Proposal of attack methods using machine learning and deep neural network against cryptographic techniques for security evaluation

2023 Fiscal Year Final Research Report

• Project/Area Number: 21K11890
• Research Category: Grant-in-Aid for Scientific Research (C)
• Allocation Type: Multi-year Fund
• Section: 一般
• Review Section: Basic Section 60070:Information security-related
• Research Institution: Kyushu Institute of Technology
• Principal Investigator: Araki Shunsuke 九州工業大学, 大学院情報工学研究院, 准教授 (20332851)
• Co-Investigator(Kenkyū-buntansha): 野上 保之 岡山大学, 自然科学学域, 教授 (60314655) ; 上原 聡 北九州市立大学, 国際環境工学部, 教授 (90213389)
• Project Period (FY): 2021-04-01 – 2024-03-31
• Keywords: 機械学習 / 深層学習 / AES / 共通鍵暗号 / 軽量暗号 / 擬似乱数生成 / 線形合同法

Outline of Final Research Achievements

Focusing on features that machine learning and deep learning, which have attracted much attention for many research fields in recent years, are difficult to inference about random events, we thought these technologies are used for security evaluations for cryptography. As the firs step of our research, we studied attack methods using these techniques against cryptographic techniques such as common-key cryptography and pseudo-random number generators. In the attack on common-key cryptography, we confirmed that a key identification attack against input of only plaintext and ciphertext and a plaintext decryption attack against input of only ciphertext are possible using machine learning and deep learning, although with the restriction that the cryptographic specifications are modified to weaken the cryptographic strength. We also found that deep learning can predict the output at the next time for the linear congruence method, which was often used in a pseudorandom number generation.

Free Research Field

情報セキュリティ

Academic Significance and Societal Importance of the Research Achievements

本研究では、出力がランダムである事が期待される暗号技術に対して、ランダムな事象が苦手な機械学習や深層学習を攻撃手法として用いることで、これまで見つけることができなかった何かしらの「偏り」を見つけ出すことができた。
その結果、これら機械学習や深層学習が、暗号技術の安全性評価にも活用できることを明らかにした。