Paper 2016/036

Characterizations of the Degraded Boolean Function and Cryptanalysis of the SAFER Family

wentan Yi and Shaozhen Chen


This paper investigates the degradation properties of Boolean functions from the aspects of the distributions of dierences and linear masks, and shows two characterizations of the degraded Boolean function. One is that there exists a linear space of the input dierences, where the dierentials with the zero output dierence have probability 1; Another one is that the input linear masks of the nonzero-correlation linear approximations are included in a linear space. Those two linear spaces are orthogonal spaces. Moreover, the degradation properties are showed about the exponentiation type S-box of the SAFER block ciphers, which are applied to reduce the compute complexity in the zero-correlation linear attacks on 5-round SAFER SK/128, 4(5)-round SAFER+/128(256) and 5(6)-round SAFER++/128(256). In the attacks, some of the linear properties of PHT employed as the linear layer by the SAFER block ciphers are investigated and some zero-correlation approximations for SAFER SK, SAFER+, and SAFER++ are identied, when only the least one or two signicant bits are considered. The results show that more rounds of some of the SAFER block ciphers can be attacked, by considering the degradation properties and the zero-correlation linear relations.

Available format(s)
Secret-key cryptography
Publication info
CryptographyBlock cipherDegradation propertyZero- correlation linear cryptanalysisSAFER
Contact author(s)
nlwt8988 @ gmail com
2016-01-14: received
Short URL
Creative Commons Attribution


      author = {wentan Yi and Shaozhen Chen},
      title = {Characterizations of the Degraded Boolean Function and Cryptanalysis of the SAFER Family},
      howpublished = {Cryptology ePrint Archive, Paper 2016/036},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.