1993 | ReviewPaper | Chapter
Cryptanalysis of LOKI
Author : Lars Ramkilde Knudsen
Published in: Advances in Cryptology — ASIACRYPT '91
Publisher: Springer Berlin Heidelberg
Included in: Professional Book Archive
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
In [BrPiSe90] Brown, Pieprzyk and Seberry proposed a new encryption primitive, which encrypts and decrypts a 64-bit block of data using a 64-bit key. Furthermore they propose a way to build private versions of LOKI.In this paper we show first that the keyspace of any LOKI-version is only 260, not 264 as claimed. Therefore there are 15 equivalent keys for every key, that encrypts/decrypts texts the same way. An immediate consequence is, that the proposed Single Block Hash Mode is no good. It is very easy to find collisions.Secondly we do differential cryptanalysis on LOKI and show that n-round LOKI, n≤14 is vulnerable to this kind of attack, at least in principle. We show that we cannot find a characteristic with a probability high enough to break LOKI with 16 rounds. However one might find a private LOKI-version, that is vulnerable to a differential attack for n=16.