Simon is a lightweight block cipher family proposed by NSA in 2013. It has drawn many cryptanalysts’ attention and varieties of cryptanalysis results have been published, including differential, linear, impossible differential, integral cryptanalysis and so on. In this paper, we give the improved linear attacks on all reduced versions of Simon with dynamic key-guessing technique, which was prop...

SPARX-64/128 is an ARX-based block cipher with 64-bit block size and 128-bit key. It was published in Asiacrypt 2016 as one of the instantiations of a family of ARX-based block ciphers with provable security against single-characteristic differential and linear cryptanalysis. In this work, we present 12 and 13-round impossible distinguishers on SPARX-64/128 that can be used to attack 15 and 16-...

In this paper we present a new statistical cryptanalytic technique that we call improbable differential cryptanalysis which uses a differential that is less probable when the correct key is used. We provide data complexity estimates for this kind of attacks and we also show a method to expand impossible differentials to improbable differentials. By using this expansion method, we cryptanalyze 1...

Impossible differential and zero correlation linear cryptanalysis are two of the most important cryptanalytic vectors. To characterize the impossible differentials and zero correlation linear hulls which are independent of the choices of the non-linear components, Sun et al. proposed the structure deduced by a block cipher at CRYPTO 2015. Based on that, we concentrate in this paper on the secur...

In this paper, we study GF-NLFSR, a Generalized Unbalanced Feistel Network (GUFN) which can be considered as an extension of the outer function FO of the KASUMI block cipher. We show that the differential and linear probabilities of any n + 1 rounds of an n-cell GF-NLFSR are both bounded by p, where the corresponding probability of the round function is p. Besides analyzing security against dif...

In the SPN (Substitution-Permutation Network) structure, it is very important to design a diffusion layer to construct a secure block cipher against differential cryptanalysis and linear cryptanalysis. The purpose of this work is to prove that the SPN structure with a maximal diffusion layer provides a provable security against differential cryptanalysis and linear cryptanalysis in the sense th...

This paper describes an effort to attack S-DES using differential cryptanalysis and linear cryptanalysis. S-DES is a reduced version of the Data Encryption Standard (DES). It also includes a discussion on the subject of cryptology and a literature survey of useful papers regarding cryptography and cryptanalysis. This paper is meant as a tutorial on the fundamentals of differential cryptanalysis...

The contributions of this paper are new 6-round impossibledifferential (ID) and 9.75-round known-key distinguishers for the 3D block cipher. The former was constructed using the miss-in-the-middle technique, while the latter with an inside-out technique. These are the largest ID and known-key distinguishers obtained for the 3D cipher so far, based on the fact that complete diffusion is achieved...

Khudra is a 18-round lightweight block cipher proposed by Souvik Kolay and Debdeep Mukhopadhyay in the SPACE 2014 conference which is applicable to Field Programmable Gate Arrays (FPGAs). In this paper, we obtain 2 14-round related-key impossible differentials of Khudra, and based on these related-key impossible differentials for 32 related keys, we launch an attack on the full Khudra with data...