Paper 2018/130

SMT-based Cube Attack on Simeck32/64

Mojtaba Zaheri and Babak Sadeghiyan

Abstract

Satisfiability modulo theories or SMT can be stated as a generalization of Boolean satisfiability problem or SAT. The core idea behind the introduction of SMT solvers is to reduce the complexity through providing more information about the problem environment. In this paper, we take advantage of a similar idea and feed the SMT solver itself, by extra information provided through middle state Cube characteristics, to introduce a new method which we call SMT-based Cube Attack, and apply it to improve the success of the solver in attacking reduced-round versions of the Simeck32/64 lightweight block cipher. We first propose a new algorithm to find cubes with most number of middle state characteristics. Then, we apply these obtained cubes and their characteristics as extra information in the SMT definition of the cryptanalysis problem, to evaluate its effectiveness. Our cryptanalysis results in a full key recovery attack by 64 plaintext/ciphertext pairs on 12 rounds of the cipher in just 122.17 seconds. This is the first practical attack so far presented against the reduced-round versions of Simeck32/64. We also conduct the cube attack on the Simeck32/64 to compare with the SMT-based cube attack. The results indicate that the proposed attack is more powerful than the cube attack.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
SMT-based AttackCube AttackAlgebraic AttackSimeck Lightweight Block Cipher
Contact author(s)
mojtaba zaheri @ aut ac ir
History
2018-02-05: received
Short URL
https://ia.cr/2018/130
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/130,
      author = {Mojtaba Zaheri and Babak Sadeghiyan},
      title = {SMT-based Cube Attack on Simeck32/64},
      howpublished = {Cryptology ePrint Archive, Paper 2018/130},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/130}},
      url = {https://eprint.iacr.org/2018/130}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.