A key-schedule weakness in SAFER-K64 (1995)

by L R Knudsen
Venue:Advances in Cryptology, Proceedings Crypto'95, LNCS 963