Cryptanalysis of LOKI

Forfattere

  • Lars Ramkilde Knudsen

DOI:

https://doi.org/10.7146/dpb.v21i403.6637

Resumé

In 1990 Brown, Pieprzyk and Seberry proposed a new encryption primitive, which encrypts and decrypts a 64-bit block of data using a 64-bit key. Furthermore they propose a way to build private versions of LOKI.

In this paper we show first that the keyspace of any LOKI-version is only 2^60, not 2^64 as claimed. Therefore there are 15 equivalent keys for every key, that encrypts/decrypts texts the same way. An immediate consequence is, that for the proposed Single Block Hash Mode it is very easy to find collisions. Secondly we do differential cryptanaiysis on LOKI and show that n-round LOKI, n<=14 is vulnerable to this kind of attack, at least in principle. We show that we cannot find a characteristic with a probability high enough to break LOKI with 16 rounds. However one might find a private LOKI-version, that is vulnerable to a differential attack for n=16. Finally we consider differentials versus characteristics for LOKI.

Forfatterbiografi

Lars Ramkilde Knudsen

Downloads

Publiceret

1992-07-01

Citation/Eksport

Knudsen, L. R. (1992). Cryptanalysis of LOKI. DAIMI Report Series, 21(403). https://doi.org/10.7146/dpb.v21i403.6637

Nummer

Nr. 403 (1992): PB-403 Cryptanalysis of LOKI

Sektion

Articles

Licens

Creative Commons License

Articles published in DAIMI PB are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.