Internet Archive Scholar

Linear Cryptanalysis of Reduced-Round Simon Using Super Rounds

Reham Almukhlifi, Poorvi L. Vora
2020 Cryptography  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (2.7 MB)
https://web.archive.org/web/20200320013959/https://res.mdpi.com/d_attachment/cryptography/cryptography-04-00009/article_deploy/cryptography-04-00009.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL. The file type is application/pdf.

We present attacks on 21-rounds of Simon 32/64, 21-rounds of Simon 48/96, 25-rounds of Simon 64/128, 35-rounds of Simon 96/144 and 43-rounds of Simon 128/256, often with direct recovery of the full master key without repeating the attack over multiple rounds. These attacks result from the observation that, after four rounds of encryption, one bit of the left half of the state of 32/64 Simon depends on only 17 key bits (19 key bits for the other variants of Simon). Further, linear cryptanalysis
more » ... equires the guessing of only 16 bits, the size of a single round key of Simon 32/64. We partition the key into smaller strings by focusing on one bit of state at a time, decreasing the cost of the exhaustive search of linear cryptanalysis to 16 bits at a time for Simon 32/64. We also present other example linear cryptanalysis, experimentally verified on 8, 10 and 12 rounds for Simon 32/64.
doi:10.3390/cryptography4010009 fatcat:ldk2auxgpnbwjim7pcx4yjm7cu
DOAJ
Citation

Reham Almukhlifi, Poorvi L. Vora. "Linear Cryptanalysis of Reduced-Round Simon Using Super Rounds." Cryptography 4.1 (2020)