Why is PRESENT 31 rounds?

Question

I tried a number of different inputs and keys and checked their respective hamming distances after each round. It seems PRESENT has an ideal or near ideal hamming distance (31 to 33) after only a few rounds. Indeed, some of the later rounds have worse hamming distances, e.g. 38 to 41. So why is it necessary to have so many rounds?

Answer 1

I think that the reason for 31 rounds is in their paper, Section 5.1. Bogdanov et al. have approximated a small $2^{−43}$ bias that occurs after 28 rounds of linear analysis. Therefore they added another 3 rounds to arrive at a slightly unusual odd number of rounds.

This is how ciphers are designed. There are no specific rules passed down through the generations on how many rounds a cipher should have. We do know that more rounds improves resistance to analysis. A very simple primitive can be easily strengthened by the addition of more rounds, and this fact is explicitly stated in the design notes for Skien and Threefish. And preventing a designer from having 1000 rounds is the need to achieve a speed /performance for their target market. So they compromised at 31.

Singular increases in the round count work for PRESENT. It's worth adding that sometimes its not possible to increase the round count by any arbitrary value. The number of rounds has to match the key schedule and sometimes the schedule is designed more inflexibly than the main algorithm.