Abstract:
We describe algebraic attacks on the Simon-32/64 and Simon-64/128 ciphers with the number of rounds reduced to 12–14. The feature of the proposed attacks is the special scheme for picking the chosen plaintext blocks that are used to find the secret key. Using this scheme, it is possible to invert the 12-round Simon-32/64 and Simon-64/128 on a usual PC in a short time. The attack on the 13-round Simon-64/128 is apparently the best known. Using the computing cluster, we constructed the inverse backdoor-based runtime estimations for the chosen plaintext attacks on the 13-round Simon-32/64 and 14-round Simon-64/128.
Keywords:Simon family of ciphers, algebraic chosen plaintext attacks, SAT solver, inverse backdoor set.
Fulltext:
PDF file (638 kB)