Research On The Application Of Deep Learning In Cryptanalysis And Password Guessing

In 1991,Rivest,one of the inventors of RSA,delivered a speech on the similarities and differences between cryptography and machine learning at ASIACRYPT.The objectives of machine learning and cryptanalysis are similar.The goal of machine learning is to find appropriate solutions in a huge solution space,and the goal of cryptanalysis is to find the correct key in a huge search space.In fact,Password guessing is also to find the correct password in a huge password space.Since then,the cross research of machine learning and cryptography has become a new research field.Gohr proposed the method of key recovery attack using single differential neural network distinguisher at CRYPTO 2019,and applied deep learning to the field of cryptanalysis.This paper explores the applications of deep learning in password analysis and password guessing.Firstly,combined with the idea of polytopic differential,a polytopic differential neural network distinguisher with higher accuracy is proposed.Taking SIMECK32/64 as an example,an 8-rounds 3-polytopic differential neural network distinguisher is trained,and its accuracy can be improved from 89.0%of single differential to 96.7%.Furthermore,using the polytopic differential neural network distinguisher,13 rounds of practical key recovery attacks are improved.The data complexity and time complexity are 2¹⁷.⁷ and 2^32.8 respectively.Compared with the best results,they are only 2^{-1 2} and 2^-3 times of previous complexities respectively.The polytopic differential neural network distinguisher proposed in this paper can also be applied to the analysis of other block ciphers.Secondly,a multi differential neural network distinguisher is proposed,which is compared with Gohr’s single differential neural network distinguisher.Compared with the traditional differential attack and single differential neural network distinguisher,the multi differential neural network distinguisher can greatly reduce the data complexity and computational complexity of key recovery.Taking RC5 as an example,a multi differential and a single differential neural network distinguisher are trained,and the practical key recovery attacks are carried out respectively.When the data complexity and computational complexity are the same,the 11 half rounds of key recovery attacks are carried out,and the success rate of single differential neural network distinguisher is 26%,while the success rate of multi differential neural network distinguisher is 36%.When 12 half rounds of key recovery attacks are carried out,the success rate of single differential neural network distinguisher is 5%,and the success rate of multi differential neural network distinguisher is 17%.Thirdly,the combination of deep learning with linear attack and integral attack is explored,and a method combining deep learning with linear attack and integral attack is proposed.A linear and integral neural network distinguisher is trained,which is limited by hardware resources and does not carry out practical key recovery attack.At present,the research on the combination of deep learning and linear attack is still in its infancy,and the research on the combination of deep learning and integral attack is still blank.Fourthly,a method of structural innovation of Pass GAN using Dense Net idea is proposed,and two Dense GAN password guessing models are created by using this method.Pass GAN is a password guessing model developed by Stevens Institute of technology in 2017,with outstanding performance.When the password length is 1 to 10,the match between the new passwords generated by our model and the test set is slightly better than that of Pass GAN.When the password length is 1 to 15,the match between the new passwords generated by our model and the test set is 6%to 13%higher than that of Pass GAN.Finally,the research on the combination of deep learning and cryptanalysis technology is still in its infancy,and a large number of problems remain to be solved,but the potential of using deep learning for cryptanalysis is huge,which is worthy of further exploration.In the field of password guessing,with the application of deep learning,the human characteristics of password are more and more explored,which not only brings new challenges to password security,but also encourages security personnel to constantly innovate security strategies.