Skip to main content
placeholder image

Improving resistance to differential cryptanalysis and the redesign of LOKI

Chapter


Abstract


  • Differential Cryptanalysis is currently the most powerful tool available for analysing block ciphers, and new block ciphers need to be designed to resist it. It has been suggested that the use of S-boxes based on bent functions, with a flat XOR profile, would be immune. However our studies of differential cryptanalysis, particularly applied to the LOKI cipher, have shown that this is not the case. In fact, this results in a relatively easily broken scheme. We show that an XOR profile with carefully placed zeroes is required. We also show that in order to avoid some variant forms of differential cryptanalysis, permutation P needs to be chosen to prevent easy propagation of a constant XOR value back into the same S-box. We redesign the LOKI cipher to form LOKI91, to illustrate these results, as well as to correct the key schedule to remove the formation of equivalent keys. We conclude with an overview of the security of the new cipher.

Publication Date


  • 1993

Citation


  • Brown, L., Kwan, M., Pieprzyk, J., & Seberry, J. (1993). Improving resistance to differential cryptanalysis and the redesign of LOKI. In Unknown Book (Vol. 739 LNCS, pp. 36-50). doi:10.1007/3-540-57332-1_3

International Standard Book Number (isbn) 13


  • 9783540573326

Scopus Eid


  • 2-s2.0-85028757148

Web Of Science Accession Number


Book Title


  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Start Page


  • 36

End Page


  • 50

Abstract


  • Differential Cryptanalysis is currently the most powerful tool available for analysing block ciphers, and new block ciphers need to be designed to resist it. It has been suggested that the use of S-boxes based on bent functions, with a flat XOR profile, would be immune. However our studies of differential cryptanalysis, particularly applied to the LOKI cipher, have shown that this is not the case. In fact, this results in a relatively easily broken scheme. We show that an XOR profile with carefully placed zeroes is required. We also show that in order to avoid some variant forms of differential cryptanalysis, permutation P needs to be chosen to prevent easy propagation of a constant XOR value back into the same S-box. We redesign the LOKI cipher to form LOKI91, to illustrate these results, as well as to correct the key schedule to remove the formation of equivalent keys. We conclude with an overview of the security of the new cipher.

Publication Date


  • 1993

Citation


  • Brown, L., Kwan, M., Pieprzyk, J., & Seberry, J. (1993). Improving resistance to differential cryptanalysis and the redesign of LOKI. In Unknown Book (Vol. 739 LNCS, pp. 36-50). doi:10.1007/3-540-57332-1_3

International Standard Book Number (isbn) 13


  • 9783540573326

Scopus Eid


  • 2-s2.0-85028757148

Web Of Science Accession Number


Book Title


  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Start Page


  • 36

End Page


  • 50