Simon and Speck Block Ciphers
100 points
https://eprint.iacr.org/2013/404.pdf
Simon_96_64, ECB, key=”SECCON{xxxx}”, plain=0x6d564d37426e6e71, cipher=0xbb5d12ba422834b5
This was an opportunity to learn about yet more encryption algorithms. Simon and Speck were developed by NSA and put into public domain. One of the goals behind developing them was to have algorithms that are optimized for performance, both in software and in hardware.
Based on the description the key size is 96 bits (12 bytes) and the block size is 64 bits (8 bytes). The key template given is exactly 12 bytes, so it seems that we only need to find the missing 4-byte sequence - something that should be easily bruteforced, especially given the optimized nature of the algorithm.
Luckily for us a number of implementations exist online, including this one.
Let’s plug it into pwntools
bruteforcing facility:
1
2
3
4
5
6
7
from pwn import *
from simon import SimonCipher
import binascii
s = iters.mbruteforce(lambda x: SimonCipher(int(binascii.hexlify("SECCON{"+x+"}"),16),mode='ECB',key_size=96, block_size=64).encrypt(0x6d564d37426e6e71) == 0xbb5d12ba422834b5, string.printable, 4, 'fixed')
print s
Running the script very quickly gets us the answer:
1
2
3
$ python solve.py
[+] MBruteforcing: Found key: "6Pz0"
6Pz0
The flag is SECCON{6Pz0}
.