Talk:Simon (cipher)

This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Cryptography: Computer science Mid‑importance This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.CryptographyWikipedia:WikiProject CryptographyTemplate:WikiProject CryptographyCryptography articles Mid This article has been rated as Mid-importance on the importance scale. This article is supported by WikiProject Computer science (assessed as Mid-importance). Internet Mid‑importance This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles Mid This article has been rated as Mid-importance on the project's importance scale. Computing: Software Low‑importance This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.ComputingWikipedia:WikiProject ComputingTemplate:WikiProject ComputingComputing articles Low This article has been rated as Low-importance on the project's importance scale. This article is supported by WikiProject Software (assessed as Low-importance). This article is supported by Computer hardware task force (assessed as Low-importance). This article is supported by WikiProject Computer Security (assessed as High-importance). Things you can help WikiProject Computer Security with: edit history watch purge Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

I'm waiting for more secondary sources to pick up the story before expanding this article. The citation is from the blog of a recognized expert in the field. LargeBlockCipher (talk) 18:40, 17 July 2013 (UTC)[reply]

The ISO rejection for standardization should be included; however, I found the notes from the meeting to not be compelling as many of the questions were address in the NIST 8114 presentations by the SIMON team and for this reason one obscure link does not warrant reference. The ISO discussion are public and would be a better source. The details of the rejection should be included as well. Degs (talk) 20:39, 11 June 2018 (UTC)[reply]

Lede should mention ISO rejection. The claim that those cryptographers are merely a bunch of paranoids is outrageous. The fact that they are highly suspicious with respect to the algorithm is very relevant information; optics do obviously matter a lot for cryptographic algorithms and this one simply raises too many red flags. The NSA rejected to disclaim that it has any non-public knowledge about weaknesses in the algorithm. SHA1 was a NSA algorithm, too, and it turned out to be completely flawed. By hiding the ISO rejection in a section near the end of the article this highly controversial algorithm is being whitewashed. NIST 8114's "Lightweight cryptography" -- I suppose that's the new name for what until recently they called "responsible encryption"? Just give it a new name and a positive purpose -- it saves battery on your mobile device? --rtc (talk) 20:42, 11 June 2018 (UTC)[reply]

The reason for the ISO rejection should be mentioned, as well as the sources. There's a great quantity of work at IACR regarding SIMON, and there's not obvious holes; however, I understand the distrust of the NSA. The cipher is very easy to analyze, and my primary issue was the sources when original sources can be referenced. The ISO rejection should include better citation. The lack of disclosure of U,V,W logic is important; however, those were discussed at NIST8114 so I'm unsure why they were an issue for the ISO. Degs (talk) 23:43, 11 June 2018 (UTC)[reply]

They were an issue for ISO because ISO people were not familiar with the discussion at NIST 8114. I skimmed it now and couldn't find the part you're talking about. Can you please point me to the relevant page? When formally asked about it as part of the ISO process, the NSA's response was something to the effect of "this is not the place and time to discuss this" and they refused to provide further details.

Anyway, the real discussion in ISO was about the number of rounds, about which they consistently refused to provide information (see e.g., Notes on 'Notes on the design and analysis of SIMON and SPECK' and an Analysis of it). Atul Luykx and I were requested to write a book chapter about the standardization of Simon & Speck in ISO and we're currently working on it. I don't know the expected publication date for this book but I think it might be out as early as September 2018. Tomer A. 11:14, 7 July 2018 (UTC)[reply]

Took longer than I expected but in case someone wants to add something about it this article or to Speck the book chapter is finally out: [1] Tomer A. 08:33, 17 February 2021 (UTC)[reply]