Machine Learning Assisted Differential Distinguishers For Lightweight Ciphers
Anubhab Baksi1, Jakub Breier2, Yi Chen3,a and Xiaoyang Dong3,b
1Nanyang Technological University, Singapore
anubhab001@e.ntu.edu.sg
2Silicon Austria Labs, TU-Graz SAL DES Lab, Austria Graz University of Technology, Austria
jbreier@jbreier.com
3Tsinghua University, Beijing, PR China
achenyi19@mails.tsinghua.edu.cn
bxiaoyangdong@tsinghua.edu.cn
ABSTRACT
At CRYPTO 2021, Gohr first introduces the deep learning based cryptanalysis on round-reduced SPECK. Using a deep residual network, Gohr trains several neural network based distinguishers on 8-round SPECK-32/64. The analysis follows an ‘all-in-one’ differential cryptanalysis approach, which considers all the output differences effect under the same input difference.
Usually, the all-in-one differential cryptanalysis is more effective compared to the one using only one single differential trail. However, when the cipher is non-Markov or its block size is large, it is usually very hard to fully compute. Inspired by Gohr’s work, we try to simulate the all-in-one differentials for non-Markov ciphers through machine learning.
Our idea here is to reduce a distinguishing problem to a classification problem, so that it can be efficiently managed by machine learning. As a proof of concept, we show several distinguishers for four high profile ciphers, each of which works with trivial complexity. In particular, we show differential distinguishers for 8-round Gimli-Hash, Gimli-Cipher and Gimli- Permutation; 3-round Ascon-Permutation; 10-round Knot-256 permutation and 12-round Knot-512 permutation; and 4-round Chaskey-Permutation. Finally, we explore more on choosing an efficient machine learning model and observe that only a three layer neural network can be used. Our analysis shows the attacker is able to reduce the complexity of finding distinguishers by using machine learning techniques.
Keywords: Gimli, Ascon, Knot, Chaskey, Distinguisher, Machine Learning, Differential.
