Abstract
This paper discusses linear cryptanalysis of LOKI89, LOKI91 and s 2DES. Our computer program based on Matsui's search algorithm has completely determined their best linear approximate equations, which tell us applicability of linear cryptanalysis to each cryptosystem. As a result, LOKI89 and LOKI91 are resistant to linear cryptanalysis from the viewpoint of the best linear approximate probability, whereas s2DES is breakable by a known-plaintext attack faster than an exhaustive key search. Moreover, our search program, which is also applicable to differential cryptanalysis, has derived their best differential characteristics as well. These values give a complete proof that characteristics found by Knudsen are actually best.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Biham,E.,Shamir,A.: Differential Cryptanalysis of the Data Encryption Standard. Springer Verlag (1993)
Matsui,M.: Linear Cryptanalysis Method for DES cipher. Advances in Cryptology — Eurocrypt'93, Lecture Notes in Computer Science, Springer-Verlag 765 (1993) 386–397
Matsui,M.: On correlation between the order of S-boxes and the strength of DES. Pre-proceedings of Eurocrypt'94 (1994) 375–387
Matsui,M.: The First Experimental Cryptanalysis of the Data Encryption Standard. Advances in Cryptology — Crypto'94, Lecture Notes in Computer Science, Springer-Verlag 839 (1994) 1–11
Brown,L.,Pieprzyk,J.,Seberry,J.: LOKI-A Cryptographic Primitive for Authentication and Secrecy Applications. Advances in Cryptology — Auscrypt'90, Lecture Notes in Computer Science, Springer-Verlag 453 (1990) 229–236
Brown,L.,Kwan,M.,Pieprzyk,J.,Seberry,J.: Improving Resistance to Differential Cryptanalysis and the Redesign of LOKI. Advances in Cryptology — Asiacrypt'91, Lecture Notes in Computer Science, Springer-Verlag 739 (1993) 36–50
Kim,K.: Construction of DES-like S-boxes Based on Boolean Functions Satisfying the SAC. Advances in Cryptology — Asiacrypt'91, Lecture Notes in Computer Science, Springer-Verlag 739 (1993) 59–72
Biham,E.,Shamir,A.: Differential Cryptanalysis of Snefru, Khafre, REDOC-II, LOKI and Lucifer. Advances in Cryptology — Crypto'91, Lecture Notes in Computer Science, Springer-Verlag 576 (1992) 156–171
Knudsen,L.: Cryptanalysis of LOKI. Advances in Cryptology — Asiacrypt'91, Lecture Notes in Computer Science, Springer-Verlag 739 (1993) 22–35
Knudsen,L.: Cryptanalysis of LOKI91. Advances in Cryptology — Auscrypt'92, Lecture Notes in Computer Science, Springer-Verlag 718 (1993) 196–208
Knudsen,L.: Iterative Characteristics of DES and s2-DES. Advances in Cryptology — Crypto'92, Lecture Notes in Computer Science, Springer-Verlag 740 (1993) 497–511
Lai,X.,Massey,J.,Murphy,S.: Markov ciphers and differential cryptanalysis. Advances in Cryptology — Eurocrypt'91, Lecture Notes in Computer Science, Springer-Verlag 547 (1991) 17–38
Nyberg,K.: Linear Approximation of Block Ciphers. Presented at Rump Session in Eurocrypt'94
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1995 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tokita, T., Sorimachi, T., Matsui, M. (1995). Linear cryptanalysis of LOKI and s 2DES. In: Pieprzyk, J., Safavi-Naini, R. (eds) Advances in Cryptology — ASIACRYPT'94. ASIACRYPT 1994. Lecture Notes in Computer Science, vol 917. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0000442
Download citation
DOI: https://doi.org/10.1007/BFb0000442
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-59339-3
Online ISBN: 978-3-540-49236-8
eBook Packages: Springer Book Archive