Improved linear (hull) cryptanalysis of round-reduced versions of SIMON.

SIMON family, which are the best results for linear cryptanalysis of SIMON published so far. ... Moreover, by employing a recently published method for automatic enumeration of differential and linear characteristics by Sun et. al., we present an improved linear hull analysis of some versions of the ... With a method for automatic enumeration of the differential and linear characteristic, improved results on the linear (hull) cryptanalysis on SIMON were obtained. ...

doi:10.1007/s11432-015-0007-1 fatcat:dtssyzrw3zam7hw4pabitxwepq

In this paper, we give the improved linear attacks on all reduced versions of Simon with dynamic key-guessing technique, which was proposed to improve the differential attack on Simon recently. ... As far as we know, our attacks on most reduced versions of Simon are the best compared with the previous cryptanalysis results. ... This work was partially supported by the National Natural Science Foundation of China (Grant No. 61133013), also supported by National Key Basic Research Program of China (Grant No. 2013CB834205). ...

doi:10.1007/978-3-662-52993-5_22 fatcat:ycb6lijnejgztae6jldgmso3uu

This paper improves the understanding of linear cryptanalysis by highlighting some previously overlooked aspects. ... All the ideas presented in this paper are followed by examples comparing previous methods to the corrected ones, and verified experimentally with reduced-round versions of Simon32/64. ... Linear hulls and trails through one round of Simon We use the notation (a, b, c, d, e) to describe a linear trail through one round of Simon. ...

doi:10.1007/978-3-319-49890-4_15 fatcat:tkkd665ogvhk3pyoacchclespu

We give improved linear hull attack with dynamic key-guessing techniques on Simeck on the basis of round function's property. ... linear hulls for Simeck. ... This paper analyzes the security of Simeck against improved linear hull cryptanalysis with dynamic key-guessing techniques. ...

doi:10.1007/978-3-319-40367-0_26 fatcat:2ebgqz5ur5bczdevzxeusmizyq

In this paper, we start by presenting a solution for a linear approximation which has a linear hull comprising a number of strong linear characteristics. ... As an application we give more realistic estimates of the success probability of the multidimensional linear attack of Cho on 26 rounds of PRESENT. ... Acknowledgements We wish to thank the anonymous reviewers for useful comments that helped us to improve this paper. ...

doi:10.13154/tosc.v2016.i2.162-191 dblp:journals/tosc/BlondeauN16 fatcat:glsvpbgtpzauhmr7jamhwuvlwe

DOAJ OJS

In this paper, we start by presenting a solution for a linear approximation which has a linear hull comprising a number of strong linear characteristics. ... As an application we give more realistic estimates of the success probability of the multidimensional linear attack of Cho on 26 rounds of PRESENT. ... Acknowledgements We wish to thank the anonymous reviewers for useful comments that helped us to improve this paper. ...

doi:10.46586/tosc.v2016.i2.162-191 fatcat:vggj4heldfg25kcfplunyl7snq

DOAJ OJS

For SPARX variants, an 11-round linear trail and a 10-round linear hull have been found for SPARX-64 and a 10-round linear trail and a 9-round linear hull are obtained for SPARX-128. ... By filtering out the impossible large correlation weights in the first round, the search space of the first round can be substantially reduced. ... For SPARX-64, the 11-round linear trail with a correlation of 2 − 28 and a 10-round linear hull with an ALP of 2 − 40.92 are found. ...

doi:10.1155/2020/4898612 fatcat:aefw3q7gpjayjaibexlj2r2jym

DOAJ

Moreover, the newly-proposed correlation distribution could lead to an interesting potential for improving the effectiveness of differential-linear cryptanalysis. ... To further refine differential-linear cryptanalysis, we investigate the correlation distribution of differential-linear hull over random permutation and derive a concrete and concise correlation distribution ... Acknowledgements This work was supported by National Natural Science Foundation of China (Grant Nos. 61672347, 61772129, 61472250, 61402288). ...

doi:10.1007/s11432-018-9758-4 fatcat:4uf2fmvbybbfdclmd6mcni3kle

Further, linear cryptanalysis requires the guessing of only 16 bits, the size of a single round key of Simon 32/64. ... We also present other example linear cryptanalysis, experimentally verified on 8, 10 and 12 rounds for Simon 32/64. ... cryptanalysis on all versions of SIMON. ...

doi:10.3390/cryptography4010009 fatcat:ldk2auxgpnbwjim7pcx4yjm7cu

DOAJ

From the aspects of linear and differential cryptanalysis, this mapping is equivalent to the core quadratic mapping of SIMON via rearrangement of coordinates and EA -equivalence. ... By the aid of the tools given in this paper, the process of the search for linear and differential characteristics of SIMON and SPECK families of block ciphers could be sped up, and the complexity of linear ... Conflicts of Interest: The author declares no conflict of interest. ...

doi:10.3390/cryptography3010001 fatcat:agx3d67n2vgq3iuufuzzu3mwia

DOAJ

Moreover, we attack 20-round SI-MON32, 20-round SIMON48/72 and 21-round SIMON48/96 based on 11 and 12-round zero-correlation linear hulls of SIMON32 and SIMON48 respectively. ... So far there have been several cryptanalytic results on this cipher by means of differential, linear and impossible differential cryptanalysis. ... Our improvements upon the state-of-the-art cryptanalysis for SIMON are given in Table 1 . Organization. The remainder of this paper is organized as follows. ...

doi:10.1007/978-3-319-13039-2_9 fatcat:ucb4p4km7nccrpeo2da4hf55zm

Finally, we construct related-key rectangle distinguishers for round-reduced versions of Simon with block lengths of 32, 48, and 64, and we suggest a five- or six-round key recovery attack. ... First, we studied how to calculate the probability of an RXD for bitwise AND operation that the round function of Simon is based on unlike Speck is on modular addition. ... Consequently, we attack round-reduced Simon from the i s -th round to the i f � i s + R − 1-th round. e actual round indices of attacked rounds for each version of Simon can be found in Tables 4 and 5 ...

doi:10.1155/2020/5968584 fatcat:fyxvwxqfajgbjhx4clfcdrbiei

DOAJ

Perhaps most prominent amongst these are linear and differential cryptanalysis. ... We apply the algorithm to 17 different ciphers, and present new and improved results on several of these. ... The latter work also gives a method for determining linear correlations of SIMON-like round-functions. ...

doi:10.13154/tosc.v2018.i3.265-289 dblp:journals/tosc/Hall-AndersenV18 fatcat:ir4yznnybvaxblirkrtr6wcxrq

DOAJ OJS

Perhaps most prominent amongst these are linear and differential cryptanalysis. ... We apply the algorithm to 17 different ciphers, and present new and improved results on several of these. ... The latter work also gives a method for determining linear correlations of SIMON-like round-functions. ...

doi:10.46586/tosc.v2018.i3.265-289 fatcat:x46xgpnw7rdqzfn4vahyz5wjyi

DOAJ OJS

Moreover, this also implies the existence of integral distinguishers on the same number of rounds. We have applied our technique on round reduced versions of QARMA, MANTIS, and Skinny. ... It turns out that the tweak can often be used to get zero-correlation linear hulls covering more rounds compared to just searching zero-correlation linear hulls on the data-path of a cipher. ... Application to MANTIS In this section, we apply the attack to a reduced-round version of Mantis 8 , where the number of forward and backward rounds are reduced to 4 and 8, respectively. ...

doi:10.5281/zenodo.2593578 fatcat:rka7qhw4l5b75bnhdfugcixnzi

Open Access

Improved linear (hull) cryptanalysis of round-reduced versions of SIMON

Preserved Fulltext

Improved Linear Hull Attack on Round-Reduced Simon with Dynamic Key-Guessing Techniques [chapter]

Preserved Fulltext

On Linear Hulls and Trails [chapter]

Preserved Fulltext

Linear Hull Attack on Round-Reduced Simeck with Dynamic Key-Guessing Techniques [chapter]

Preserved Fulltext

Improved Parameter Estimates for Correlation and Capacity Deviates in Linear Cryptanalysis

Preserved Fulltext

Improved Parameter Estimates for Correlation and Capacity Deviates in Linear Cryptanalysis

Preserved Fulltext

Automatic Search for the Linear (Hull) Characteristics of ARX Ciphers: Applied to SPECK, SPARX, Chaskey, and CHAM-64

Preserved Fulltext

New insights on linear cryptanalysis

Preserved Fulltext

Linear Cryptanalysis of Reduced-Round Simon Using Super Rounds

Preserved Fulltext

Further Observations on SIMON and SPECK Block Cipher Families

Preserved Fulltext

Cryptanalysis of Reduced-Round SIMON32 and SIMON48 [chapter]

Preserved Fulltext

Rotational-XOR Rectangle Cryptanalysis on Round-Reduced Simon

Preserved Fulltext

Generating Graphs Packed with Paths Estimation of Linear Approximations and Differentials

Preserved Fulltext

Generating Graphs Packed with Paths Estimation of Linear Approximations and Differentials

Preserved Fulltext

Zero-Correlation Attacks on Tweakable Block Ciphers with Linear Tweakey Expansion

Preserved Fulltext