Paper 2022/183

Improving Differential-Neural Cryptanalysis

Liu Zhang, Xidian University
Zilong Wang, Xidian University
Baocang wang, Xidian University
Abstract

In CRYPTO'19, Gohr introduced a novel cryptanalysis method by developing a differential-neural distinguisher using neural networks as the underlying distinguisher. He effectively integrated this distinguisher with classical differentials, facilitating a 12-round key recovery attack on Speck32/64 (from a total of 22 rounds). Bao et al. refined the concept of neutral bits, enabling key recovery attacks up to 13 rounds for Speck32/64 and 16 rounds (from a total of 32) for Simon32/64. Our primary objective is to enhance the capabilities of differential-neural distinguishers by applying more deep-learning techniques, focusing on handling more rounds and improving accuracy. Inspired by the Inception Block in GoogLeNet, we adopted a design that uses multiple parallel convolutional layers with varying kernel sizes before the residual block to capture multi-dimensional information. Additionally, we expanded the convolutional kernels in the residual blocks, thereby enlarging the network's receptive field. In the case of Speck32/64, our efforts yield accuracy improvements in rounds 6, 7, and 8, enabling the successful training of a 9-round differential-neural distinguisher. As for Simon32/64, we developed a differential-neural distinguisher capable of effectively handling 12 rounds while achieving noteworthy accuracy enhancements in rounds 9, 10, and 11. Additionally, we utilized neutral bits to ensure the required data distribution for launching a successful key recovery attack when using multiple-ciphertext pairs as input for the neural network. Meanwhile, we redefined the formula for time complexity based on the differences in prediction speeds of the distinguisher between a single-core CPU and a GPU. Combining these various advancements allows us to considerably reduce the time and data complexity of key recovery attacks on 13-round Speck32/64. Furthermore, we used knowledge distillation techniques to reduce the model size, thereby accelerating the distinguisher's prediction speed and reducing the time complexity. In particular, we achieved a successful 14-round key recovery attack by exhaustively guessing a 1-round subkey, marking a significant milestone in differential-neural cryptanalysis. For Simon32/64, we accomplished a groundbreaking 17-round key recovery attack for the first time and reduced the time complexity of the 16-round key recovery attack.

Metadata
Available format(s)
PDF
Category
Attacks and cryptanalysis
Publication info
Preprint.
Keywords
Differential-Neural DistinguisherInception ModuleSpeckSimonKnowledge DistillationKey Recovery Attack
Contact author(s)
17lzhang3 @ gmail com
zlwang @ xidian edu cn
bcwang79 @ aliyun com
History
2024-01-07: last of 5 revisions
2022-02-20: received
See all versions
Short URL
https://ia.cr/2022/183
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/183,
      author = {Liu Zhang and Zilong Wang and Baocang wang},
      title = {Improving Differential-Neural Cryptanalysis},
      howpublished = {Cryptology ePrint Archive, Paper 2022/183},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/183}},
      url = {https://eprint.iacr.org/2022/183}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.