SIMECK

From Crypto++ Wiki
Jump to navigation Jump to search

SIMECK is a family of lightweight block ciphers created by Gangqiang Yang, Bo Zhu, Valentin Suder, Mark D. Aagaard, and Guang Gong. The algorithms provide SIMECK-32/64 and SIMECK-64/128. The ciphers are based on SIMON and SPECK and were designed for resource constrained devices and gadgets that participate in the Internet of Things. The paper detailing SIMECK is available at The Simeck Family of Lightweight Block Ciphers. The author's reference implementation is located at SIMECK GitHub.

If your project is using encryption alone to secure your data, encryption alone is usually not enough. Please take a moment to read Authenticated Encryption and understand why you should prefer to use CCM, GCM, or EAX over other modes, such as CBC or CTR.

Sample Programs

There are three sample programs. The first shows SIMECK64 key and block sizes. The second and third use filters in a pipeline). Pipelining is a high level abstraction and it handles buffering input, buffering output and padding for you.

If you are benchmarking then you may want to visit Benchmarks | Sample Program . It shows you how to use StreamTransformation::ProcessString method to process blocks at a time. Calling a cipher's ProcessString or ProcessBlock eventually call a cipher's ProcessAndXorBlock or AdvancedProcessBlocks, and they are the lowest level API you can use.

The first example dumps the minimum, maximum, and default key lengths used by SIMECK64.

using namespace CryptoPP;
int main(int argc, char* argv[])
{   
   std::cout << "key length: " << SIMECK64::DEFAULT_KEYLENGTH << std::endl;
   std::cout << "key length (min): " << SIMECK64::MIN_KEYLENGTH << std::endl;
   std::cout << "key length (max): " << SIMECK64::MAX_KEYLENGTH << std::endl;
   std::cout << "block size: " << SIMECK64::BLOCKSIZE << std::endl;

   return 0;
}

Output from the above snippet produces the following. Notice the default key size is 128 bits or 16 bytes.

key length: 16
key length (min): 16
key length (max): 16
block size: 16

Switching to SIMECK32 produces the following results:

key length: 8
key length (min): 8
key length (max): 8
block size: 8

The following program shows how to operate SIMECK64 in CBC mode using a pipeline. The key is declared on the stack using a SecByteBlock to ensure the sensitive material is zeroized. Similar could be used for both plain text and recovered text.

using namespace CryptoPP;

void Print(const std::string& label, const std::string& val)
{
   std::string encoded;
   StringSource(val, true,
      new HexEncoder(
         new StringSink(encoded)
      ) // HexEncoder
   ); // StringSource

   std::cout << label << ": " << encoded << std::endl;
}

int main(int argc, char* argv[])
{
   SecByteBlock key(SIMECK64::DEFAULT_KEYLENGTH);
   SecByteBlock iv(SIMECK64::BLOCKSIZE);

   AutoSeededRandomPool prng;
   prng.GenerateBlock(key, key.size());
   prng.GenerateBlock(iv, iv.size());

   std::string plain = "CBC Mode Test";
   std::string cipher, encoded, recovered;

   /*********************************\
   \*********************************/

   try
   {
      std::cout << "plain text: " << plain << std::endl;

      CBC_Mode< SIMECK64 >::Encryption e;
      e.SetKeyWithIV(key, key.size(), iv);

      // The StreamTransformationFilter adds padding
      //  as required. ECB and CBC Mode must be padded
      //  to the block size of the cipher.
      StringSource s(plain, true, 
         new StreamTransformationFilter(e,
            new StringSink(cipher)
         ) // StreamTransformationFilter
      ); // StringSource
   }
   catch(const CryptoPP::Exception& e)
   {
      std::cerr << e.what() << std::endl;
      exit(1);
   }

   /*********************************\
   \*********************************/

   Print("key", std::string((const char*)key.begin(), key.size()));
   Print("iv", std::string((const char*)iv.begin(), iv.size()));
   Print("cipher text", cipher);

   /*********************************\
   \*********************************/

   try
   {
      CBC_Mode< SIMECK64 >::Decryption d;
      d.SetKeyWithIV(key, key.size(), iv);

      // The StreamTransformationFilter removes
      //  padding as required.
      StringSource s(cipher, true, 
         new StreamTransformationFilter(d,
            new StringSink(recovered)
         ) // StreamTransformationFilter
      ); // StringSource

      std::cout << "recovered text: " << recovered << std::endl;
   }
   catch(const CryptoPP::Exception& e)
   {
      std::cerr << e.what() << std::endl;
      exit(1);
   }
   return 0;
}

A typical output is shown below. Note that each run will produce different results because the key and initialization vector are randomly generated.

$ ./test.exe
plain text: CBC Mode Test
key: 97CCD676E8E9603B7B23BE816FC1DB57
iv: 08D2730E3A1DFF75
cipher text: 046E83B1459FEF49063C43063FD72154
recovered text: CBC Mode Test

The third program modifies the second program by switching to EAX mode. Authenticity assurances can placed on the cipher text for nearly no programming costs by using an authenticated encryption mode. Below the StreamTransformationFilter was replaced by AuthenticatedEncryptionFilter and AuthenticatedDecryptionFilter.

EAX< SIMECK64 >::Encryption e;
e.SetKeyWithIV(key, key.size(), iv);

StringSource(plain, true, 
    new AuthenticatedEncryptionFilter(e,
        new StringSink(cipher)
    ) // StreamTransformationFilter
); // StringSource

...

EAX< SIMECK64 >::Decryption d;
d.SetKeyWithIV(key, key.size(), iv);

StringSource s(cipher, true, 
    new AuthenticatedDecryptionFilter(d,
        new StringSink(recovered)
    ) // StreamTransformationFilter
); // StringSource

Typical output is as follows. Notice the additional cipher text bytes due to the MAC bytes. See EAX Mode for details.

$ ./test.exe
plain text: EAX Mode Test
key: 6756056C874534C7AC56D1DD8A905B3E
iv: A490E9B8CA4B3618
cipher text: 32CADA7CD1EB8E2726040971CB52D3DA2ECE5D2555
recovered text: EAX Mode Test

Switching to SIMECK32 produces a similar result:

$ ./test.exe
plain text: EAX Mode Test
key: 26A2D73738319E5A
iv: 8A654C82
cipher text: 3E477FDE2B86B58739547CC0A01FF569D9
recovered text: EAX Mode Test

To manually insert bytes into the filter, perform multiple Puts. Though Get is used below, a StringSink could easily be attached and save the administrivia.

const size_t SIZE = 16 * 4;
string plain(SIZE, 0x00);

for(size_t i = 0; i < plain.size(); i++)
    plain[i] = 'A' + (i%26);
...

CBC_Mode < SIMECK64 >::Encryption encryption(key, sizeof(key), iv);
StreamTransformationFilter encryptor(encryption, NULL);

for(size_t j = 0; j < plain.size(); j++)
    encryptor.Put((byte)plain[j]);

encryptor.MessageEnd();
size_t ready = encryptor.MaxRetrievable();

string cipher(ready, 0x00);
encryptor.Get((byte*) &cipher[0], cipher.size());

Downloads

No downloads.