Cryptanalysis of LOKI 91
In this paper we examine the redesign of LOKI, LOKI 91 proposed in . First it is shown that there is no characteristic with a probability high enough to do a successful differential attack on LOKI 91. Secondly we show that the size of the image of the F-function in LOKI 91 is 8/13×232. Finally we introduce a chosen plaintext attack that reduces an exhaustive key search on LOKI 91 by almost a factor 4 using 233+2 chosen plaintexts.
KeywordsInput Text Differential Attack Data Encryption Standard Differential Cryptanalysis Choose Plaintext Attack
Unable to display preview. Download preview PDF.
- 1.E. Biham, A. Shamir. Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology, Vol. 4 No. 1 1991.Google Scholar
- 2.E. Biham, A. Shamir. Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. Extended abstract appears in Advances in Cryptology, proceedings of CRYPTO 91.Google Scholar
- 3.E. Biham, A. Shamir. Differential Cryptanalysis of the full 16-round DES. Technical Report # 708, Technion — Israel Institute of Technology.Google Scholar
- 4.L. Brown, J. Pieprzyk, J. Seberry. LOKI — A Cryptographic Primitive for Authentication and Secrecy Applications. Advances in Cryptology — AUSCRYPT '90. Springer Verlag, Lecture Notes 453, pp. 229–236, 1990.Google Scholar
- 5.L. Brown, M. Kwan, J. Pieprzyk, J. Seberry. Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI. Abstracts from ASIA-CRYPT'91.Google Scholar
- 6.X. Lai, J. L. Massey, S. Murphy. Markov Ciphers and Differential Cryptanalysis. Advances in Cryptology — Eurocrypt '91. Lecture Notes in Computer Science 547, Springer Verlag.Google Scholar
- 7.K. Nyberg, L. Ramkilde Knudsen. Provable Security Against Differential Cryptanalysis. Presented at the rump session of CRYPTO'92. To appear in the proceedings of CRYPTO'92.Google Scholar
- 8.L. Ramkilde Knudsen. Cryptanalysis of LOKI. Abstracts from ASIA-CRYPT'91.Google Scholar
- 9.L. Ramkilde Knudsen. Iterative Characteristics of DES and s2-DES. To appear in the proceedings from CRYPTO'92.Google Scholar