Cryptology ePrint Archive: Report 2015/145

Observations on the SIMON block cipher family

Stefan Kölbl and Gregor Leander and Tyge Tiessen

Abstract: In this paper we analyse the general class of functions underly- ing the Simon block cipher. In particular, we derive efficiently computable and easily implementable expressions for the exact differential and linear behaviour of Simon-like round functions. Following up on this, we use those expressions for a computer aided approach based on SAT/SMT solvers to find both optimal differential and linear characteristics for Simon. Furthermore, we are able to find all characteristics contributing to the probability of a differential for Simon32 and give better estimates for the probability for other variants. Finally, we investigate a large set of Simon variants using different rotation constants with respect to their resistance against differential and linear cryptanalysis. Interestingly, the default parameters seem to be not always optimal.

Category / Keywords: SIMON, block cipher, differential cryptanalysis, linear cryptanalysis, boolean functions

Original Publication (with minor differences): IACR-CRYPTO-2015

Date: received 20 Feb 2015, last revised 3 Jul 2015

Contact author: stek at dtu dk

Available format(s): PDF | BibTeX Citation

Note: Updated to the revised version of CRYPTO and supplementary tutorial.

Version: 20150703:092944 (All versions of this report)

Short URL: ia.cr/2015/145

Discussion forum: Show discussion | Start new discussion