scispace - formally typeset
Search or ask a question
Posted Content

The SIMON and SPECK Families of Lightweight Block Ciphers.

About: This article is published in IACR Cryptology ePrint Archive.The article was published on 2013-01-01 and is currently open access. It has received 527 citations till now.
Citations
More filters
Proceedings ArticleDOI
22 May 2016
TL;DR: In this article, the authors present Hawk, a decentralized smart contract system that does not store financial transactions in the clear on the blockchain, thus retaining transactional privacy from the public's view.
Abstract: Emerging smart contract systems over decentralized cryptocurrencies allow mutually distrustful parties to transact safely without trusted third parties. In the event of contractual breaches or aborts, the decentralized blockchain ensures that honest parties obtain commensurate compensation. Existing systems, however, lack transactional privacy. All transactions, including flow of money between pseudonyms and amount transacted, are exposed on the blockchain. We present Hawk, a decentralized smart contract system that does not store financial transactions in the clear on the blockchain, thus retaining transactional privacy from the public's view. A Hawk programmer can write a private smart contract in an intuitive manner without having to implement cryptography, and our compiler automatically generates an efficient cryptographic protocol where contractual parties interact with the blockchain, using cryptographic primitives such as zero-knowledge proofs. To formally define and reason about the security of our protocols, we are the first to formalize the blockchain model of cryptography. The formal modeling is of independent interest. We advocate the community to adopt such a formal model when designing applications atop decentralized blockchains.

1,523 citations

Proceedings ArticleDOI
07 Jun 2015
TL;DR: Simplicity, security, and flexibility are ever-present yet conflicting goals in cryptographic design and these goals were balanced in the design of Simon and Speck.
Abstract: The Simon and Speck families of block ciphers were designed specifically to offer security on constrained devices, where simplicity of design is crucial. However, the intended use cases are diverse and demand flexibility in implementation. Simplicity, security, and flexibility are ever-present yet conflicting goals in cryptographic design. This paper outlines how these goals were balanced in the design of Simon and Speck.

504 citations


Cites background or methods from "The SIMON and SPECK Families of Lig..."

  • ...Simon and Speck were proposed publicly in June 2013 [10] by a group of researchers in the US National Security Agency’s Research Directorate....

    [...]

  • ...We briefly describe the Simon and Speck algorithms here, but refer the reader to [10] for complete details....

    [...]

  • ...A full description can be found in [10]....

    [...]

  • ...The Simon key schedules employ round constants to eliminate slide properties; we omit discussion of the constants here (see [10] for details)....

    [...]

Book ChapterDOI
Siwei Sun1, Lei Hu1, Peng Wang1, Kexin Qiao1, Xiaoshuang Ma1, Ling Song1 
07 Dec 2014
TL;DR: An automatic method for evaluating the security of bit-oriented block ciphers against the (related-key) differential attack with several techniques for obtaining tighter security bounds, and a new tool for finding ( related-keys) differential characteristics automatically for bit- oriented block c iphers are proposed.
Abstract: We propose two systematic methods to describe the differential property of an S-box with linear inequalities based on logical condition modelling and computational geometry respectively. In one method, inequalities are generated according to some conditional differential properties of the S-box; in the other method, inequalities are extracted from the H-representation of the convex hull of all possible differential patterns of the S-box. For the second method, we develop a greedy algorithm for selecting a given number of inequalities from the convex hull. Using these inequalities combined with Mixed-integer Linear Programming (MILP) technique, we propose an automatic method for evaluating the security of bit-oriented block ciphers against the (related-key) differential attack with several techniques for obtaining tighter security bounds, and a new tool for finding (related-key) differential characteristics automatically for bit-oriented block ciphers.

278 citations


Cites methods from "The SIMON and SPECK Families of Lig..."

  • ...Firstly, this methodology is only suitable to evaluate the security of constructions with S-boxes, XOR operations and bit permutations, and can not be applied to block cipher like SPECK [5], which involve modulo addition and no S-boxes at all....

    [...]

Journal ArticleDOI
TL;DR: This survey paper addresses a broad range of security and privacy aspects in IoT-based positioning and localization from both technical and legal points of view and aims to give insight and recommendations for future IoT systems providing more robust, secure, and privacy-preserving location-based services.
Abstract: Internet of Things (IoT) connects sensing devices to the Internet for the purpose of exchanging information. Location information is one of the most crucial pieces of information required to achieve intelligent and context-aware IoT systems. Recently, positioning and localization functions have been realized in a large amount of IoT systems. However, security and privacy threats related to positioning in IoT have not been sufficiently addressed so far. In this paper, we survey solutions for improving the robustness, security, and privacy of location-based services in IoT systems. First, we provide an in-depth evaluation of the threats and solutions related to both global navigation satellite system (GNSS) and non-GNSS-based solutions. Second, we describe certain cryptographic solutions for security and privacy of positioning and location-based services in IoT. Finally, we discuss the state-of-the-art of policy regulations regarding security of positioning solutions and legal instruments to location data privacy in detail. This survey paper addresses a broad range of security and privacy aspects in IoT-based positioning and localization from both technical and legal points of view and aims to give insight and recommendations for future IoT systems providing more robust, secure, and privacy-preserving location-based services.

262 citations


Additional excerpts

  • ..., PRESENT [150], KTAN/KTANTAN [151], SIMON/SPECK [152], etc....

    [...]

  • ...In secret-key cryptography, this includes introduction of several lightweight stream ciphers (e.g., Trivium [148], Grain [149], etc.) and block ciphers (e.g., PRESENT [150], KTAN/KTANTAN [151], SIMON/SPECK [152], etc.) together with lightweight implementations of various secretkey primitives (e.g., [153]–[156])....

    [...]

Posted Content
TL;DR: The U.S. National Security Agency developed the Simon and Speck families of lightweight block ciphers as an aid for securing applications in very constrained environments where AES may not be suitable.
Abstract: The U.S. National Security Agency (NSA) developed the Simon and Speck families of lightweight block ciphers as an aid for securing applications in very constrained environments where AES may not be suitable. This paper summarizes the algorithms, their design rationale, along with current cryptanalysis and implementation results.

259 citations


Cites background or methods from "The SIMON and SPECK Families of Lig..."

  • ...However, we would argue that the way to design e cient cryptography, particularly cryptography for constrained platforms, is to forgo them in favor of very simple components, iterating an appropriate number of times to obtain a secure algorithm....

    [...]

  • ...Table 7 shows a sample of higher-throughput implementations on the same 130 nmASIC process used to generate the Simon and Speck data in Table 3....

    [...]

  • ...To facilitate these sorts of interactions, and in particular to support e cient communication with large numbers of constrained devices, lightweight algorithms will need to perform well on both lightweight and “heavyweight” platforms....

    [...]

  • ...Both algorithms employ 8-bit rotations, and the other rotations used are as close to multiples of 8 as we could make them, without sacri cing security....

    [...]