Advertisement

Cryptanalysis of LOKI 91

  • Lars Ramkilde Knudsen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 718)

Abstract

In this paper we examine the redesign of LOKI, LOKI 91 proposed in [5]. First it is shown that there is no characteristic with a probability high enough to do a successful differential attack on LOKI 91. Secondly we show that the size of the image of the F-function in LOKI 91 is 8/13×232. Finally we introduce a chosen plaintext attack that reduces an exhaustive key search on LOKI 91 by almost a factor 4 using 233+2 chosen plaintexts.

Keywords

Input Text Differential Attack Data Encryption Standard Differential Cryptanalysis Choose Plaintext Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    E. Biham, A. Shamir. Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology, Vol. 4 No. 1 1991.Google Scholar
  2. 2.
    E. Biham, A. Shamir. Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. Extended abstract appears in Advances in Cryptology, proceedings of CRYPTO 91.Google Scholar
  3. 3.
    E. Biham, A. Shamir. Differential Cryptanalysis of the full 16-round DES. Technical Report # 708, Technion — Israel Institute of Technology.Google Scholar
  4. 4.
    L. Brown, J. Pieprzyk, J. Seberry. LOKI — A Cryptographic Primitive for Authentication and Secrecy Applications. Advances in Cryptology — AUSCRYPT '90. Springer Verlag, Lecture Notes 453, pp. 229–236, 1990.Google Scholar
  5. 5.
    L. Brown, M. Kwan, J. Pieprzyk, J. Seberry. Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI. Abstracts from ASIA-CRYPT'91.Google Scholar
  6. 6.
    X. Lai, J. L. Massey, S. Murphy. Markov Ciphers and Differential Cryptanalysis. Advances in Cryptology — Eurocrypt '91. Lecture Notes in Computer Science 547, Springer Verlag.Google Scholar
  7. 7.
    K. Nyberg, L. Ramkilde Knudsen. Provable Security Against Differential Cryptanalysis. Presented at the rump session of CRYPTO'92. To appear in the proceedings of CRYPTO'92.Google Scholar
  8. 8.
    L. Ramkilde Knudsen. Cryptanalysis of LOKI. Abstracts from ASIA-CRYPT'91.Google Scholar
  9. 9.
    L. Ramkilde Knudsen. Iterative Characteristics of DES and s2-DES. To appear in the proceedings from CRYPTO'92.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Lars Ramkilde Knudsen
    • 1
  1. 1.Comp. Science Dept.Aarhus UniversitetÅrhus C

Personalised recommendations