Authors: EKREM ARAS, MELEK D. YÜCEL
Abstract: If the characteristics of s-boxes of the SAFER family of ciphers are examined for the criteria of strict avalanche, bit independence, and XOR table distribution, experiments show that the ``exponentiating'' s-box has a weakness for an input difference of 128 (=10000000_{2}) and the ``logarithm-taking'' s-box has a weakness for an input difference of 253 (=11111101_{2}). However, since these experiments are performed by isolating the s-boxes from the general structure, they do not necessarily indicate a weakness in the overall algorithm. We propose a quick and rough test method, called the avalanche weight distribution criterion, to evaluate the overall performance of block ciphers. We then apply this novel criterion and the conventional strict avalanche criterion to SAFER K-64, and show that the algorithm passes both tests successfully despite the specific weaknesses of its isolated s-boxes.
Keywords:
Full Text: PDF