Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon

Nicolas Courtois, Theodosis Mourouzis, Guangyan Song, Pouyan Sepehrdad, Petr Susil

2014

Abstract

Recently, two families of ultra-lightweight block ciphers were proposed, SIMON and SPECK, which come in a variety of block and key sizes (Beaulieu et al., 2013). They are designed to offer excellent performance for hardware and software implementations (Beaulieu et al., 2013; Aysu et al., 2014). In this paper, we study the resistance of SIMON-64/128 with respect to algebraic attacks. Its round function has very low Multiplicative Complexity (MC) (Boyar et al., 2000; Boyar and Peralta, 2010) and very low non-linearity (Boyar et al., 2013; Courtois et al., 2011) since the only non-linear component is the bitwise multiplication operation. Such ciphers are expected to be very good candidates to be broken by algebraic attacks and combinations with truncated differentials (additional work by the same authors). We algebraically encode the cipher and then using guess-then-determine techniques, we try to solve the underlying system using either a SAT solver (Bard et al., 2007) or by ElimLin algorithm (Courtois et al., 2012b). We consider several settings where P-C pairs that satisfy certain properties are available, such as low Hamming distance or follow a strong truncated differential property (Knudsen, 1995). We manage to break faster than brute force up to 10(/44) rounds for most cases we have tried. Surprisingly, no key guessing is required if pairs which satisfy a strong truncated differential property are available. This reflects the power of combining truncated differentials with algebraic attacks in ciphers of low non-linearity and shows that such ciphers require a large number of rounds to be secure.

References

  1. Alkhzaimi, H. and Lauridsen, M. (2013). Differential and linear cryptanalysis of reduced-round simon. In Cryptology ePrint Archive, Report 2013/543.
  2. Aysu, A., Gulcan, E., and Schaumont, P. (2014). Simon says, break the area records for symmetric key block ciphers on fpgas. In Cryptology ePrint Archive, Report 2014/237.
  3. Bard, G., Courtois, N., and Jefferson, C. (2007). Efficient methods for conversion and solution of sparse systems of low-degree multivariate polynomials over gf(2) via sat-solvers.
  4. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., and Wingers, L. (2013). The simon and speck families of lightweight block ciphers. In Cryptology ePrint Archive, Report 2013/404.
  5. Biryukov, A., A. Roy, A., and Velichkov, V. (2014). Differential analysis of block ciphers simon and speck. In 21st International Workshop on Fast Software Encryption, FSE 2014.
  6. Boyar, J., Find, M., and Peralta, R. (2013). Four measures of nonlinearity. In In Algorithms and Complexity, pp. 61-72. Springer Berlin Heidelberg.
  7. Boyar, J. and Peralta, R. (2010). A new combinational logic minimization technique with applications to cryptology.
  8. Boyar, J., Peralta, R., and Pochuev, D. (2000). On the multiplicative complexity of boolean functions over the basis. In Theoretical Computer Science 235, no. 1, pp. 43-57.
  9. Courtois, N. and Bard, G. (2007). Algebraic cryptanalysis of the data encryption standard. In In IMA Int. Conf. volume 4887, Springer.
  10. Courtois, N., Gawinecki, J., and Song, G. (2012a). Contradiction immunity and guess-then-determine attacks on gost. In In Tatra Mountains Mathematic Publications, Vol. 53 no. 3, pp. 65-79.
  11. Courtois, N., Hulme, D., and Mourouzis, T. (2011). Solving circuit optimisation problems in cryptography and cryptanalysis. In In electronic proceedings of 2nd IMA Conference Mathematics in Defence 2011.
  12. Courtois, N., Mourouzis, T., and Hulme, D. (2013). Exact logic minimization and multiplicative complexity of concrete algebraic and cryptographic circuits. In To Appear in IARIA Journal: IntSys13v6n34.
  13. and Courtois, N., Sepehrdad, P., Susil, P., and Vaudenay, S. (2012b). Elimlin algorithm revisited. In Fast Software Encryption, pp. 306-325, Springer Berlin Heidelberg.
  14. Farzaneh, A., List, E., Lucks, S., and Wenzel, J. (2013). Differential and linear cryptanalysis of reduced-round simon. In Cryptology ePrint Archive, Report 2013/526.
  15. Faugere, J.-C. (1999). A new efficient algorithm for computing grobner bases (f4). In Journal of pure and applied Algebra, Vol. 139, pp. 61-88.
  16. Knudsen, L. (1995). Truncated and higher order differentials. In In Fast Software Encryption, pp. 196-211, Springer Berlin Heidelberg.
  17. Semaev, I. and Mikus, M. (2010). Methods to solve algebraic equations in cryptanalysis. In In Tatra Mountains Mathematic Publications, Vol. 45, pp. 107-136.
  18. Shannon, C. (1949). Communication theory of secrecy systems. In Bell System Technical Journal 28.
  19. Susil, P., Sepehrdad, P., and Vaudenay, S. (2014). On selection of samples in algebraic attacks and a new technique to find hidden low degree equations. In ACISP.
Download


Paper Citation


in Harvard Style

Courtois N., Mourouzis T., Song G., Sepehrdad P. and Susil P. (2014). Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 399-404. DOI: 10.5220/0005064903990404


in Bibtex Style

@conference{secrypt14,
author={Nicolas Courtois and Theodosis Mourouzis and Guangyan Song and Pouyan Sepehrdad and Petr Susil},
title={Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={399-404},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005064903990404},
isbn={978-989-758-045-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon
SN - 978-989-758-045-1
AU - Courtois N.
AU - Mourouzis T.
AU - Song G.
AU - Sepehrdad P.
AU - Susil P.
PY - 2014
SP - 399
EP - 404
DO - 10.5220/0005064903990404