Cryptology ePrint Archive: Report 2013/526

Differential and Linear Cryptanalysis of Reduced-Round Simon

Farzaneh Abed and Eik List and Stefan Lucks and Jakob Wenzel

Abstract: This paper presents differential attacks of round-reduced versions of Simon with up to 18/32, 19/36, 25/44, 35/54, and 46/72 rounds for the 32-, 48-, 64-, 96-, and 128-bit versions, respectively. Furthermore, we consider in brief related-key rectangle, impossible-differential, and also linear attacks. While all our attacks are completely academic, they demonstrate the drawback of the aggressive optimizations in Simon.

Category / Keywords: secret-key cryptography / Differential cryptanalysis, block cipher, lightweight, Simon

Date: received 23 Aug 2013, last revised 9 Oct 2013

Contact author: farzaneh abed at uni-weimar de,eik list@uni-weimar de, stefan lucks@uni-weimar de, jakob wenzel@uni-weimar de

Available format(s): PDF | BibTeX Citation

Version: 20131009:081817 (All versions of this report)

Short URL: ia.cr/2013/526

Discussion forum: Show discussion | Start new discussion