Abstract
The current paper analyzes the key schedule function of lightweight block cipher Simon, which was designed by NSA in 2013. In particular, a list of all iterative key differences is provided for all members of the Simon-family for all number of rounds. The iterative differences are searched by exploiting the fact that Simon only adopts linear operations in the key schedule function. By using the discovered iterative key difference for Simon32, a 15-round related-key impossible differential is constructed, which improves the previous longest 11-round impossible differentials of Simon32 in the single-key setting by four rounds. The current paper makes better understanding of related-key security of Simon.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Abdelraheem, M.A., Alizadeh, J., Alkhzaimi, H.A., Aref, M.R., Bagheri, N., Gauravaram, P.: Improved linear cryptanalysis of reduced-round SIMON-32 and SIMON-48. In: Biryukov, A., Goyal, V. (eds.) INDOCRYPT 2015. LNCS, vol. 9462, pp. 153–179. Springer, Cham (2015). doi:10.1007/978-3-319-26617-6_9
Abed, F., List, E., Lucks, S., Wenzel, J.: Differential cryptanalysis of round-reduced Simon and Speck. In: Cid and Rechberger [12], pp. 525–545
Ahmadian, Z., Rasoolzadeh, S., Salmasizadeh, M., Aref, M.R.: Automated dynamic cube attack on block ciphers: Cryptanalysis of SIMON and KATAN. Cryptology ePrint Archive, Report 2015/040 (2015)
Alizadeh, J., Alkhzaimi, H.A., Aref, M.R., Bagheri, N., Gauravaram, P., Kumar, A., Lauridsen, M.M., Sanadhya, S.K.: Cryptanalysis of SIMON variants with connections. In: Saxena, N., Sadeghi, A.-R. (eds.) RFIDSec 2014. LNCS, vol. 8651, pp. 90–107. Springer, Cham (2014). doi:10.1007/978-3-319-13066-8_6
Ashur, T.: Improved linear trails for the block cipher Simon. Cryptology ePrint Archive, Report 2015/285 (2015)
Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK families of lightweight block ciphers. Cryptology ePrint Archive, Report 2013/404 (2013)
Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials. J. Cryptology 18(4), 291–311 (2005)
Biryukov, A., Roy, A., Velichkov, V.: Differential analysis of block ciphers SIMON and SPECK. In: Cid and Rechberger [12], pp. 546–570
Boura, C., Naya-Plasencia, M., Suder, V.: Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon. In: Sarkar and Iwata [18], pp. 179–199
Chen, H., Wang, X.: Improved linear hull attack on round-reduced Simon with dynamic key-guessing techniques. Cryptology ePrint Archive, Report 2015/666 (2015)
Chen, Z., Wang, N., Wang, X.: Impossible differential cryptanalysis of reduced round SIMON. Cryptology ePrint Archive, Report 2015/286 (2015)
Cid, C., Rechberger, C. (eds.): FSE 2014. LNCS, vol. 8540. Springer, Heidelberg (2015)
Hao, Y., Meier, W.: Truncated differential based known-key attacks on round-reduced Simon. Cryptology ePrint Archive, Report 2016/020 (2016)
Knudsen, L.: DEAL - a 128-bit block cipher. In: NIST AES Proposal (1998)
Liu, Z., Li, Y., Wang, M.: Optimal differential trails in SIMON-like ciphers. Cryptology ePrint Archive, Report 2017/178 (2017)
Mourouzis, T., Song, G., Courtois, N., Christofii, M.: Advanced differential cryptanalysis of reduced-round SIMON64/128 using large-round statistical distinguishers. Cryptology ePrint Archive, Report 2015/481 (2015)
Raddum, H.: Algebraic analysis of the simon block cipher family. In: Lauter, K., RodrĂguez-HenrĂquez, F. (eds.) LATINCRYPT 2015. LNCS, vol. 9230, pp. 157–169. Springer, Cham (2015). doi:10.1007/978-3-319-22174-8_9
Sarkar, P., Iwata, T. (eds.): ASIACRYPT 2014. LNCS, vol. 8873. Springer, Heidelberg (2014)
Sasaki, Y., Todo, Y.: New impossible differential search tool from design and cryptanalysis aspects. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 185–215. Springer, Cham (2017). doi:10.1007/978-3-319-56617-7_7
Shi, D., Hu, L., Sun, S., Song, L., Qiao, K., Ma, X.: Improved linear (hull) cryptanalysis of round-reduced versions of SIMON. Cryptology ePrint Archive, Report 2014/973 (2014)
Sun, S., Hu, L., Wang, M., Wang, P., Qiao, K., Ma, X., Shi, D., Song, L., Fu, K.: Constructing mixed-integer programming models whose feasible region is exactly the set of all valid differential characteristics of SIMON. Cryptology ePrint Archive, Report 2015/122 (2015)
Sun, S., Hu, L., Wang, P., Qiao, K., Ma, X., Song, L.: Automatic security evaluation and (related-key) differential characteristic search: application to SIMON, PRESENT, LBlock, DES(L) and other bit-oriented block ciphers. In: Sarkar and Iwata [18], pp. 158–178
Todo, Y., Morii, M.: Bit-based division property and application to Simon family. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 357–377. Springer, Heidelberg (2016). doi:10.1007/978-3-662-52993-5_18
Wang, N., Wang, X., Jia, K., Zhao, J.: Differential attacks on reduced SIMON versions with dynamic key-guessing techniques. Cryptology ePrint Archive, Report 2014/448 (2014)
Wang, Q., Liu, Z., Varici, K., Sasaki, Y., Rijmen, V., Todo, Y.: Cryptanalysis of reduced-round SIMON32 and SIMON48. In: Meier, W., Mukhopadhyay, D. (eds.) INDOCRYPT 2014. LNCS, vol. 8885, pp. 143–160. Springer, Cham (2014). doi:10.1007/978-3-319-13039-2_9
**ang, Z., Zhang, W., Bao, Z., Lin, D.: Applying MILP method to searching integral distinguishers based on division property for 6 lightweight block ciphers. In: Cheon, J.H., Takagi, T. (eds.) ASIACRYPT 2016. LNCS, vol. 10031, pp. 648–678. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53887-6_24
**ang, Z., Zhang, W., Lin, D.: On the division property of Simon48 and Simon64. In: Ogawa, K., Yoshioka, K. (eds.) IWSEC 2016. LNCS, vol. 9836, pp. 147–163. Springer, Cham (2016). doi:10.1007/978-3-319-44524-3_9
Acknowledgments
The work by Tetsu Iwata was supported in part by JSPS KAKENHI, Grant-in-Aid for Scientific Research (B), Grant Number 26280045, and was carried out while visiting Nanyang Technological University, Singapore.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Kondo, K., Sasaki, Y., Todo, Y., Iwata, T. (2017). Analyzing Key Schedule of Simon: Iterative Key Differences and Application to Related-Key Impossible Differentials. In: Obana, S., Chida, K. (eds) Advances in Information and Computer Security. IWSEC 2017. Lecture Notes in Computer Science(), vol 10418. Springer, Cham. https://doi.org/10.1007/978-3-319-64200-0_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-64200-0_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-64199-7
Online ISBN: 978-3-319-64200-0
eBook Packages: Computer ScienceComputer Science (R0)