International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

Integral Cryptanalysis on reduced-round Safer++

Authors:
Gilles Piret
Jean-Jacques Quisquater
Download:
URL: http://eprint.iacr.org/2003/033
Search ePrint
Search Google
Abstract: In this paper we describe an integral distinguisher over 2 rounds of Safer++. It allows a practical attack against 3 rounds of Safer++128, as well as attacks on 4 rounds of Safer++128 and Safer++256, under the chosen-plaintext hypothesis. These results achieve much lower complexity than the currently known best attacks on Safer++, namely weak-key linear cryptanalysis by Nakahara. As a side result, we prove that the byte-branch number of the linear transform of Safer++ is 5. We also discuss a way for further research in order to extend integral cryptanalysis.
BibTeX
@misc{eprint-2003-11751,
  title={Integral Cryptanalysis on reduced-round Safer++},
  booktitle={IACR Eprint archive},
  keywords={secret-key cryptography / block ciphers, integral cryptanalysis},
  url={http://eprint.iacr.org/2003/033},
  note={ piret@dice.ucl.ac.be 12100 received 16 Feb 2003, last revised 17 Feb 2003},
  author={Gilles Piret and Jean-Jacques Quisquater},
  year=2003
}