神经网络差分区分器的改进方案与应用

doi:10.19665/j.issn1001-2400.20241001

Abstract

Abstract:

In order to further study the application of deep learning in cryptographic security analysis,neural networks are used for differential analysis of lightweight block cryptography.The following four research results are obtained.First,a neural network differential distinguisher is constructed by using a deep residual network with an attention mechanism,and applied to three types of lightweight block ciphers:SIMON,SIMECK and SPECK.The results show that the effective distinguisher of SIMON32/64 and SIMECK32/64 can reach up to 11 rounds,and the accuracy is 0.5172 and 0.5164,respectively.The SPECK32/64 has an effective distinguisher of up to 8 rounds with an accuracy of 0.5868.Second,the influence of different input differences on the accuracy of the neural network differential distinguisher is explored.For SIMON,SIMECK and SPECK ciphers,the accuracy of the neural network differential distinguisher corresponding to different input differences is obtained by using the fast training of neural networks.The results show that the input difference with a low Hamming weight and high probability can improve the accuracy of the neural network differential distinguisher.At the same time,the suitable input difference for the SIMON32/64,SIMECK32/64 and SPECK32/64 neural network differential distinguisher is found to be 0x0000/0040,0x0000/0001 and 0x0040/0000,respectively.Third,the influence of the input data format containing different information on the accuracy of the neural network differential distinguisher is explored.Changing the amount of information contained in the input data according to the characteristics of the cryptographic algorithm and retraining the corresponding neural network differential distinguisher.The results show that,compared to a neural network differential distinguisher that only includes ciphertext pair information,those that incorporate both ciphertext pair information and differential information from the penultimate round achieve a higher accuracy.Fourth,on the basis of the above research,the last wheel key recovery attack is carried out on 11 rounds of SIMON32/64.When 2⁹ plaintext-ciphertext pairs are selected,the attack success rate in 100 attacks can reach 100%.

Key words: neural networks, cryptography, lightweight block cipher, differential cryptanalysis, attention mechanism, neural network differential distinguisher, key recovery attack

CLC Number:

TP309.7

LI Linke, CHEN Jie, LIU Jun. Improved schemes and applications of the neural network differential distinguisher[J].Journal of Xidian University, 2025, 52(1): 196-214.

Figures/Tables 22

符号	含义
⊕	比特异或操作XOR
&	比特与操作AND
S^j or<<<j	循环左移位j比特
S^-^j or>>>j	循环右移位j比特
	模加运算
$F 2 n$	n比特向量集合

References 36

[1]	樊婷, 冯伟, 韦永壮. 一种大状态轻量级密码S盒的设计与分析[J]. 西安电子科技大学学报, 2023, 50(4):170-179.
	FAN Ting, FENG Wei, WEI Yongzhuang. The Design and Cryptanalysis of Large State Lightweight Cryptographic S-Box[J]. Journal of Xidian University, 2023, 50(4):170-179.
[2]	郑雅菲, 吴文玲. LBlock 算法的改进中间相遇攻击[J]. 计算机学报, 2017, 40(5):1080-1091.
	ZHENG Yafei, WU Wenling. Improved Meet-In-The-Middle Attack of LBlock Cipher[J]. Chinese Journal of Computers, 2017, 40(5):1080-1091.
[3]	RAJAN R, ROY R K, SEN D, et al. Deep Learning-Based Differential Distinguisher for Lightweight Cipher GIFT-COFB[C]//Proceedings of the Conference on Machine Intelligence and Smart Systems. Heidelberg:Springer, 2022:397-406.
[4]	XU H, HAO C, XU Z, et al. Linear Cryptanalysis of Lightweight Block Cipher WARP[C]// Proceedings of the 17th International Conference on Provable Security(ProvSec 2023).Heidelberg:Springer, 2023:83-90.
[5]	SAJWAN A, MISHRA G. Comparative Analysis of ResNet and DenseNet for Differential Cryptanalysis of SPECK 32/64 Lightweight Block Cipher[C]//Proceedings of the International Conference on Cryptology and Network Security with Machine Learning. Heidelberg:Springer, 2023:495-504.
[6]	杨小雪, 陈杰. 几类密码算法的神经网络差分区分器的改进[J]. 西安电子科技大学学报, 2024, 51(1):210-222.
	YANG Xiaoxue, CHEN Jie. Improvement of the Neural Distinguishers of Several Ciphers[J]. Journal of Xidian University, 2024, 51(1):210-222.
[7]	RIVEST R L. Cryptography and Machine Learning[C]//Proceedings of the Internaional Conference on the Theory and Application of Cryptology and Information Security. Heidelberg:Springer, 1991:427-439.
[8]	BAFGHI A G, SAFABAKHSH R, SADEGHIYAN B. Finding the Differential Characteristics of Block Ciphers with Neural Networks-Science Direct[J]. Information Sciences, 2008, 178(15):3118-3132.
[9]	ALANI M M. Neuro-Cryptanalysis of DES and Triple-DES[C]//Proceedings of the International Conference on Neural Information Processing. Heidelberg:Springer, 2012:637-646.
[10]	DANZIGER M, HENRIQUES M. Improved Cryptanalysis Combining Differential and Artificial Neural Network Schemes[C]//Proceedings of the 2014 International Telecommunications Symposium(ITS). Piscataway:IEEE, 2014:1-5.
[11]	HU X, ZHAO Y. Research on Plaintext Restoration of AES Based on Neural Network[J]. Security and Communication Networks, 2018, 2018(6868506):1-9.
[12]	GOHR A. Improving Attacks on Round-Reduced Speck32/64 Using Deep Learning[C]//Proceedings of the 39th Annual Internaional Cryptology Conference. Heidelberg:Springer, 2019:150-179.
[13]	BAKSI A, BREIER J, CHEN Y, et al. Machine Learning Assisted Differential Distinguishers for Lightweight Ciphers[C]//Proceedings of the Design,Automation & Test in Europe Conference & Exhibition(DATE). Piscataway:IEEE, 2021:176-181.
[14]	BENAMIRA A, GERAULT D, PEYRIN T, et al. A Deeper Look at Machine Learning-Based Cryptanalysis[C]//Proceedings of the 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques. Heidelberg:Springer, 2021:805-835.
[15]	PAL D, MANDAL U, CHAUDHURY M, et al. A Deep Neural Differential Distinguisher for ARX Based Block Cipher(2022)[R/OL].[2022-09-10]. https://eprint.iacr.org/2022/1195.
[16]	BAO Z, LU J, YAO Y, et al. More Insight on Deep Learning-Aided Cryptanalysis[C]//Proceedings of the 29th International Conference on the Theory and Application of Cryptology and Information Security. Heidelberg:Springer, 2023:436-467.
[17]	ZHENG W, ZHANG L, WANG Z. Theoretical Explanation and Improvement of Deep Learning-Aided Cryptanalysis(2024)[R/OL].[2024-02-26]. https://eprint.iacr.org/2024/322.
[18]	BIHAM E, SHAMIR A. Differential Cryptanalysis of DES-Like Cryptosystems[J]. Journal of Cryptology, 1991, 4(1):3-72.
[19]	HE K, ZHANG X, REN S, et al. Deep Residual Learning for Image Recognition[C]//Proceedings of the 2016 IEEE Conference on Computer Vision and Pattern Recognition(CVPR). Piscataway:IEEE, 2016:770-778.
[20]	ZHANG L, WANG Z, WANG B. Improving Differential-Neural Cryptanalysis(2022)[R/OL].[2022-02-20]. https://eprint.iacr.org/2022/183.
[21]	KIM H, LIM S, KANG Y, et al. Deep-Learning-Based Cryptanalysis of Lightweight Block Ciphers Revisited[J]. Entropy, 2023, 25(7):986.
[22]	HOU Z, REN J, CHEN S. Improve Neural Distinguishers of SIMON and SPECK[J]. Security and Communication Networks, 2021, 2021(9288229):1-11.
[23]	CHEN Y, SHEN Y, YU H, et al. A New Neural Distinguisher Considering Features Derived from Multiple Ciphertext Pairs[J]. The Computer Journal, 2023, 66(6):1419-1433.
[24]	BAHDANAU D, CHO K, BENGIO Y. Neural Machine Translation by Jointly Learning to Align and Translate(2014)[R/OL].[2014-09-04]. https://arxiv.org/pdf/1409.0473v2.pdf.
[25]	BAO Z, GUO J, LIU M, et al. Enhancing Differential-Neural Cryptanalysis[C]//Proceedings of the 28th International Conference on the Theory and Application of Cryptology and Information Security. Heidelberg:Springer, 2022:318-347.
[26]	DENG H, CAO X, CHENG Y. Attention in Differential Cryptanalysis on Lightweight Block Cipher SPECK[C]//Proceedings of the 20th Annual International Conference on Privacy,Security and Trust(PST). Piscataway:IEEE, 2023:1-9.
[27]	BEAULIEU R, SHORS D, SMITH J, et al. The SIMON and SPECK Families of Lightweight Block Ciphers(2013)[R/OL].[2013-06-20]. https://eprint.iacr.org/2013/404.
[28]	LU J, LIU G, SUN B, et al. Improved(Related-Key) Differential-Based Neural Distinguishers for SIMON and SIMECK Block Ciphers(2022)[R/OL].[2022-12-30]. https://eprint.iacr.org/2022/030.
[29]	HOU Z, REN J, CHEN S. Cryptanalysis of Round-Reduced SIMON32 Based on Deep Learning(2021)[R/OL].[2021-03-18]. https://eprint.iacr.org/2021/362.
[30]	KÖLBL S, LEANDER G, TIESSEN T. Observations on the SIMON Block Cipher Family[C]//Proceedings of the 35th Annual International Cryptology Conference. Heidelberg:Springer, 2015:161-185.
[31]	BEIERLE C. Pen and Paper Arguments for SIMON and SIMON-Like Designs[C]//Proceedings of the 10th International Conference on Security and Cryptography for Networks. Heidelberg:Springer, 2016:431-446.
[32]	SU H, ZHU X, MING D. Polytopic Attack on Round-Reduced Simon32/64 Using Deep Learning[C]//Proceedings of the 16th International Conference on Information Security and Cryptology. Heidelberg:Springer, 2020:3-20.
[33]	YANG G, ZHU B, SUDER V, et al. The Simeck Family of Lightweight Block Ciphers[C]//Proceedings of the 17th International Conference on Cryptographic Hardware and Embedded Systems. Berlin:Springer, 2015:307-329.
[34]	LYU L, TU Y, ZHANG Y. Improving the Deep-Learning-Based Differential Distinguisher and Applications to Simeck[C]//Proceedings of the 2022 IEEE 25th International Conference on Computer Supported Cooperative Work in Design(CSCWD). Piscataway:IEEE, 2022:465-470.
[35]	ZHANG L, LU J, WANG Z, et al. Improved Differential-Neural Cryptanalysis for Round-Reduced SIMECK32/64[J]. Frontiers of Computer Science,2023, 17(2023):1-22.
[36]	BIHAM E, CHEN R. Near-Collisions of SHA-0[C]//Proceedings of the 24rd Annual International Cryptology Conference. Heidelberg:Springer, 2004:290-305.

真实值	预测值
真实值	正例	反例
正例	R_TP(真正例)	R_FN(假反例)
反例	R_FP(假正例)	R_TN(真反例)

超参数	值	超参数	值
优化器(Optimizer)	Adam	正则化参数(Reg_param)	10^-5
损失函数(Loss)	MSE	训练集数据量大小	10⁷
评估指标(Metrics)	Acc	验证集数据量大小	10⁶
训练周期数(Epochs)	50	测试集数据量大小	10⁶
批次大小(Batch_size)	5 000	引入注意力机制的残差块个数	2

加密轮数	输入差分	精度	真阳性率	真阴性率
6	0x0000/0001	0.999 0	1.000 0	0.998 0
6	0x0040/0000	0.981 1	0.999 3	0.962 9
7	0x0000/0001	0.980 8	0.999 4	0.962 2
7	0x0040/0000	0.742 4	0.713 1	0.771 7
8	0x0000/0001	0.799 6	0.799 9	0.799 3
8	0x0040/0000	0.629 5	0.498 3	0.760 5
9	0x0000/0001	0.622 5	0.482 4	0.762 4
9	0x0040/0000	0.500 8	1.000 0	0.000 0

输入差分	精度	输入差分	精度	输入差分	精度
0x8028/0100	0.514	0x0020/0104	0.551	0x0000/1080	0.548
0x5002/0100	0.533	0x0043/2000	0.534	0x0010/8420	0.555
0x1000/0010	0.552	0x0880/0404	0.554	0x0800/0010	0.560
0x1400/0104	0.532	0x4002/4200	0.536	0x2001/8400	0.537
0x0020/0200	0.503	0x0006/0000	0.531	0x4020/0001	0.534
0x0200/0022	0.535	0x0081/1000	0.546	0x0800/1100	0.547
0x0000/0002	0.513	0x0010/4000	0.552	0x0408/0102	0.559
0x0000/0500	0.547	0x0000/0010	0.525	0x0000/0080	0.553
0x0000/0001	0.507	0x0000/0020	0.548	0x0000/0008	0.537
0x0000/0200	0.545	0x0000/0040	0.570	0x2000/0400	0.551

加密轮数	输入数据格式	精度	真阳性率	真阴性率
6	I₀	0.999 0	1.000 0	0.998 1
6	I₁	0.999 8	1.000 0	0.999 6
7	I₀	0.979 8	0.999 4	0.960 1
7	I₁	0.990 7	0.999 2	0.982 3
8	I₀	0.751 5	0.719 5	0.783 3
8	I₁	0.840 0	0.852 7	0.827 1
9	I₀	0.632 9	0.510 9	0.755 0
9	I₁	0.658 1	0.571 3	0.745 2
10	I₁	0.565 8	0.464 5	0.667 0
11	I₁	0.517 2	0.467 2	0.567 2

Improved schemes and applications of the neural network differential distinguisher

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 22

References 36

Related Articles 15

Metrics

Comments

Recommended 0

结果来源	输入差分	输入数据格式	神经网络模型	精度
文中分析结果	0x0000/0040	I₀	Attention-ResNets	0.632 9
应用文献[12]网络结构分析结果	0x0000/0040	I₀	ResNets	0.619 8
文献[22]第3节分析结果	0x0000/0080	I₀	ResNets	0.597 7
文献[25]最佳分析结果	0x0000/0040	I₀	SE-ResNeXt	0.651 5
文献[28]分析结果	0x0000/0040	I₂	SE-ResNet	0.917 6
文献[32]最佳分析结果	PD	I₃	ResNets	0.637 3
文中分析结果	0x0000/0040	I₁	Attention-ResNets	0.658 1

输入差分	精度	输入差分	精度	输入差分	精度
0x0115/0000	0.508	0x0808/2002	0.520	0x0400/0000	0.526
0x4010/0104	0.532	0x0400/8800	0.551	0x8000/8020	0.535
0x0800/0410	0.531	0x0000/0002	0.556	0x0000/0400	0.552
0x0000/8002	0.521	0x2048/2000	0.539	0x0044/0100	0.545
0x8000/4011	0.508	0x0000/0020	0.525	0x0000/0001	0.570
0x4000/0000	0.518	0x0002/8008	0.556	0x0110/0000	0.542
0x0000/0040	0.545	0x0020/0400	0.536	0x0008/0000	0.554
0x0948/0000	0.555	0x0000/0004	0.561	0x0000/0100	0.558
0x0001/0000	0.549	0x0000/0080	0.549	0x0080/1000	0.539
0x0000/4000	0.562	0x0083/0000	0.548	0x0002/0000	0.547

输入差分	精度	输入差分	精度	输入差分	精度
0x0801/0002	0.515	0x0400/0108	0.517	0x0028/1000	0.539
0x0800/0000	0.533	0x0000/0001	0.542	0x0004/0000	0.549
0x1000/0800	0.532	0x2004/0000	0.519	0x0000/4000	0.548
0x0028/0010	0.541	0x0000/0080	0.557	0x0002/0000	0.531
0x0000/0400	0.538	0x0000/0400	0.544	0x8000/0000	0.547
0x0000/0080	0.552	0x0000/0018	0.537	0x0040/0000	0.570
0x0000/0040	0.522	0x4000/2400	0.514	0x0060/0020	0.528
0x0010/0000	0.542	0x0140/0002	0.553	0x0000/0018	0.537
0x0040/4400	0.566	0x0020/0008	0.559	0x0030/0400	0.543
0x2000/0000	0.523	0x0008/0008	0.530	0x0400/0000	0.517

加密轮数	输入数据格式	精度	真阳性率	真阴性率
5	I₀	0.928 4	0.903 4	0.953 5
5	I₁	0.989 3	0.989 4	0.989 2
6	I₀	0.787 6	0.722 1	0.852 9
6	I₁	0.907 9	0.871 4	0.944 5
7	I₀	0.615 7	0.547 0	0.684 4
7	I₁	0.755 5	0.678 3	0.833 0
8	I₁	0.586 8	0.541 6	0.631 8

结果来源	攻击成功率/%	数据复杂度	计算复杂度	时间复杂度
文中6.2节最佳攻击结果	100	2⁹	2²⁵	<2^17.1
文献[29]攻击结果	90+	2⁹		<2^18.5
文献[32]攻击结果	100	2²⁵	2^30.9
应用文献[36]传统方法攻击结果	90+	2²⁸		>2²⁹

[1]	QU Jiahui, HE Jie, DONG Wenqian, LI Yunsong, ZHANG Tongzhen, YANG Yufei. Change detection method based on multi-scale and multi-resolution information fusion [J]. Journal of Xidian University, 2025, 52(1): 105-116.
[2]	KONG Fanqiang, YU Shengjie, WANG Kun, FANG Xu, LV Zhijie. Hyperspectral image unmixing method based on convolutional recurrent neural networks [J]. Journal of Xidian University, 2025, 52(1): 142-151.
[3]	WANG Danyang, PIAO Chunying, LIU Qi, GUAN Lei, LI Zan. CTS features based electromagnetic interference identification at radio observatory site [J]. Journal of Xidian University, 2025, 52(1): 80-93.
[4]	TANG Shuyuan, ZHOU Yiqing, LI Jintao, LIU Chang, SHI Jinglin. Dual attention pedestrian detector for occlusion scenario based on feature calibration [J]. Journal of Xidian University, 2024, 51(6): 25-39.
[5]	WANG Xiaopeng, SHI Huan. Fall detection algorithm based on the improved YOLOv8 combined with key points [J]. Journal of Xidian University, 2024, 51(5): 149-164.
[6]	CHEN Kejia, ZHANG Yupeng, LIN Hongxi. Aspect-based sentiment analysis of syntactic perception and knowledge enhancement [J]. Journal of Xidian University, 2024, 51(5): 165-178.
[7]	YANG Zelin, DONG Lihua, ZENG Yong. Cube attack on round-reduced Enhanced-Bivium [J]. Journal of Xidian University, 2024, 51(5): 179-188.
[8]	WANG Yulai, LIAO Xiaomin, HE Haiguang, YE Guojun. Knowledge graph assisted spectrum resource optimization algorithm for UAVs [J]. Journal of Xidian University, 2024, 51(5): 58-70.
[9]	LIANG Liming, DONG Xin, LEI Kun, XIA Yuchen, WU Jian. Retinal image quality grading for fused attention spectrum non-local blocks [J]. Journal of Xidian University, 2024, 51(4): 102-113.
[10]	LI Xiaohan, YANG Yanbo, ZHANG Jiawei, LI Baoshan, MA Jianfeng. Graph neural network vulnerability detection for ethernet smart contracts [J]. Journal of Xidian University, 2024, 51(4): 139-150.
[11]	ZHANG Xiaohong, XIANG Shijun, HUANG Hongbin. Hiding images in audio based on invertible neural networks [J]. Journal of Xidian University, 2024, 51(4): 226-238.
[12]	GUAN Yepeng, SU Guangyao, SHENG Yi. Time series prediction method based on the bidirectional long short-term memory network [J]. Journal of Xidian University, 2024, 51(3): 103-112.
[13]	XIA Yilan, WANG Xiumei, CHENG Peitao. Texture-aware video inpainting algorithm based on the multi-attention mechanism [J]. Journal of Xidian University, 2024, 51(3): 136-146.
[14]	GONG Junyang, FU Weihong, FANG Houzhang. Research on lightweight and feature enhancement of SAR image ship targets detection [J]. Journal of Xidian University, 2024, 51(2): 96-106.
[15]	DING Xinmiao, WANG Jiaxing, GUO Wen. Three-dimensional attention-enhanced algorithm for violence scene detection [J]. Journal of Xidian University, 2024, 51(1): 114-124.

明密文对数量	攻击成功率/%
2⁶	71
2⁷	91
2⁸	97
2⁹	100