses a customized version of it for security. SAFER++, a variant of SAFER+, is among the cryptographic primitives selected for the second phase of the NESSIE project. In this paper, we take advantage of properties of the linear transformation and S-boxes to identify new impossible differentials for SAFER SK, SAFER+, and SAFER++. Moreover, we give the impossible differential attacks on 4-round SAFER SK/128 and 4-round SAFER+/128(256), 5-round SAFER++/128 and 5.5-round SAFER++/256. Our attacks significantly improve previously known impossible differential attacks on them. Specifically, our attacks on SAFER+ are the best attack in terms of number of rounds.
ER -