loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Nicolas Courtois 1 ; Theodosis Mourouzis 1 ; Guangyan Song 1 ; Pouyan Sepehrdad 2 and Petr Susil 3

Affiliations: 1 University College London, United Kingdom ; 2 Qualcomm Inc. San Diego, United States ; 3 École Polytechnique Fédéreale de Lausanne, Switzerland

Keyword(s): Lightweight Cryptography, Block Cipher, Feistel, SIMON, Differential Cryptanalysis, Algebraic Cryptanalysis, Truncated Differentials, SAT Solver, Elimlin, Non-linearity, Multiplicative Complexity, Guess-then-determine.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Data Protection ; Information and Systems Security ; Information Assurance ; Information Hiding

Abstract: Recently, two families of ultra-lightweight block ciphers were proposed, SIMON and SPECK, which come in a variety of block and key sizes (Beaulieu et al., 2013). They are designed to offer excellent performance for hardware and software implementations (Beaulieu et al., 2013; Aysu et al., 2014). In this paper, we study the resistance of SIMON-64/128 with respect to algebraic attacks. Its round function has very low Multiplicative Complexity (MC) (Boyar et al., 2000; Boyar and Peralta, 2010) and very low non-linearity (Boyar et al., 2013; Courtois et al., 2011) since the only non-linear component is the bitwise multiplication operation. Such ciphers are expected to be very good candidates to be broken by algebraic attacks and combinations with truncated differentials (additional work by the same authors). We algebraically encode the cipher and then using guess-then-determine techniques, we try to solve the underlying system using either a SAT solver (Bard et al., 2007) or by ElimLin a lgorithm (Courtois et al., 2012b). We consider several settings where P-C pairs that satisfy certain properties are available, such as low Hamming distance or follow a strong truncated differential property (Knudsen, 1995). We manage to break faster than brute force up to 10(/44) rounds for most cases we have tried. Surprisingly, no key guessing is required if pairs which satisfy a strong truncated differential property are available. This reflects the power of combining truncated differentials with algebraic attacks in ciphers of low non-linearity and shows that such ciphers require a large number of rounds to be secure. (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 54.167.199.134

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Courtois, N.; Mourouzis, T.; Song, G.; Sepehrdad, P. and Susil, P. (2014). Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon. In Proceedings of the 11th International Conference on Security and Cryptography (ICETE 2014) - SECRYPT; ISBN 978-989-758-045-1; ISSN 2184-3236, SciTePress, pages 399-404. DOI: 10.5220/0005064903990404

@conference{secrypt14,
author={Nicolas Courtois. and Theodosis Mourouzis. and Guangyan Song. and Pouyan Sepehrdad. and Petr Susil.},
title={Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography (ICETE 2014) - SECRYPT},
year={2014},
pages={399-404},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005064903990404},
isbn={978-989-758-045-1},
issn={2184-3236},
}

TY - CONF

JO - Proceedings of the 11th International Conference on Security and Cryptography (ICETE 2014) - SECRYPT
TI - Combined Algebraic and Truncated Differential Cryptanalysis on Reduced-round Simon
SN - 978-989-758-045-1
IS - 2184-3236
AU - Courtois, N.
AU - Mourouzis, T.
AU - Song, G.
AU - Sepehrdad, P.
AU - Susil, P.
PY - 2014
SP - 399
EP - 404
DO - 10.5220/0005064903990404
PB - SciTePress