Lightweight Block Cipher SIMON And SIMECK Security Analysis

Lightweight block cipher having the merits of fewer resources and high efficiency is one of the most important branches of block cipher,which is widely used in RFID and other resource constrained hardware devices.Therefore,the security analysis of lightweight block ciphers has become a hotspot in current cryptology.With the presentation of differential cryptanalysis and linear cryptanalysis,cryptographers have proposed more effective cryptanalytic methods such as truncated differential cryptanalysis,higher order differential cryptanalysis,impossible differential cryptanalysis,multiple linear cryptanalysis,non-linear cryptanalysis,multidimensional linear cryptanalysis,differential-linear cryptanalysis,and so on.Such work has dramatically pushed forward lightweight block cipher,resulting in considerable improvement of the design theory of cipher and finally facilitating the development of information security greatly.The main work is as follows:Firstly,we work on linear cryptanalysis for the Simon32.A lot of literatures about the linear analysis of the algorithm have been presented.But there is no analysis about the successful probability of the linear path.In this paper,we calculate the successful probability of the linear path of the 3 rounds,7 rounds and 10 rounds in detail for the Simon32,which provides the reference for the method and data for the further research.Secondly,differential-linear cryptanalysis is studied in Simon32.We propose 15-round differential-linear trail to attack on 17-round,18-round and 19-round of Simon32 respectively.It is to need to guess 6 round-key bits,19 round-key bits and 35 round-key bits respectively.In contrast,the attacking on 18-round Simon32 by linear cryptanalysis needs to guess 32 round-key bits.It also verifies that Simon32 algorithm with the differential-linear cryptanalysis has superior performance.Finally,we work on impossible differential cryptanalysis for the Simeck32.We search for the 11-round impossible differential path of Simeck32 using the meet-in-the-middle technology.We utilize the 11-round impossible differential path to attack on 19-round Simeck32 by adding 4 rounds on the top and 4 rounds at the bottom.The result of analysis only needs to guess 29 round key bits.However,the attacking on 20-round Simeck32 by zero-correlation linear cryptanalysis needs to guess 52 round-key bits.It also verifies that the impossible differential cryptanalysis has superior performance over zero correlation linear cryptanalysis for Simeck32 algorithm.In addition,we search for all the 11-round impossible differential path of Simon32 using the meet-in-the-middle technology.The methods on the deciphering of encryption algorithms have divided into theoretical deciphering and practical deciphering.The former refers to reducing the computational complexity to the complexity claimed by cryptographic designers.The latter means that the computational complexity is reduced to computing power of the present computer.The theoretical deciphering has a strong dependence on the high performance computers.After we master the basic methods of cryptanalysis,the next step is to put into practical deciphering on the new cryptographic algorithms.