Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security and Cryptography for Networks

SCN 2016: Security and Cryptography for Networks pp 431–446Cite as

Pen and Paper Arguments for SIMON and SIMON-like Designs

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9841))

Abstract

In this work, we analyze the resistance of Simon-like ciphers against differential attacks without using computer-aided methods. In this context, we first define the notion of a Simon-like cipher as a generalization of the Simon design. For certain instances, we present a method for proving the resistance against differential attacks by upper bounding the probability of a differential characteristic by \(2^{-2T+2}\) where T denotes the number of rounds. Interestingly, if 2n denotes the block length, our result is sufficient in order to bound the probability by \(2^{-2n}\) for all full-round variants of Simon and Simeck. Thus, it guarantees security in a sense that, even having encryptions of the full codebook, one cannot expect a differential characteristic to hold. The important difference between previous works is that our proof can be verified by hand and thus contributes towards a better understanding of the design. However, it is to mention that we do not analyze the probability of multi-round differentials.

Although there are much better bounds known, especially for a high number of rounds, they are based on experimental search like using SAT/SMT solvers. While those results have already shown that Simon can be considered resistant against differential cryptanalysis, our argument gives more insights into the design itself. As far as we know, this work presents the first non-experimental security argument for full-round versions of several Simon-like instances.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    As we only focus on the probabilities of differential characteristics and do not provide a full security analysis, this work should not be seen as a recommendation for using Simon. Some design choices are still unclear. To mention is the key schedule as one example.

  2. 2.

    \(\dagger \): This bit is only unknown if the bitlength is 16 bit (\(n = 16\)). Therefore, w.l.o.g. we assume this bit to be unknown. In the following, we may also consider certain bits to be unknown if the actual value does not matter for the proof.

  3. 3.

    \(\ddagger \): Of course, this bit is already equal to 1 if the bitlength n is greater than 16.

References

  1. Abdelraheem, M.A., Alizadeh, J., Alkhzaimi, H.A., Aref, M.R., Bagheri, N., Gauravaram, P.: Improved linear cryptanalysis of reduced-round SIMON-32 and SIMON-48. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 153–179. Springer International Publishing, Heidelberg (2015)

    Google Scholar 

  2. Abed, F., List, E., Lucks, S., Wenzel, J.: Differential cryptanalysis of round-reduced SIMON and SPEAK. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 525–545. Springer, Heidelberg (2015)

    Google Scholar 

  3. Alizadeh, J., Bagheri, N., Gauravaram, P., Kumar, A., Sanadhya, S.K.: Linear cryptanalysis of round reduced SIMON. Cryptology ePrint Archive, Report 2013/663 (2013). http://eprint.iacr.org/2013/663

  4. Alkhzaimi, H.A., Lauridsen, M.M.: Cryptanalysis of the SIMON family of block ciphers. Cryptology ePrint Archive, Report 2013/543 (2013). http://eprint.iacr.org/2013/543

  5. Ashur, T.: Improved linear trails for the block cipher Simon. Cryptology ePrint Archive, Report 2015/285 (2015). http://eprint.iacr.org/

  6. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404 (2013). http://eprint.iacr.org/2013/404

  7. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the internet of things. In: NIST Lightweight Cryptography Workshop, Vol. 2015 (2015)

    Google Scholar 

  8. Beierle, C., Jovanovic, P., Lauridsen, M.M., Leander, G., Rechberger, C.: Analyzing permutations for AES-like ciphers: understanding ShiftRows. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 37–58. Springer, Heidelberg (2015)

    Google Scholar 

  9. Benadjila, R., Billet, O., Gilbert, H., Macario-Rat, G., Peyrin, T., Robshaw, M., Seurin, Y.: SHA-3 Proposal: ECHO (2010). http://crypto.rd.francetelecom.com/ECHO/

  10. Bertoni, G., Daemen, J., Peeters, M., Assche, G.: The Keccak reference. Submission to NIST (Round 3), 13 (2011)

    Google Scholar 

  11. Biham, E., Anderson, R., Knudsen, L.R.: Serpent: a new block cipher proposal. In: Vaudenay, S. (ed.) FSE 1998. LNCS, vol. 1372, p. 222. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  12. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)

    Google Scholar 

  13. Biryukov, A., Roy, A., Velichkov, V.: Differential analysis of block ciphers SIMON and SPECK. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 546–570. Springer, Heidelberg (2015)

    Google Scholar 

  14. Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  15. Chen, H., Wang, X.: Improved linear hull attack on round-reduced SIMON with dynamic key-guessing techniques. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 428–449. Springer, Heidelberg (2016). doi:10.1007/978-3-662-52993-5_22

    Chapter  Google Scholar 

  16. Daemen, J.: Cipher and hash function design strategies based on linear and differential cryptanalysis. Ph.D. thesis, Doctoral Dissertation, KU Leuven, March 1995

    Google Scholar 

  17. Daemen, J., Lamberger, M., Pramstaller, N., Rijmen, V., Vercauteren, F.: Computational aspects of the expected differential probability of 4-round AES and AES-like ciphers. Computing 85(1–2), 85–104 (2009)

    Article  MathSciNet  MATH  Google Scholar 

  18. Daemen, J., Rijmen, V.: AES Proposal: Rjindael (1998). http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf

  19. Grassl, M.: Bounds on the minimum distance of linear codes and quantum codes (2007). http://www.codetables.de. Accessed 15 Feb 2016

  20. Kölbl, S., Leander, G., Tiessen, T.: Observations on the SIMON block cipher family. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9215, pp. 161–185. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  21. Kondo, K., Sasaki, Y., Iwata, T.: On the design rationale of SIMON block cipher: integral attacks and impossible differential attacks against SIMON variants. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 518–536. Springer, Heidelberg (2016). doi:10.1007/978-3-319-39555-5_28

    Chapter  Google Scholar 

  22. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  23. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012)

    Google Scholar 

  24. Nyberg, K., Knudsen, L.: Provable security against a differential attack. J. Cryptol. 8(1), 27–37 (1995)

    Article  MathSciNet  MATH  Google Scholar 

  25. PUB FIPS. 197: Advanced encryption standard (AES), National Institute of Standards and Technology (2001). http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  26. Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28(4), 656–715 (1949)

    Article  MathSciNet  MATH  Google Scholar 

  27. Shirai, T., Preneel, B.: On Feistel ciphers using optimal diffusion mappings across multiple rounds. In: Lee, P.J. (ed.) ASIACRYPT 2004. LNCS, vol. 3329, pp. 1–15. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  28. Shirai, T., Shibutani, K.: Improving immunity of Feistel ciphers against differential cryptanalysis by using multiple MDS matrices. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 260–278. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  29. Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8873, pp. 158–178. Springer, Heidelberg (2014)

    Google Scholar 

  30. Todo, Y., Morii, M.: Bit-based division property and application to SIMON family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357–377. Springer, Heidelberg (2016). doi:10.1007/978-3-662-52993-5_18

    Chapter  Google Scholar 

  31. Wang, N., Wang, X., Jia, K., Zhao, J.: Differential attacks on reduced SIMON versions with dynamic key-guessing techniques. Cryptology ePrint Archive, Report 2014/448 (2014). http://eprint.iacr.org/2014/448

  32. Wang, Q., Liu, Z., Varıcı, K., Sasaki, Y., Rijmen, V., Todo, Y.: Cryptanalysis of reduced-round SIMON32 and SIMON48. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 143–160. Springer International Publishing, Heidelberg (2014)

    Google Scholar 

  33. Yang, G., Zhu, B., Suder, V., Aagaard, M.D., Gong, G.: The Simeck family of lightweight block ciphers. In: Güneysu, T., Handschuh, H. (eds.) CHES 2015. LNCS, vol. 9293, pp. 307–329. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

Download references

Acknowledgements

The author’s work was supported by DFG Research Training Group GRK 1817 Ubicrypt. Special thanks go to Gregor Leander for his valuable suggestions and comments.

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Bochum, Germany

    Christof Beierle

Authors
  1. Christof Beierle
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christof Beierle .

Editor information

Editors and Affiliations

  1. Rensselaer Polytechnic Institute, Troy, New York, USA

    Vassilis Zikas

  2. University of Salerno, Fisciano, Italy

    Roberto De Prisco

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this paper

Cite this paper

Beierle, C. (2016). Pen and Paper Arguments for SIMON and SIMON-like Designs. In: Zikas, V., De Prisco, R. (eds) Security and Cryptography for Networks. SCN 2016. Lecture Notes in Computer Science(), vol 9841. Springer, Cham. https://doi.org/10.1007/978-3-319-44618-9_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-44618-9_23

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-44617-2

  • Online ISBN: 978-3-319-44618-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation