×

Security analysis of SIMECK block cipher against related-key impossible differential. (English) Zbl 1473.94126

Summary: SIMECK is a family of lightweight block ciphers that relies on Feistel structure. Being proposed at CHES in 2015, the round function of SIMECK is slightly modified from SIMON. A cipher in this family with \(K\)-bit key and \(n\)-bit block is called SIMECK\(n/K\), for \(n/K\in \{32/64,48/96,64/128\}\). SIMECK has already received a number of third-party analyses. However, the security level on SIMECK against the related-key impossible differential has never been evaluated. In this paper, we consider related-key impossible differential distinguishers for the variants of SIMECK. We first propose some distinguishers on SIMECK using the miss-in-the-middle approach. More specifically, 15/16/19-round related-key impossible differential distinguishers on SIMECK32/48/64 are presented first while the best previously known results were 11/15/17-round on SIMECK32/48/64 in the single-key setting. Afterwards, thanks to MILP approach, we automatically prove that these characteristics are the best related-key impossible differentials of SIMECK when we limit the input and output differences to 1 active bit.

MSC:

94A60 Cryptography

Software:

SPECK; SIMON; SIMECK; SKINNY
PDF BibTeX XML Cite
Full Text: DOI

References:

[1] Matsui, M., Linear cryptanalysis method for des cipher, (Workshop on the Theory and Application of Cryptographic Techniques, (1993), Springer), 386-397 · Zbl 0951.94519
[2] Biham, E.; Shamir, A., Differential cryptanalysis of des-like cryptosystems, J. Cryptol., 4, 1, 3-72, (1991) · Zbl 0729.68017
[3] Bogdanov, A.; Rijmen, V., Linear hulls with correlation zero and linear cryptanalysis of block ciphers, Des. Codes Cryptogr., 70, 3, 369-383, (2014) · Zbl 1323.94103
[4] Biham, E.; Biryukov, A.; Shamir, A., Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials, (International Conference on the Theory and Applications of Cryptographic Techniques, (1999), Springer), 12-23 · Zbl 0927.94013
[5] Yang, G.; Zhu, B.; Suder, V.; Aagaard, M. D.; Gong, G., The simeck family of lightweight block ciphers, (International Workshop on Cryptographic Hardware and Embedded Systems, (2015), Springer), 307-329 · Zbl 1380.94132
[6] Beaulieu, R.; Shors, D.; Smith, J.; Treatman-Clark, S.; Weeks, B.; Wingers, L., The simon and speck lightweight block ciphers, (Proceedings of the 52nd Annual Design Automation Conference, (2015), ACM), 175
[7] Bagheri, N., Linear cryptanalysis of reduced-round simeck variants, (International Conference in Cryptology in India, (2015), Springer), 140-152 · Zbl 1377.94031
[8] Kölbl, S.; Roy, A., A Brief Comparison of Simon and Simeck, (2015), Tech. rep., Cryptology ePrint Archive, Report 2015/706
[9] Zhang, K.; Guan, J.; Hu, B.; Lin, D., Security Evaluation on Simeck Against Zero Correlation Linear Cryptanalysis, (2015), Tech. rep., Cryptology ePrint Archive, Report 2015/911
[10] Qiao, K.; Hu, L.; Sun, S., Differential Security Evaluation of Simeck with Dynamic Key-Guessing Techniques, (2015), Tech. rep., Cryptology ePrint Archive, Report 2015/902
[11] Qin, L.; Chen, H.; Wang, X., Linear Hull Attack on Round-Reduced Simeck with Dynamic Key-Guessing Techniques, (2016), Tech. rep., Cryptology ePrint Archive, Report 2016/066 · Zbl 1346.94121
[12] Nalla, V.; Sahu, R. A.; Saraswat, V., Differential fault attack on simeck, (Proceedings of the Third Workshop on Cryptography and Security in Computing Systems, (2016), ACM), 45-48
[13] Zhang, K.; Guan, J.; Hu, B.; Lin, D., Integral cryptanalysis on simeck, (2016 Sixth International Conference on Information Science and Technology. 2016 Sixth International Conference on Information Science and Technology, ICIST, (2016), IEEE), 216-222
[14] S. Sadeghi, N. Bagheri, Improved zero-correlation and impossible differential cryptanalysis of reduced-round simeck block cipher, IET Information Security.
[15] Mouha, N.; Wang, Q.; Gu, D.; Preneel, B., Differential and linear cryptanalysis using mixed-integer linear programming, (International Conference on Information Security and Cryptology, (2011), Springer), 57-76 · Zbl 1292.94118
[16] Sun, S.; Hu, L.; Wang, M.; Wang, P.; Qiao, K.; Ma, X.; Shi, D.; Song, L.; Fu, K., Towards Finding the Best Characteristics of Some Bit-Oriented Block Ciphers and Automatic Enumeration of (Related-Key) Differential and Linear Characteristics with Predefined Properties, (2014), Tech. rep., Cryptology ePrint Archive, Report 2014/747
[17] Sun, S.; Hu, L.; Wang, P.; Qiao, K.; Ma, X.; Song, L., Automatic security evaluation and (related-key) differential characteristic search: application to simon, present, lblock, des (l) and other bit-oriented block ciphers, (International Conference on the Theory and Application of Cryptology and Information Security, (2014), Springer), 158-178 · Zbl 1306.94093
[18] Fu, K.; Wang, M.; Guo, Y.; Sun, S.; Hu, L., Milp-based automatic search algorithms for differential and linear trails for speck, (International Conference on Fast Software Encryption, (2016), Springer), 268-288 · Zbl 1387.94081
[19] Xiang, Z.; Zhang, W.; Bao, Z.; Lin, D., Applying milp method to searching integral distinguishers based on division property for 6 lightweight block ciphers, (Advances in Cryptology-ASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security. Advances in Cryptology-ASIACRYPT 2016: 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I 22, (2016), Springer), 648-678 · Zbl 1404.94120
[20] Abdelraheem, M. A.; Alizadeh, J.; Alkhzaimi, H. A.; Aref, M. R.; Bagheri, N.; Gauravaram, P., Improved linear cryptanalysis of reduced-round simon-32 and simon-48, (International Conference in Cryptology in India, (2015), Springer), 153-179 · Zbl 1377.94024
[21] S. Sadeghi, N. Bagheri, M.A. Abdelraheem, Cryptanalysis of reduced qtl block cipher, Microprocessors and Microsystems.
[22] Beierle, C.; Jean, J.; Kölbl, S.; Leander, G.; Moradi, A.; Peyrin, T.; Sasaki, Y.; Sasdrich, P.; Sim, S. M., The skinny family of block ciphers and its low-latency variant mantis, (Annual Cryptology Conference, (2016), Springer), 123-153 · Zbl 1372.94412
[23] Cui, T.; Jia, K.; Fu, K.; Chen, S.; Wang, M., New Automatic Search Tool for Impossible Differentials and Zero-Correlation Linear Approximations, (2016), Tech. rep., Cryptology ePrint Archive, Report 2016/689
[24] Sadeghi, S.; Mohammadi, T.; Bagheri, N., Cryptanalysis of Reduced Round Skinny Block Cipher, 1120, (2016), IACR Cryptology ePrint Archive 2016
[25] Sasaki, Y.; Todo, Y., New impossible differential search tool from design and cryptanalysis aspects, (Annual International Conference on the Theory and Applications of Cryptographic Techniques, (2017), Springer), 185-215 · Zbl 1394.94941
[26] AlTawy, R.; Rohit, R.; He, M.; Mandal, K.; Yang, G.; Gong, G., sliscp: Simeck-Based Permutations for Lightweight Sponge Cryptographic Primitives, (2017), Cryptology ePrint Archive, Report 2017/747 · Zbl 1384.94023
[27] Knudsen, L., DEAL-a 128-bit block cipher, Complexity, 258, 2, 216, (1998)
[28] Biham, E.; Biryukov, A.; Shamir, A., Miss in the middle attacks on idea and khufu, (FSE, vol. 1636, (1999), Springer), 124-138 · Zbl 0942.94010
[29] Knudsen, L. R., Cryptanalysis of loki 91, (International Workshop on the Theory and Application of Cryptographic Techniques, (1992), Springer), 196-208 · Zbl 0868.94037
[30] Biham, E., New types of cryptanalytic attacks using related keys, J. Cryptol., 7, 4, 229-246, (1994) · Zbl 0812.94012
[31] Jakimoski, G.; Desmedt, Y., Related-key differential cryptanalysis of 192-bit key aes variants, (International Workshop on Selected Areas in Cryptography, (2003), Springer), 208-221 · Zbl 1081.94527
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.