# Simon and Speck Block Ciphers¶

## Simon Block Cipher¶

### 基本介绍¶

Simon 块加密算法由 NSA 2013 年 6 月公布，主要在硬件实现上进行了优化。

Simon Block Cipher 是平衡的 Feistel cipher 加密，一共有两块，若每块加密的大小为 n bits，那么明文的大小就是 2n bits。此外，一般来说，该加密中所使用的秘钥长度是块长度的整数倍，比如 2n，4n等。常见的 Simon 加密算法有

Constant
$z_{0}$=11111010001001010110000111001101111101000100101011000011100110
$z_{1}$=10001110111110010011000010110101000111011111001001100001011010
$z_{2}$=10101111011100000011010010011000101000010001111110010110110011
$z_{3}$=11011011101011000110010111100000010010001010011100110100001111
$z_{4}$=11010001111001101011011000100000010111000011001010010011101111

### 2017 SECCON Simon and Speck Block Ciphers¶

Simon and Speck Block Ciphers

https://eprint.iacr.org/2013/404.pdf Simon_96_64, ECB, key="SECCON{xxxx}", plain=0x6d564d37426e6e71, cipher=0xbb5d12ba422834b5


from pwn import *
from simon import SIMON

plain = 0x6d564d37426e6e71
cipher = 0xbb5d12ba422834b5

def compare(key):
key = "SECCON{" + key + "}"
key = key.encode('hex')
key = int(key, 16)
my_simon = SIMON(64, 96, key)
test = my_simon.encrypt(plain)
if test == cipher:
return True
else:
return False

def solve():
visible = string.uppercase + string.lowercase + string.digits + string.punctuation + " "
key = pwnlib.util.iters.mbruteforce(compare, visible, 4, method="fixed")
print key

if __name__ == "__main__":
solve()


➜  2017_seccon_simon_and_speck_block_ciphers git:(master) python exp.py
[+] MBruteforcing: Found key: "6Pz0"