Abstract
In CHES 2015, a new lightweight block cipher Simeck was proposed that combines good design components of SIMON and SPECK, two lightweight ciphers designed by NSA. As a great tool to improve differential attack, dynamic key-guessing techniques were proposed by Wang et al. that work well on SIMON. In this paper, we convert the dynamic key-guessing techniques to a program that can automatically give out the data in dynamic key-guessing procedure. With our tool, the differential security evaluation of SIMON and Simeck like block ciphers becomes very convenient. We apply the method to Simeck and four members of SIMON family. With a differential of lower Hamming weight we find by Mixed Integer Linear Programming method and differentials in Kölbl et al.’s work, we launch attacks on 21, 22-round Simeck32, 28-round Simeck48 and 34, 35-round Simeck64. Besides, by use of newly proposed differentials in CRYPTO 2015 we get new attack results on 22-round SIMON32/64, 24-round SIMON48/96, 28, 29-round SIMON64/96 and 29, 30-round SIMON64/128. As far as we are concerned, our results on SIMON64 are currently the best results.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abed, F., List, E., Lucks, S., Wenzel, J.: Differential cryptanalysis of round-reduced Simon and Speck. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 525–545. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46706-0_27
Alizadeh, J., Alkhzaimi, H.A., Aref, M.R., Bagheri, N., Gauravaram, P., Kumar, A., Lauridsen, M.M., Sanadhya, S.K.: Cryptanalysis of SIMON variants with connections. In: Saxena, N., Sadeghi, A.-R. (eds.) RFIDSec 2014. LNCS, vol. 8651, pp. 90–107. Springer, Cham (2014). doi:10.1007/978-3-319-13066-8_6
Alkhzaimi, H.A., Lauridsen, M.M.: Cryptanalysis of the SIMON family of block ciphers. IACR Cryptology ePrint Archive, Report 2013/543 (2013). http://eprint.iacr.org/2013/543
Alizadeh, J., Alkhzaimi, H.A., Aref, M.R., Bagheri, N., Gauravaram, P., Kumar, A., Lauridsen, M.M., Sanadhya, S.K.: Cryptanalysis of SIMON variants with connections. In: Saxena, N., Sadeghi, A.-R. (eds.) RFIDSec 2014. LNCS, vol. 8651, pp. 90–107. Springer, Cham (2014). doi:10.1007/978-3-319-13066-8_6
Shi, D., Hu, L., Sun, S., Song, L., Qiao, K., Ma, X.: Improved linear (hull) cryptanalysis of round-reduced versions of SIMON. In: Science China Information Sciences (to appear)
Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (Related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014). doi:10.1007/978-3-662-45611-8_9
Wang, N., Wang, X., Jia, K., Zhao, J.: Differential Attacks on Reduced SIMON Versions with Dynamic Key-guessing Techniques. Cryptology ePrint Archive, Report 2014/448 (2014). http://eprint.iacr.org/2014/448
Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck Family of Lightweight Block Ciphers (2015)
Cannière, C., Rechberger, C.: Finding SHA-1 characteristics: general results and applications. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 1–20. Springer, Heidelberg (2006). doi:10.1007/11935230_1
Leurent, G.: Construction of differential characteristics in ARX designs application to skein. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 241–258. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40041-4_14
Mendel, F., Nad, T., Schläffer, M.: Finding SHA-2 characteristics: searching through a minefield of contradictions. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 288–307. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25385-0_16
Theobald, T.: How to break Shamir’s asymmetric basis. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 136–147. Springer, Heidelberg (1995). doi:10.1007/3-540-44750-4_11
Wang, X., Yin, Y.L., Yu, H.: Finding collisions in the full SHA-1. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 17–36. Springer, Heidelberg (2005). doi:10.1007/11535218_2
Sun, S., Hu, L., Wang, M., Wang, P., Qiao, K., Ma, X., Shi, D., Song, L., Fu, K.: Towards finding the best characteristics of some bit-oriented block ciphers and automatic enumeration of (Related-key) differential and linear characteristics with predefined properties. Cryptology ePrint Archive, Report 2014/747 (2014). http://eprint.iacr.org/2014/747
Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. J. Cryptology 4, 3–72 (1991)
Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994). doi:10.1007/3-540-48285-7_33
Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999). doi:10.1007/3-540-48910-X_2
Bagheri, N.: Linear cryptanalysis of reduced-round SIMECK variants. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 140–152. Springer, Heidelberg (2015). doi:10.1007/978-3-319-26617-6_8
Kölbl, S., Roy, A.: A Brief Comparison of Simon and Simeck. Cryptology ePrint Archive, Report 2015/706 (2015). http://eprint.iacr.org/2015/706
Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 161–185. Springer, Heidelberg (2015). doi:10.1007/978-3-662-47989-6_8
Zhang, K., Guan, J., Hu, B., Lin, D.: Security Evaluation on Simeck against Zero Correlation Linear Cryptanalysis. Cryptology ePrint Archive, Report 2015/911 (2015). http://eprint.iacr.org/2015/911
Qin, L., Chen, H.: Linear Hull Attack on Round-Reduced Simeck with Dynamic Key-guessing Techniques. Cryptology ePrint Archive, Report 2016/066 (2016). http://eprint.iacr.org/2016/066
Abdelraheem, M.A., Alizadeh, J., Alkhzaimi, H.A., Aref, M.R., Bagheri, N., Gauravaram, P.: Improved linear cryptanalysis of reduced-round SIMON-32 and SIMON-48. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 153–179. Springer, Heidelberg (2015). doi:10.1007/978-3-319-26617-6_9
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. IACR Cryptology ePrint Archive, Report 2013/404 (2013). http://eprint.iacr.org/2013/404
Qiao, K., Hu, L., Sun, S., Ma, X., Kan, H.: Improved MILP modeling for automatic security evaluation and application to FOX. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E98(A), 72–80 (2015)
Sun, S., Hu, L., Song, L., Xie, Y., Wang, P.: Automatic security evaluation of block ciphers with S-bP structures against related-key differential attacks. In: Lin, D., Xu, S., Yung, M. (eds.) Inscrypt 2013. LNCS, vol. 8567, pp. 39–51. Springer, Heidelberg (2014). doi:10.1007/978-3-319-12087-4_3
Acknowledgements
Thanks to anonymous reviewers for their helpful comments and also organizers and audiences of ICISSP 2016. The work of this paper was supported by the National Key Basic Research Program of China (2013CB834203), the National Natural Science Foundation of China (Grants 61472417, 61472415 and 61402469), the Strategic Priority Research Program of Chinese Academy of Sciences under Grant XDA06010702, and the State Key Laboratory of Information Security, Chinese Academy of Sciences.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
1.1 Related Keys in Decryption Direction
For sufficient bit condition \(\varDelta X^i_j=0 \text { or }1\) and \(j\in [0,n-1]\), in decrypt direction we have
where
Algorithm 3 demonstrates how to get subkey bits that influence \(X^i_j\) and that are linear to \(X^i_j.\)
1.2 Sufficient Conditions of Extended Differential Path for Simeck
We provide the sufficient conditions of extended differential paths of 22-round Simeck32/64, 28-round Simeck48/96 and 35-round Simeck64/128 in Tables 9, 10 and 11.
1.3 Extended Differential Path for SIMON
We provide the sufficient conditions of extended differential paths of 22-round SIMON32, 24-round SIMON48 and 29, 30-round SIMON64 in Tables 12, 13, 14 and 15.
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Qiao, K., Hu, L., Sun, S. (2017). Differential Analysis on Simeck and SIMON with Dynamic Key-Guessing Techniques. In: Camp, O., Furnell, S., Mori, P. (eds) Information Systems Security and Privacy. ICISSP 2016. Communications in Computer and Information Science, vol 691. Springer, Cham. https://doi.org/10.1007/978-3-319-54433-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-54433-5_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54432-8
Online ISBN: 978-3-319-54433-5
eBook Packages: Computer ScienceComputer Science (R0)