Paper 2018/699

Correlated Sequence Attack on Reduced-Round Simon-32/64 and Simeck-32/64

Raghvendra Rohit and Guang Gong


In this paper, we propose a novel cryptanalytic technique called correlated sequence attack on block ciphers. Our attack exploits the properties of given key dependent sequences of length $t$ to obtain other keyed sequences of same length with $\sigma$ ($0\le \sigma < t$) computations of the non-linear function. We call these sequences $(\sigma,t)$-correlated sequences, and utilize them in a meet-in-the-middle attack for $2t$ rounds. We apply this technique on Simon-32/64 and Simeck-32/64 block ciphers, construct $(1, 8)$-correlated sequences and present the first 25-round attack on both ciphers. Next, we analyze the 8-th element of these sequences by considering the key scheduling algorithms and differential properties, and show that the attack can be improved by two rounds with the same complexities as of the 25-round attack. Overall, our technique is used to attack up to 27 rounds of both Simon-32/64 and Simeck-32/64 with a time complexity less than that of average exhaustive search and data complexity of 3. Our attack extends the number of previously attacked rounds by 4 and has a success probability 1. This reduces the security margin of both these ciphers to 16%. Up to our knowledge, this is currently the best attack on Simon-32/64 and Simeck-32/64.

Available format(s)
Publication info
Preprint. MINOR revision.
Correlated sequencesSimonSimeckMeet-in-the-middle attack
Contact author(s)
rsrohit @ uwaterloo ca
2018-08-01: received
Short URL
Creative Commons Attribution


      author = {Raghvendra Rohit and Guang Gong},
      title = {Correlated Sequence Attack on Reduced-Round Simon-32/64 and Simeck-32/64},
      howpublished = {Cryptology ePrint Archive, Paper 2018/699},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.