Cryptanalysis of LOKI

Authors

  • Lars Ramkilde Knudsen

DOI:

https://doi.org/10.7146/dpb.v21i403.6637

Abstract

In 1990 Brown, Pieprzyk and Seberry proposed a new encryption primitive, which encrypts and decrypts a 64-bit block of data using a 64-bit key. Furthermore they propose a way to build private versions of LOKI.

In this paper we show first that the keyspace of any LOKI-version is only 2^60, not 2^64 as claimed. Therefore there are 15 equivalent keys for every key, that encrypts/decrypts texts the same way. An immediate consequence is, that for the proposed Single Block Hash Mode it is very easy to find collisions. Secondly we do differential cryptanaiysis on LOKI and show that n-round LOKI, n<=14 is vulnerable to this kind of attack, at least in principle. We show that we cannot find a characteristic with a probability high enough to break LOKI with 16 rounds. However one might find a private LOKI-version, that is vulnerable to a differential attack for n=16. Finally we consider differentials versus characteristics for LOKI.

Author Biography

Lars Ramkilde Knudsen

Downloads

Published

1992-07-01

How to Cite

Knudsen, L. R. (1992). Cryptanalysis of LOKI. DAIMI Report Series, 21(403). https://doi.org/10.7146/dpb.v21i403.6637

Issue

No. 403 (1992): PB-403 Cryptanalysis of LOKI

Section

Articles

License

Creative Commons License

Articles published in DAIMI PB are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.