Internal Symmetries and Linear Properties: Full-permutation Distinguishers and Improved Collisions on Gimli

$$\mathsf {Gimli}$$ is a family of cryptographic primitives (both hash function and an AEAD scheme) that has been selected for the second round NIST competition standardizing new lightweight designs. The candidate based on permutation , which was presented at CHES 2017. In this paper, we study security both constructions are it. We exploit slow diffusion in its internal symmetries to build, first time, distinguisher full complexity $$2^{64}$$ . also provide practical 23 out 24 rounds implemented. Next, give (full state) collision semi-free start attacks -Hash, reaching, respectively, up 12 18 rounds. On side, compute 8-round -Hash. quantum setting, these reach 2 more Finally, perform linear trails find permutation.