### Improved Linear (hull) Cryptanalysis of Round-reduced Versions of SIMON

Danping Shi, Lei Hu, Siwei Sun, Ling Song, Kexin Qiao, and Xiaoshuang Ma

##### Abstract

SIMON is a family of lightweight block ciphers designed by the U.S. National Security Agency (NSA) that has attracted much attention since its publication in 2013. In this paper, we thoroughly investigate the properties of linear approximations of the bitwise AND operation with dependent input bits. By using a Mixed-integer Linear Programming based technique presented in Aasicrypt 2014 for automatic search for characteristics, we obtain improved linear characteristics for several versions of the SIMON family. Moreover, by employing a recently published method for automatic enumeration of differential and linear characteristics by Sun et. al., we present an improved linear hull analysis of some versions of the SIMON family, which are the best results for linear cryptanalysis of SIMON published so far. Specifically, for SIMON$128$, where the number denotes the block length, a 34-round linear characteristic with correlation $2^{-61}$ is found, which is the longest linear characteristic that can be used in a key-recovery attack for SIMON$128$ published so far. Besides, several linear hulls superior to the best ones known previously are presented as follows: linear hulls for the 13-round SIMON$32$ with potential $2^{-28.99}$ versus previous $2^{-31.69}$, for the 15-round SIMON$48$ with potential $2^{-42.28}$ versus previous $2^{-44.11}$ and linear hulls for the 21-round SIMON$64$ with potential $2^{-60.72}$ versus previous $2^{-62.53}$.

Available format(s)
Publication info
Preprint. Minor revision.
Keywords
SIMONlinear cryptanalysisprobability of successlinear hullkey recovery
Contact author(s)
dpshi @ is ac cn
History
2015-01-06: last of 2 revisions
See all versions
Short URL
https://ia.cr/2014/973

CC BY

BibTeX

@misc{cryptoeprint:2014/973,
author = {Danping Shi and Lei Hu and Siwei Sun and Ling Song and Kexin Qiao and Xiaoshuang Ma},
title = {Improved Linear (hull) Cryptanalysis of Round-reduced Versions of SIMON},
howpublished = {Cryptology ePrint Archive, Paper 2014/973},
year = {2014},
note = {\url{https://eprint.iacr.org/2014/973}},
url = {https://eprint.iacr.org/2014/973}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.