Improved Linear Cryptanalysis of Reduced-Round SIMON-32 and SIMON-48

Abdelraheem, Mohamed Ahmed; Alizadeh, Javad; AlKhzaimi, Hoda; Aref, Mohammad Reza; Bagheri, Nasour; Gauravaram, Praveen

doi:10.1007/978-3-319-26617-6_9

Cited by 34 publications

(27 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…See, for example, [3,13,4,15,19,2,6,5,1,14,26] To date, all published "attacks" on Simon and Speck are of the reduced-round variety. The goal of this sort of analysis is to determine the maximal number of rounds that would be susceptible to a theoretical attack (i.e., anything better than an exhaustive key search); all block ciphers are subject to reduced-round attacks.…”

Section: Others' Workmentioning

confidence: 98%

“…So far no published attack makes it more than about 70% of the way through any version of Simon or Speck. (The best are 48 of 69 rounds for Simon 128/128 (69.6%) [1] and 19 of 27 rounds for Speck 64/128 (70.3%) [21]. Compare this to PRESENT-128, which, at 31 rounds, has a 26-round attack (83.9%) [24].)…”

Section: Others' Workmentioning

confidence: 98%

“…The easy answer is "all of it", but there are real-world costs associated with blocking theoretical attacks that in practice might require more energy than we would ever be able to produce. 1 In addition, more liberal attack models have been proposed. Should we care about related-key attacks, whereby the attacker is allowed to manipulate secret keys (without learning what they are)?…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

The SIMON and SPECK lightweight block ciphers

Beaulieu

Shors

Smith

et al. 2015

Proceedings of the 52nd Annual Design Automation Conference

692

677

View full text Add to dashboard Cite

Invited ABSTRACTThe Simon and Speck families of block ciphers were designed specifically to offer security on constrained devices, where simplicity of design is crucial. However, the intended use cases are diverse and demand flexibility in implementation. Simplicity, security, and flexibility are ever-present yet conflicting goals in cryptographic design. This paper outlines how these goals were balanced in the design of Simon and Speck.

show abstract

Section: Others' Workmentioning

confidence: 98%

Section: Others' Workmentioning

confidence: 98%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The SIMON and SPECK lightweight block ciphers

Beaulieu

Shors

Smith

et al. 2015

Proceedings of the 52nd Annual Design Automation Conference

692

677

View full text Add to dashboard Cite

show abstract

“…Later to this on the strength of two variants of reduced round lightweight block cipher SIMON-32 and SIMON-48 had been tested against Linear Cryptanalysis and had been presented the optimum possible results [34]. Almost at the same time the strength of another light weight block ciphers SIMECK had been tested against Linear Cryptanalysis [35].…”

Section: Some Old and Recent References On Linear Cryptanalysismentioning

confidence: 99%

A Review of Existing 4-Bit Crypto S-Box Cryptanalysis Techniques and Two New Techniques with 4-Bit Boolean Functions for Cryptanalysis of 4-Bit Crypto S-Boxes*

Dey

Ghosh

2018

APM

View full text Add to dashboard Cite

Abstract4-bit linear relations play an important role in cryptanalysis of 4-bit crypto S-boxes. 4-bit finite differences have also been a major part of cryptanalysis of 4-bit S-boxes. Existence of all 4-bit linear relations have been counted for all of 16 input and 16 output 4-bit bit patterns of 4-bit Crypto S-boxes said as S-boxes has been reported in Linear Cryptanalysis of 4-bit S-boxes. Count of existing finite differences from each element of output S-boxes to distant output S-boxes have been noted in Differential Cryptanalysis of S-boxes. In this paper a brief review of these two cryptanalytic methods for 4-bit S-boxes has been introduced in a very lucid and conceptual manner. Two new analysis techniques, one to search for the existing linear approximations among the input vectors (IPVs) and output Boolean functions (BFs) of a particular S-box has also been introduced in this paper. The search is limited to find the existing linear relations or approximations in the contrary to count the number of existent linear relations among all 16, 4-bit input and output bit patterns within all possible linear approximations. Another is to find number of balanced BFs in difference output S-boxes. Better the number of Balanced BFs, Better the security.

show abstract

“…2 denotes the time complexity of computing the sum for each set. 3 denotes the time complexity of summing them up.…”

Section: Integral Attack On 22-round Simon32mentioning

confidence: 99%

Improved Integral Attacks on SIMON32 and SIMON48 with Dynamic Key-Guessing Techniques

Chu

Chen

Wang

et al. 2018

Security and Communication Networks

View full text Add to dashboard Cite

Dynamic key-guessing techniques, which exploit the property of AND operation, could improve the differential and linear cryptanalytic results by reducing the number of guessed subkey bits and lead to good cryptanalytic results for SIMON. They have only been applied in differential and linear attacks as far as we know. In this paper, dynamic key-guessing techniques are first introduced in integral cryptanalysis. According to the features of integral cryptanalysis, we extend dynamic key-guessing techniques and get better integral cryptanalysis results than before. As a result, we present integral attacks on 24-round SIMON32, 24-round SIMON48/72, and 25-round SIMON48/96. In terms of the number of attacked rounds, our attack on SIMON32 is better than any previously known attacks, and our attacks on SIMON48 are the same as the best attacks.

show abstract

Improved Linear Cryptanalysis of Reduced-Round SIMON-32 and SIMON-48

Cited by 34 publications

References 23 publications

The SIMON and SPECK lightweight block ciphers

The SIMON and SPECK lightweight block ciphers

A Review of Existing 4-Bit Crypto S-Box Cryptanalysis Techniques and Two New Techniques with 4-Bit Boolean Functions for Cryptanalysis of 4-Bit Crypto S-Boxes*

Improved Integral Attacks on SIMON32 and SIMON48 with Dynamic Key-Guessing Techniques

Contact Info

Product

Resources

About