Paper 2020/290

Linear Cryptanalysis of Reduced-Round SIMON Using Super Rounds

Reham Almukhlifi and Poorvi Vora

Abstract

We present attacks on 21-rounds of SIMON 32/64, 21-rounds of SIMON 48/96, 25-rounds of SIMON 64/128, 35-rounds of SIMON 96/144 and 43-rounds of SIMON 128/256, often with direct recovery of the full master key without repeating the attack over multiple rounds. These attacks result from the observation that, after four rounds of encryption, one bit of the left half of the state of 32/64 SIMON depends on only 17 key bits (19 key bits for the other variants of SIMON). Further, linear cryptanalysis requires the guessing of only 16 bits, the size of a single round key of SIMON 32/64. We partition the key into smaller strings by focusing on one bit of state at a time, decreasing the cost of the exhaustive search of linear cryptanalysis to 16 bits at a time for SIMON 32/64. We also present other example linear cryptanalysis, experimentally verified on 8, 10 and 12 rounds for SIMON 32/64.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint. MINOR revision.
Keywords
linear cryptanalysisSIMONsuper rounds
Contact author(s)
rsa39 @ gwu edu
poorvi @ gwu edu
History
2020-03-07: last of 2 revisions
2020-03-06: received
See all versions
Short URL
https://ia.cr/2020/290
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2020/290,
      author = {Reham Almukhlifi and Poorvi Vora},
      title = {Linear Cryptanalysis of Reduced-Round {SIMON} Using Super Rounds},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/290},
      year = {2020},
      url = {https://eprint.iacr.org/2020/290}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.