Cryptanalysis of SIMON variants with connections

Javad Alizadeh, Hoda Alkhzaimi, Mohammad Reza Aref, Nasour Bagheri, Praveen Gauravaram, Abhishek Kumar, Martin M. Lauridsen, Somitra Kumar Sanadhya

    Research output: Contribution to journalArticle

    Abstract

    Abstract. SIMON is a family of 10 lightweight block ciphers published by Beaulieu et al. from the United States National Security Agency (NSA). A cipher in this family with K-bit key and N-bit block is called SIMONN/K. We present several linear characteristics for reduced-round SIMON32/64 that can be used for a key-recovery attack and extend them further to attack other variants of SIMON. Moreover, we provide results of key recovery analysis using several impossible differential characteristics starting from 14 out of 32 rounds for SIMON32/64 to 22 out of 72 rounds for SIMON128/256. In some cases the presented observations do not directly yield an attack, but provide a basis for further analysis for the specific SIMON variant. Finally, we exploit a connection between linear and differential characteristics for SIMON to construct linear characteristics for different variants of reduced-round SIMON. Our attacks extend to all variants of SIMON covering more rounds compared to any known results using linear cryptanalysis. We present a key recovery attack against SIMON128/256 which covers 35 out of 72 rounds with data complexity 2123. We have implemented our attacks for small scale variants of SIMON and our experiments confirm the theoretical bias presented in this work.

    Fingerprint

    Cryptanalysis
    Attack
    Key Recovery
    Recovery
    National security
    Linear Cryptanalysis
    Data Complexity
    Block Ciphers
    Covering
    Experiments
    Cover
    Experiment

    Keywords

    • Feistel
    • Impossible differential cryptanalysis
    • Lightweight
    • Linear cryptanalysis
    • RFID
    • Rotational cryptanalysis
    • SIMON
    • Weak keys

    ASJC Scopus subject areas

    • Theoretical Computer Science
    • Computer Science(all)

    Cite this

    Cryptanalysis of SIMON variants with connections. / Alizadeh, Javad; Alkhzaimi, Hoda; Aref, Mohammad Reza; Bagheri, Nasour; Gauravaram, Praveen; Kumar, Abhishek; Lauridsen, Martin M.; Sanadhya, Somitra Kumar.

    In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 8651, 01.01.2014, p. 90-107.

    Research output: Contribution to journalArticle

    Alizadeh, Javad ; Alkhzaimi, Hoda ; Aref, Mohammad Reza ; Bagheri, Nasour ; Gauravaram, Praveen ; Kumar, Abhishek ; Lauridsen, Martin M. ; Sanadhya, Somitra Kumar. / Cryptanalysis of SIMON variants with connections. In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). 2014 ; Vol. 8651. pp. 90-107.
    @article{54c48532f06a474e9fef2f6fc81ae4d7,
    title = "Cryptanalysis of SIMON variants with connections",
    abstract = "Abstract. SIMON is a family of 10 lightweight block ciphers published by Beaulieu et al. from the United States National Security Agency (NSA). A cipher in this family with K-bit key and N-bit block is called SIMONN/K. We present several linear characteristics for reduced-round SIMON32/64 that can be used for a key-recovery attack and extend them further to attack other variants of SIMON. Moreover, we provide results of key recovery analysis using several impossible differential characteristics starting from 14 out of 32 rounds for SIMON32/64 to 22 out of 72 rounds for SIMON128/256. In some cases the presented observations do not directly yield an attack, but provide a basis for further analysis for the specific SIMON variant. Finally, we exploit a connection between linear and differential characteristics for SIMON to construct linear characteristics for different variants of reduced-round SIMON. Our attacks extend to all variants of SIMON covering more rounds compared to any known results using linear cryptanalysis. We present a key recovery attack against SIMON128/256 which covers 35 out of 72 rounds with data complexity 2123. We have implemented our attacks for small scale variants of SIMON and our experiments confirm the theoretical bias presented in this work.",
    keywords = "Feistel, Impossible differential cryptanalysis, Lightweight, Linear cryptanalysis, RFID, Rotational cryptanalysis, SIMON, Weak keys",
    author = "Javad Alizadeh and Hoda Alkhzaimi and Aref, {Mohammad Reza} and Nasour Bagheri and Praveen Gauravaram and Abhishek Kumar and Lauridsen, {Martin M.} and Sanadhya, {Somitra Kumar}",
    year = "2014",
    month = "1",
    day = "1",
    doi = "10.1007/978-3-319-13066-8_6",
    language = "English (US)",
    volume = "8651",
    pages = "90--107",
    journal = "Lecture Notes in Computer Science",
    issn = "0302-9743",
    publisher = "Springer Verlag",

    }

    TY - JOUR

    T1 - Cryptanalysis of SIMON variants with connections

    AU - Alizadeh, Javad

    AU - Alkhzaimi, Hoda

    AU - Aref, Mohammad Reza

    AU - Bagheri, Nasour

    AU - Gauravaram, Praveen

    AU - Kumar, Abhishek

    AU - Lauridsen, Martin M.

    AU - Sanadhya, Somitra Kumar

    PY - 2014/1/1

    Y1 - 2014/1/1

    N2 - Abstract. SIMON is a family of 10 lightweight block ciphers published by Beaulieu et al. from the United States National Security Agency (NSA). A cipher in this family with K-bit key and N-bit block is called SIMONN/K. We present several linear characteristics for reduced-round SIMON32/64 that can be used for a key-recovery attack and extend them further to attack other variants of SIMON. Moreover, we provide results of key recovery analysis using several impossible differential characteristics starting from 14 out of 32 rounds for SIMON32/64 to 22 out of 72 rounds for SIMON128/256. In some cases the presented observations do not directly yield an attack, but provide a basis for further analysis for the specific SIMON variant. Finally, we exploit a connection between linear and differential characteristics for SIMON to construct linear characteristics for different variants of reduced-round SIMON. Our attacks extend to all variants of SIMON covering more rounds compared to any known results using linear cryptanalysis. We present a key recovery attack against SIMON128/256 which covers 35 out of 72 rounds with data complexity 2123. We have implemented our attacks for small scale variants of SIMON and our experiments confirm the theoretical bias presented in this work.

    AB - Abstract. SIMON is a family of 10 lightweight block ciphers published by Beaulieu et al. from the United States National Security Agency (NSA). A cipher in this family with K-bit key and N-bit block is called SIMONN/K. We present several linear characteristics for reduced-round SIMON32/64 that can be used for a key-recovery attack and extend them further to attack other variants of SIMON. Moreover, we provide results of key recovery analysis using several impossible differential characteristics starting from 14 out of 32 rounds for SIMON32/64 to 22 out of 72 rounds for SIMON128/256. In some cases the presented observations do not directly yield an attack, but provide a basis for further analysis for the specific SIMON variant. Finally, we exploit a connection between linear and differential characteristics for SIMON to construct linear characteristics for different variants of reduced-round SIMON. Our attacks extend to all variants of SIMON covering more rounds compared to any known results using linear cryptanalysis. We present a key recovery attack against SIMON128/256 which covers 35 out of 72 rounds with data complexity 2123. We have implemented our attacks for small scale variants of SIMON and our experiments confirm the theoretical bias presented in this work.

    KW - Feistel

    KW - Impossible differential cryptanalysis

    KW - Lightweight

    KW - Linear cryptanalysis

    KW - RFID

    KW - Rotational cryptanalysis

    KW - SIMON

    KW - Weak keys

    UR - http://www.scopus.com/inward/record.url?scp=84911907668&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84911907668&partnerID=8YFLogxK

    U2 - 10.1007/978-3-319-13066-8_6

    DO - 10.1007/978-3-319-13066-8_6

    M3 - Article

    VL - 8651

    SP - 90

    EP - 107

    JO - Lecture Notes in Computer Science

    JF - Lecture Notes in Computer Science

    SN - 0302-9743

    ER -