We notice that there are good linear hulls for bit-oriented block cipher Simon corresponding to highly qualified truncated differential characteristics. Based on these characteristics, we propose known-key distinguishers on round-reduced Simon block cipher family, which is bit oriented and has a Feistel structure. Similar to the MITM layer, we design a specific start-from-the-middle method for pre-adding extra rounds with complexities lower than generic bounds. With these techniques, we launch basic known-key attacks on round-reduced Simon. We also involve some key guessing technique and further extend the basic attacks to more rounds.
Our known-key attacks can reach as many as 29/32/38/48/63-rounds of Simon32/48/64/96/128, which comes quite close to the full number of rounds. To the best of our knowledge, these are the first known-key results on the block cipher Simon.Category / Keywords: secret-key cryptography / Truncated Differential, Known-Key Attack, Simon Date: received 8 Jan 2016, last revised 1 Feb 2016 Contact author: haoyl12 at mails tsinghua edu cn Available format(s): PDF | BibTeX Citation Version: 20160202:060600 (All versions of this report) Short URL: ia.cr/2016/020 Discussion forum: Show discussion | Start new discussion