Paper 2021/401

Output Prediction Attacks on Block Ciphers using Deep Learning

Hayato Kimura, Tokai University
Keita Emura, National Institute of Information and Communications Technology
Takanori Isobe, University of Hyogo
Ryoma Ito, National Institute of Information and Communications Technology
Kazuto Ogawa, National Institute of Information and Communications Technology
Toshihiro Ohigashi, Tokai University

Cryptanalysis of symmetric-key ciphers, e.g., linear/differential cryptanalysis, requires an adversary to know the internal structures of the target ciphers. On the other hand, deep learning-based cryptanalysis has attracted significant attention because the adversary is not assumed to have knowledge about the target ciphers with the exception of the algorithm interfaces. Such cryptanalysis in a blackbox setting is extremely strong; thus, we must design symmetric-key ciphers that are secure against deep learning-based cryptanalysis. However, almost previous attacks do not clarify what features or internal structures affect success probabilities. Although Benamira et al. (Eurocrypt 2021) and Chen et al. (ePrint 2021) analyzed Gohr’s results (CRYPTO 2019), they did not find any deep learning specific characteristic where it affects the success probabilities of deep learning-based attacks but does not affect those of linear/differential cryptanalysis. Therefore, it is difficult to employ the results of such cryptanalysis to design deep learning-resistant symmetric-key ciphers. In this paper, we propose deep learning-based output prediction attacks in a blackbox setting. As preliminary experiments, we first focus on two toy SPN block ciphers (small PRESENT-[4] and small AES-[4]) and one toy Feistel block cipher (small TWINE-[4]). Due to its small internal structures with a block size of 16 bits, we can construct deep learning models by employing the maximum number of plaintext/ciphertext pairs, and we can precisely calculate the rounds in which full diffusion occurs. Next, based on the preliminary experiments, we explore whether the evaluation results obtained by our attacks against three toy block ciphers can be applied to block ciphers with large block sizes, e.g., 32 and 64 bits. As a result, we demonstrate the following results, specifically for the SPN block ciphers: First, our attacks work against a similar number of rounds that the linear/differential attacks can be successful. Next, our attacks realize output predictions (precisely ciphertext prediction and plaintext recovery) that are much stronger than distinguishing attacks. Then, swapping or replacing the internal components of the target block ciphers affects the average success probabilities of the proposed attacks. It is particularly worth noting that this is a deep learning specific characteristic because swapping/replacing does not affect the average success probabilities of the linear/differential attacks. Finally, by analyzing the influence of the differences in the characteristics of three S-boxes (i.e., the original PRESENT S-box and two known weak S-boxes) on deep learning specific characteristics, we clarify that the resistance of the target ciphers to differential/linear attacks can affect the success probability of deep learning-based attacks. We also confirm whether the proposed attacks work on the Feistel block cipher. We expect that our results will be an important stepping stone in the design of deep learning-resistant symmetric-key ciphers.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. AIoTS 2022
Deep LearningBlock CipherSPNFeistel
Contact author(s)
h_kimura @ star tokai-u jp
k-emura @ nict go jp
takanori isobe @ ai u-hyogo ac jp
itorym @ nict go jp
kaz_ogawa @ nict go jp
ohigashi @ tsc u-tokai ac jp
2022-12-26: last of 6 revisions
2021-03-27: received
See all versions
Short URL
Creative Commons Attribution


      author = {Hayato Kimura and Keita Emura and Takanori Isobe and Ryoma Ito and Kazuto Ogawa and Toshihiro Ohigashi},
      title = {Output Prediction Attacks on Block Ciphers using Deep Learning},
      howpublished = {Cryptology ePrint Archive, Paper 2021/401},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.