1993 | ReviewPaper | Buchkapitel
Cryptanalysis of LOKI
verfasst von : Lars Ramkilde Knudsen
Erschienen in: Advances in Cryptology — ASIACRYPT '91
Verlag: Springer Berlin Heidelberg
Enthalten in: Professional Book Archive
Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In [BrPiSe90] Brown, Pieprzyk and Seberry proposed a new encryption primitive, which encrypts and decrypts a 64-bit block of data using a 64-bit key. Furthermore they propose a way to build private versions of LOKI.In this paper we show first that the keyspace of any LOKI-version is only 260, not 264 as claimed. Therefore there are 15 equivalent keys for every key, that encrypts/decrypts texts the same way. An immediate consequence is, that the proposed Single Block Hash Mode is no good. It is very easy to find collisions.Secondly we do differential cryptanalysis on LOKI and show that n-round LOKI, n≤14 is vulnerable to this kind of attack, at least in principle. We show that we cannot find a characteristic with a probability high enough to break LOKI with 16 rounds. However one might find a private LOKI-version, that is vulnerable to a differential attack for n=16.