Paper 2016/625

On the Design Rationale of SIMON Block Cipher: Integral Attacks and Impossible Differential Attacks against SIMON Variants

Kota Kondo, Yu Sasaki, and Tetsu Iwata

Abstract

SIMON is a lightweight block cipher designed by NSA in 2013. NSA presented the specification and the implementation efficiency, but they did not provide detailed security analysis nor the design rationale. The original SIMON has rotation constants of $(1,8,2)$, and Kölbl {\it et al}.~regarded the constants as a parameter $(a,b,c)$, and analyzed the security of SIMON block cipher variants against differential and linear attacks for all the choices of $(a,b,c)$. This paper complements the result of Kölbl {\it et al}.~by considering integral and impossible differential attacks. First, we search the number of rounds of integral distinguishers by using a supercomputer. Our search algorithm follows the previous approach by Wang {\it et al}., however, we introduce a new choice of the set of plaintexts satisfying the integral property. We show that the new choice indeed extends the number of rounds for several parameters. We also search the number of rounds of impossible differential characteristics based on the miss-in-the-middle approach. Finally, we make a comparison of all parameters from our results and the observations by Kölbl {\it et al}. Interesting observations are obtained, for instance we find that the optimal parameters with respect to the resistance against differential attacks are not stronger than the original parameter with respect to integral and impossible differential attacks. We also obtain a parameter that is better than the original parameter with respect to security against these four attacks.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. ACNS 2016
DOI
10.1007/978-3-319-39555-5_28
Keywords
SIMONLightweight block cipherIntegral attackImpossible differential attackDesign rationaleRotation constant
Contact author(s)
iwata @ cse nagoya-u ac jp
History
2016-06-17: received
Short URL
https://ia.cr/2016/625
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/625,
      author = {Kota Kondo and Yu Sasaki and Tetsu Iwata},
      title = {On the Design Rationale of SIMON Block Cipher: Integral Attacks and Impossible Differential Attacks against SIMON Variants},
      howpublished = {Cryptology ePrint Archive, Paper 2016/625},
      year = {2016},
      doi = {10.1007/978-3-319-39555-5_28},
      note = {\url{https://eprint.iacr.org/2016/625}},
      url = {https://eprint.iacr.org/2016/625}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.