{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,16]],"date-time":"2026-01-16T18:51:39Z","timestamp":1768589499219,"version":"3.49.0"},"reference-count":24,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2018,12,20]],"date-time":"2018-12-20T00:00:00Z","timestamp":1545264000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"SIMON and SPECK families of block ciphers are well-known lightweight ciphers designed by the NSA. In this note, based on the previous investigations on SIMON, a closed formula for the squared correlations and differential probabilities of the mapping \u03d5 ( x ) = x \u2299 S 1 ( x ) on F 2 n is given. From the aspects of linear and differential cryptanalysis, this mapping is equivalent to the core quadratic mapping of SIMON via rearrangement of coordinates and EA -equivalence. Based on the proposed explicit formula, a full description of DDT and LAT of \u03d5 is provided. In the case of SPECK, as the only nonlinear operation in this family of ciphers is addition mod 2 n , after reformulating the formula for linear and differential probabilities of addition mod 2 n , straightforward algorithms for finding the output masks with maximum squared correlation, given the input masks, as well as the output differences with maximum differential probability, given the input differences, are presented. By the aid of the tools given in this paper, the process of the search for linear and differential characteristics of SIMON and SPECK families of block ciphers could be sped up, and the complexity of linear and differential attacks against these ciphers could be reduced.<\/jats:p>","DOI":"10.3390\/cryptography3010001","type":"journal-article","created":{"date-parts":[[2018,12,20]],"date-time":"2018-12-20T12:54:36Z","timestamp":1545310476000},"page":"1","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Further Observations on SIMON and SPECK Block Cipher Families"],"prefix":"10.3390","volume":"3","author":[{"given":"Seyed Mojtaba","family":"Dehnavi","sequence":"first","affiliation":[{"name":"Faculty of Mathematical and Computer Sciences, Kharazmi University, Tehran 19678, Iran"}]}],"member":"1968","published-online":{"date-parts":[[2018,12,20]]},"reference":[{"key":"ref_1","first-page":"404","article-title":"The SIMON and SPECK Families of Lightweight Block Ciphers","volume":"2013","author":"Beaulieu","year":"2013","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Alizadeh, J., AlKhzaimi, H., Aref, M.R., Bagheri, N., Gauravaram, P., Kumar, A., Lauridsen, M.M., and Sanadhya, S.K. (2013, January 9\u201311). Cryptanalysis of SIMON Variants with Connections. Proceedings of the International Workshop on Radio Frequency Identification: Security and Privacy Issues, Graz, Austria.","DOI":"10.1007\/978-3-319-13066-8_6"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Abed, F., List, E., Lucks, S., and Wenzel, J. (2014, January 3\u20135). Differential Cryptanalysis of Round-Reduced Simon and Speck. Proceedings of the International Conference on Fast Software Encryption, London, UK.","DOI":"10.1007\/978-3-662-46706-0_27"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Biryukov, A., Roy, A., and Velichkov, V. (2014, January 3\u20135). Differential Analysis of Block Ciphers SIMON and SPECK. Proceedings of the International Conference on Fast Software Encryption, London, UK.","DOI":"10.1007\/978-3-662-46706-0_28"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Dinur, I. (2014, January 14\u201315). Improved Differential Cryptanalysis of Round-Reduced Speck. Proceedings of the International Workshop on Selected Areas in Cryptography, Montreal, QC, Canada.","DOI":"10.1007\/978-3-319-13051-4_9"},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Abdelraheem, M.A., Alizadeh, J., AlKhzaimi, H.A., Aref, M.R., Bagheri, N., and Gauravaram, P. (2015, January 6\u20139). Improved Linear Cryptanalysis of Reduced-Round SIMON-32 and SIMON-48. Proceedings of the International Conference in Cryptology in India, Bangalore, India.","DOI":"10.1007\/978-3-319-26617-6_9"},{"key":"ref_7","first-page":"122","article-title":"Constructing Mixed-integer Programming Models whose Feasible Region is Exactly the Set of All Valid Differential Characteristics of SIMON","volume":"2015","author":"Sun","year":"2015","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_8","first-page":"481","article-title":"Advanced Differential Cryptanalysis of Reduced-Round SIMON64\/128 Using Large-Round Statistical Distinguishers","volume":"2015","author":"Mourouzis","year":"2015","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Chen, H., and Wang, X. (2016, January 20\u201323). Improved Linear Hull Attack on Round-Reduced Simon with Dynamic Key-Guessing Techniques. Proceedings of the International Conference on Fast Software Encryption, Bochum, Germany.","DOI":"10.1007\/978-3-662-52993-5_22"},{"key":"ref_10","first-page":"88","article-title":"On Linear Hulls and Trails in Simon","volume":"2016","author":"Ashur","year":"2016","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"259","DOI":"10.1016\/j.ipl.2015.11.005","article-title":"Linear cryptanalysis of reduced-round SPECK","volume":"116","author":"Liu","year":"2016","journal-title":"Inf. Process. Lett."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s11432-015-0007-1","article-title":"Improved linear (hull) cryptanalysis of round-reduced versions of SIMON","volume":"60","author":"Shi","year":"2017","journal-title":"Sci. China Inf. Sci."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1007\/s11432-017-9231-5","article-title":"Differential attacks on reduced SIMON versions with dynamic key-guessing techniques","volume":"61","author":"Wang","year":"2018","journal-title":"Sci. China Inf. Sci."},{"key":"ref_14","first-page":"899","article-title":"Differential cryptanalysis in ARX ciphers, Application to SPECK","volume":"2018","author":"Dwivedi","year":"2018","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_15","first-page":"145","article-title":"Observations on the SIMON block cipher family","volume":"2015","author":"Leander","year":"2015","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"K\u00f6lbl, S., Leander, G., and Tiessen, T. (2015, January 16\u201320). Observations on the SIMON block cipher family. Proceedings of the Annual Cryptology Conference, Santa Barbara, CA, USA.","DOI":"10.1007\/978-3-662-47989-6_8"},{"key":"ref_17","unstructured":"Beierle, C. (September, January 31). Pen and Paper Arguments for SIMON and SIMON-like Designs. Proceedings of the International Conference on Security and Cryptography for Networks, Amalfi, Italy."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"57","DOI":"10.46586\/tosc.v2016.i1.57-70","article-title":"On Rotational Cryptanalysis in the Presence of Constants","volume":"2016","author":"Ashur","year":"2016","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"358","DOI":"10.46586\/tosc.v2017.i1.358-379","article-title":"Optimal Differential Trails in SIMON-like Ciphers","volume":"2017","author":"Liu","year":"2017","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"ref_20","first-page":"576","article-title":"The Security of SIMON-like Ciphers Against Linear Cryptanalysis","volume":"2017","author":"Liu","year":"2017","journal-title":"IACR Cryptol. ePrint Arch."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Wall\u00e9n, J. (2003, January 24\u201326). Linear Approximations of Addition Modulo 2n. Proceedings of the International Conference on Fast Software Encryption, Lund, Sweden.","DOI":"10.1007\/978-3-540-39887-5_20"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Nyberg, K., and Wall\u00e9n, J. (2006, January 15\u201317). Improved Linear Distinguishers for SNOW 2. Proceedings of the International Conference on Fast Software Encryption, Graz, Austria.","DOI":"10.1007\/11799313_10"},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"111","DOI":"10.1007\/s10623-012-9668-4","article-title":"On CCZ-equivalence of addition mod 2n","volume":"66","year":"2013","journal-title":"Des. Codes Cryptogr."},{"key":"ref_24","first-page":"26","article-title":"A More Explicit Formula for Linear Probabilities of Modular Addition Modulo a Power of Two","volume":"2015","author":"Dehnavi","year":"2015","journal-title":"IACR Cryptol. ePrint Arch."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/1\/1\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:35:08Z","timestamp":1760196908000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/1\/1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,12,20]]},"references-count":24,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2019,3]]}},"alternative-id":["cryptography3010001"],"URL":"https:\/\/doi.org\/10.3390\/cryptography3010001","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,12,20]]}}}