Paper 2021/287
A Deeper Look at Machine Learning-Based Cryptanalysis
Adrien Benamira, David Gerault, Thomas Peyrin, and Quan Quan Tan
Abstract
At CRYPTO'19, Gohr proposed a new cryptanalysis strategy based on the utilisation of machine learning algorithms. Using deep neural networks, he managed to build a neural based distinguisher that surprisingly surpassed state-of-the-art cryptanalysis efforts on one of the versions of the well studied NSA block cipher speck (this distinguisher could in turn be placed in a larger key recovery attack). While this work opens new possibilities for machine learning-aided cryptanalysis, it remains unclear how this distinguisher actually works and what information is the machine learning algorithm deducing. The attacker is left with a black-box that does not tell much about the nature of the possible weaknesses of the algorithm tested, while hope is thin as interpretability of deep neural networks is a well-known difficult task. In this article, we propose a detailed analysis and thorough explanations of the inherent workings of this new neural distinguisher. First, we studied the classified sets and tried to find some patterns that could guide us to better understand Gohr's results. We show with experiments that the neural distinguisher generally relies on the differential distribution on the ciphertext pairs, but also on the differential distribution in penultimate and antepenultimate rounds. In order to validate our findings, we construct a distinguisher for speck cipher based on pure cryptanalysis, without using any neural network, that achieves basically the same accuracy as Gohr's neural distinguisher and with the same efficiency (therefore improving over previous non-neural based distinguishers). Moreover, as another approach, we provide a machine learning-based distinguisher that strips down Gohr's deep neural network to a bare minimum. We are able to remain very close to Gohr's distinguishers' accuracy using simple standard machine learning tools. In particular, we show that Gohr's neural distinguisher is in fact inherently building a very good approximation of the Differential Distribution Table (DDT) of the cipher during the learning phase, and using that information to directly classify ciphertext pairs. This result allows a full interpretability of the distinguisher and represents on its own an interesting contribution towards interpretability of deep neural networks. Finally, we propose some method to improve over Gohr's work and possible new neural distinguishers settings. All our results are confirmed with experiments we have been conducted on speck block cipher (source code available online).
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- A minor revision of an IACR publication in EUROCRYPT 2021
- Keywords
- Differential CryptanalysisSPECKMachine LearningDeep Neural NetworksInterpretability
- Contact author(s)
-
adrien002 @ e ntu edu sg
dagerault @ gmail com
thomas peyrin @ ntu edu sg
quanquan001 @ e ntu edu sg - History
- 2021-03-22: last of 2 revisions
- 2021-03-07: received
- See all versions
- Short URL
- https://ia.cr/2021/287
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2021/287, author = {Adrien Benamira and David Gerault and Thomas Peyrin and Quan Quan Tan}, title = {A Deeper Look at Machine Learning-Based Cryptanalysis}, howpublished = {Cryptology {ePrint} Archive, Paper 2021/287}, year = {2021}, url = {https://eprint.iacr.org/2021/287} }