Paper 2025/178

Improved Differential and Linear Cryptanalysis on Round-Reduced SIMON

Chao Niu, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Muzhou Li, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Jifu Zhang, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China
Meiqin Wang, Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, China, School of Cyber Science and Technology, Shandong University, Qingdao, China, Quan Cheng Shandong Laboratory, Jinan, China
Abstract

SIMON is a lightweight block cipher proposed by the National Security Agency. According to previous cryptanalytic results on SIMON, differential and linear cryptanalysis are the two most effective attacks on it. Usually, there are many trails sharing the same input and output differences (resp. masks). These trails comprise the differential (resp. linear hull) and can be used together when mounting attacks. In ASIACRYPT 2021, Leurent et al. proposed a matrix-based method on SIMON-like ciphers, where only trails whose active bits stay in a $w$-bit window are considered. The static window in each round is chosen to be $w$ least significant bits. They applied this efficient framework on SIMON and SIMECK, and have obtained many better differentials and linear hulls than before. For SIMON, they also found that there seems to be some potential for improvement, which should be further investigated. In this paper, we dynamically choose window for each round to achieve better distinguishers. Benefiting from these dynamic windows, we can obtain stronger differentials and linear hulls than previously proposed for almost all versions of SIMON. Finally, we provided the best differential/linear attacks on SIMON48, SIMON64, and SIMON96 in terms of round number, complexity, or success rate.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
SIMONDynamic WindowDifferential AttackLinear Attack
Contact author(s)
niuchao @ mail sdu edu cn
muzhouli @ mail sdu edu cn
zhangjifu @ mail sdu edu cn
mqwang @ sdu edu cn
History
2025-02-07: approved
2025-02-06: received
See all versions
Short URL
https://ia.cr/2025/178
License
Creative Commons Attribution-NonCommercial
CC BY-NC

BibTeX 

@misc{cryptoeprint:2025/178,
      author = {Chao Niu and Muzhou Li and Jifu Zhang and Meiqin Wang},
      title = {Improved Differential and Linear Cryptanalysis on Round-Reduced {SIMON}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/178},
      year = {2025},
      url = {https://eprint.iacr.org/2025/178}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.