Security Analysis of the Lightweight Cryptographic Algorithm Sycon for IoT Devices

With the rapid proliferation of the Internet of Things (IoT), the security of IoT devices has become an increasingly critical concern, particularly in the context of lightweight cryptographic algorithms designed for resource-constrained environments. Lightweight cryptography is indispensable for ensuring the confidentiality and integrity of communications across IoT networks. This article presents a thorough security evaluation of the Sycon algorithm, focusing on its susceptibility to a range of cryptographic attacks. We begin by introducing Meet-in-the-Middle (MitM) preimage and collision attacks on 3-round and 4-round Sycon-Hash. These attacks are the first published analysis results on reduced-round Sycon-Hash. By employing a satisfiability modulo theory-based modeling approach in conjunction with the STP solver, we successfully construct and validate MitM attack paths, thereby providing novel insights into the resilience of Sycon against such threats. In addition, we propose and implement a committing attack on the 2-round Sycon-AEAD-64 using the CMT-3 framework, which uncovers potential vulnerabilities within its authenticated encryption mechanism. Our analysis not only advances the understanding of Sycon’s cryptographic robustness but also offers valuable methodologies for the future assessment of lightweight cryptographic solutions in resource-constrained contexts.