A practical comparison between algebraic and statistical attacks on the lightweight cipher SIMON
Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
In the summer of 2013 NSA released a new family of lightweight block ciphers called SIMON. However they did not publish any assessment of the security of SIMON. Since then only a few papers on this topic have been released and none of them have included an algebraic analysis. Moreover only one paper described a practical implementation of the attack. This master thesis aims to implement a practical attack, both algebraic and differential, on SIMON. In doing so we are able to make a comparison between the two different attack methods. The algebraic attack was executed with SAT-solver CryptoMiniSat2 and could break 7 rounds. The differential attack was implemented in three steps. First we created a difference distribution table (DDT) and then we identified a differential by a search algorithm for the DDT. In the last step we designed a key recovery attack to recover the last round key. The attack could break 13 rounds for a 9 round differential. With a simple expansion on the key recovery attack it has the potential to break even more rounds for the same 9 round differential. This indicate that algebraic cryptanalysis might not be such a strong tool since it could only break 7 rounds. Furthermore, if a generic algebraic attack does not work on SIMON it has little or no chance of being successful on a more complex cipher. In other words this algebraic attack may serve as a benchmark for the efficiency of generic algebraic attacks.
Place, publisher, year, edition, pages
UPTEC F, ISSN 1401-5757 ; 15071
IdentifiersURN: urn:nbn:se:uu:diva-271540OAI: oai:DiVA.org:uu-271540DiVA: diva2:892307
Master Programme in Engineering Physics
Nyberg, TomasTjark, Weber