caa a22 4500 475827120 CHVBK 20180406123831.0 cr unu---uuuuu 170329e20000901xx s 000 0 eng 10.1007/s001450010004 doi (NATIONALLICENCE)springer-10.1007/s001450010004 Knudsen Lars R. Department of Informatics, University of Bergen, Bergen, Norway, NO aut A Detailed Analysis of SAFER K [Elektronische Daten] [Lars R. Knudsen] Abstract. : In this paper we analyze the block cipher SAFER K. First, we show a weakness in the key schedule, that has the effect that for almost every key there exists on the average three and a half other keys such that the encryptions of plaintexts different in one of eight bytes yield ciphertexts also different in only one byte. Moreover, the differences in the keys, plaintexts, and ciphertexts are in the same byte. This enables us to do a related-key chosen plaintext attack on SAFER K, which finds the secret key. Also, the security of SAFER K, when used in standard hashing modes, is greatly reduced, which is illustrated. Second, we propose a new key schedule for SAFER K avoiding these problems. Third, we do differential cryptanalysis of SAFER K. We consider truncated differentials and apply them in an attack on five-round SAFER K, which finds the secret key much faster than by an exhaustive search. International Association for Criptologic Rese, 2000 Key words. Cryptanalysis, Block cipher, SAFER, Truncated differentials, Collisions nationallicence Journal of Cryptology Springer Berlin Heidelberg 13/4(2000-09-01), 417-436 0933-2790 13:4<417 2000 13 145 https://doi.org/10.1007/s001450010004 text/html Onlinezugriff via DOI 1 research-article jats NATIONALLICENCE 856 40 https://doi.org/10.1007/s001450010004 text/html Onlinezugriff via DOI NATIONALLICENCE 100 1- Knudsen Lars R. Department of Informatics, University of Bergen, Bergen, Norway, NO aut NATIONALLICENCE 773 0- Journal of Cryptology Springer Berlin Heidelberg 13/4(2000-09-01), 417-436 0933-2790 13:4<417 2000 13 145 Metadata rights reserved Springer special CC-BY-NC licence nationallicence BK010053 XK010053 XK010000 NATIONALLICENCE NATIONALLICENCE NL-springer