Paper 2019/037

Improving Attacks on Round-Reduced Speck32/64 using Deep Learning

Aron Gohr


This paper has four main contributions. First, we calculate the predicted difference distribution of Speck32/64 with one specific input difference under the Markov assumption completely for up to eight rounds and verify that this yields a globally fairly good model of the difference distribution of Speck32/64. Secondly, we show that contrary to conventional wisdom, machine learning can produce very powerful cryptographic distinguishers: for instance, in a simple low-data, chosen plaintext attack on nine rounds of Speck, we present distinguishers based on deep residual neural networks that achieve a mean key rank roughly five times lower than an analogous classical distinguisher using the full difference distribution table. Thirdly, we develop a highly selective key search policy based on a variant of Bayesian optimization which, together with our neural distinguishers, can be used to reduce the remaining security of 11-round Speck32/64 to roughly 38 bits. This is a significant improvement over previous literature. Lastly, we show that our neural distinguishers successfully use features of the ciphertext pair distribution that are invisible to all purely differential distinguishers even given unlimited data. While our attack is based on a known input difference taken from the literature, we also show that neural networks can be used to rapidly (within a matter of minutes on our machine) find good input differences without using prior human cryptanalysis.

Note: Added hyperlinks for DOI and github repository.

Available format(s)
Secret-key cryptography
Publication info
Published by the IACR in CRYPTO 2019
Speck and Deep Learning and Cryptanalysis
Contact author(s)
aron gohr @ gmail com
2019-08-15: last of 2 revisions
2019-01-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Aron Gohr},
      title = {Improving Attacks on Round-Reduced Speck32/64 using Deep Learning},
      howpublished = {Cryptology ePrint Archive, Paper 2019/037},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.