Correlated Sequence Attack on Reduced-Round Simon-32/64 and Simeck-32/64

In this paper, we propose a novel cryptanalytic technique called correlated sequence attack on block ciphers. Our attack exploits the properties of given key dependent sequences of length t to obtain other keyed sequences of same length with σ (0 ≤ σ < t) computations of the non-linear function. We call these sequences (σ, t)-correlated sequences, and utilize them in a meet-in-the-middle attack for 2t rounds. We apply this technique on Simon-32/64 and Simeck-32/64 block ciphers, construct (1, 8)-correlated sequences and present the first 25-round attack on both ciphers. Next, we analyze the 8-th element of these sequences by considering the key scheduling algorithms and differential properties, and show that the attack can be improved by two rounds with the same complexities as of the 25-round attack. Overall, our technique is used to attack up to 27 rounds of both Simon-32/64 and Simeck-32/64 with a time complexity less than that of average exhaustive search and data complexity of 3. Our attack extends the number of previously attacked rounds by 4 and has a success probability 1. This reduces the security margin of both these ciphers to 16%. Up to our knowledge, this is currently the best attack on Simon-32/64 and Simeck-32/64.

[1]  Thomas Peyrin,et al.  GIFT: A Small Present , 2017, IACR Cryptol. ePrint Arch..

[2]  D. Lin,et al.  Integral cryptanalysis on Simeck , 2016, 2016 Sixth International Conference on Information Science and Technology (ICIST).

[3]  Stefan Lucks,et al.  Differential Cryptanalysis of Round-Reduced Simon and Speck , 2014, FSE.

[4]  Meiqin Wang,et al.  New integral attacks on SIMON , 2017, IET Inf. Secur..

[5]  Whitfield Diffie,et al.  Special Feature Exhaustive Cryptanalysis of the NBS Data Encryption Standard , 1977, Computer.

[6]  Ning Wang,et al.  Differential attacks on reduced SIMON versions with dynamic key-guessing techniques , 2017, Science China Information Sciences.

[7]  Stefan Kölbl,et al.  A Brief Comparison of Simon and Simeck , 2016, LightSec.

[8]  Meiqin Wang,et al.  Improved Zero-Correlation Cryptanalysis on SIMON , 2015, Inscrypt.

[9]  Yu Sasaki,et al.  On the Design Rationale of Simon Block Cipher: Integral Attacks and Impossible Differential Attacks against Simon Variants , 2016, ACNS.

[10]  Nicky Mouha,et al.  Report on Lightweight Cryptography , 2017 .

[11]  Xiaoyun Wang,et al.  Improved Linear Hull Attack on Round-Reduced Simon with Dynamic Key-Guessing Techniques , 2015, FSE.

[12]  S. Kyoji,et al.  Piccolo: An Ultra-Lightweight Blockcipher , 2011 .

[13]  Thomas Peyrin,et al.  The LED Block Cipher , 2011, IACR Cryptol. ePrint Arch..

[14]  Yongqiang Li,et al.  Optimal Differential Trails in SIMON-like Ciphers , 2017, IACR Trans. Symmetric Cryptol..

[15]  Jason Smith,et al.  Notes on the design and analysis of SIMON and SPECK , 2017, IACR Cryptol. ePrint Arch..

[16]  Pierre-Alain Fouque,et al.  Automatic Search of Meet-in-the-Middle and Impossible Differential Attacks , 2016, CRYPTO.

[17]  Stefan Kölbl,et al.  Observations on the SIMON Block Cipher Family , 2015, CRYPTO.

[18]  Xiaoyun Wang,et al.  Linear Hull Attack on Round-Reduced Simeck with Dynamic Key-Guessing Techniques , 2016, ACISP.

[19]  Christophe De Cannière,et al.  KATAN and KTANTAN - A Family of Small and Efficient Hardware-Oriented Block Ciphers , 2009, CHES.

[20]  Jason Smith,et al.  The SIMON and SPECK Families of Lightweight Block Ciphers , 2013, IACR Cryptol. ePrint Arch..

[21]  Xiaoyun Wang,et al.  Improved Integral Attacks on SIMON32 and SIMON48 with Dynamic Key-Guessing Techniques , 2018, Secur. Commun. Networks.

[22]  Dongdai Lin,et al.  Applying MILP Method to Searching Integral Distinguishers Based on Division Property for 6 Lightweight Block Ciphers , 2016, ASIACRYPT.

[23]  Lei Hu,et al.  Differential Analysis on Simeck and SIMON with Dynamic Key-Guessing Techniques , 2016, ICISSP.

[24]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[25]  Lei Hu,et al.  Match Box Meet-in-the-Middle Attacks on the SIMON Family of Block Ciphers , 2014, LightSec.

[26]  Jongsung Kim,et al.  HIGHT: A New Block Cipher Suitable for Low-Resource Device , 2006, CHES.

[27]  Dongdai Lin,et al.  Security evaluation on Simeck against zero-correlation linear cryptanalysis , 2017, IET Inf. Secur..

[28]  Yosuke Todo,et al.  Bit-Based Division Property and Application to Simon Family , 2016, FSE.

[29]  Bo Zhu,et al.  The Simeck Family of Lightweight Block Ciphers , 2015, CHES.

[30]  Thomas Peyrin,et al.  The SKINNY Family of Block Ciphers and its Low-Latency Variant MANTIS , 2016, IACR Cryptol. ePrint Arch..

[31]  Vincent Rijmen,et al.  Cryptanalysis of Reduced-Round SIMON32 and SIMON48 , 2014, INDOCRYPT.