Paper 2025/741

Improved Differential Meet-In-The-Middle Cryptanalysis on SIMON and Piccolo (Full Version)

Weiqing Deng, Shanghai Jiao Tong University
Jianing Zhang, Shanghai Jiao Tong University
Haoyang Wang, Shanghai Jiao Tong University
Abstract

Differential meet-in-the-middle (MITM) cryptanalysis, introduced by Boura et al. at CRYPTO 2023, has been demonstrated to be an effective technique for analyzing the security of block ciphers. In this paper, we introduce an improved parallel partitioning technique, and incorporate it into a new framework with a flexible key recovery strategy. This framework is applicable to both SPN and Feistel ciphers. We apply the new framework to SIMON and Piccolo-128 for demonstration. In particular, we also develop an MILP-based tool for searching full attacks on Piccolo-128. For SIMON48/96, we propose the best attack, reaching 26 rounds against 25 rounds previously. For other versions of SIMON, we extend the best previous differential attacks by one or two rounds. In the case of Piccolo-128, while no current differential attacks show promising results, our differential MITM attack reaches 15 rounds, matching the same number of rounds of the best impossible differential attack.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. ACISP 2025
Keywords
differential meet-in-the-middle attackkey recoveryparallel partitioningSIMONPiccolo-128
Contact author(s)
sdzwyq233 @ sjtu edu cn
zhangjn @ sjtu edu cn
haoyang wang @ sjtu edu cn
History
2025-04-28: last of 2 revisions
2025-04-25: received
See all versions
Short URL
https://ia.cr/2025/741
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2025/741,
      author = {Weiqing Deng and Jianing Zhang and Haoyang Wang},
      title = {Improved Differential Meet-In-The-Middle Cryptanalysis on {SIMON} and Piccolo (Full Version)},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/741},
      year = {2025},
      url = {https://eprint.iacr.org/2025/741}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.