6

I've checked a bunch of articles about machine learning and cryptography and derived from them three distinct possibilities:

  1. Use ML to approximate a cipher as a function. Article "Neuro-Cryptanalysis of DES and 3DES" shows a way to approximate DES using only $2^{10}$ plaintext-ciphertext pairs with average error of 10% of bits in the test sample.

    Although this result sounds pretty good, considering linear cryptanalysis needs $2^{43}$ text pairs to fully determine the cipher, this article doesn't have many references, so I have some doubts about importance of achieved result. And the chosen method has a considerable error of 10% which can happen on any bit of deciphered text. In other words, it is possible that every bit in deciphered text will be wrong, although pretty unlikely.

  2. Side-channel attacks. This looks more promising, especially power analysis attacks, there are some very interesting articles where ML is used on power signal.

  3. Machine learning on encrypted data. This one needs homomorphic encryption, as I see it, there is a bunch of articles too.

Are there any other applications of machine learning to cryptography? Are there any possible ML applications that can assist a cryptographer in their task?

(I can post links to articles if anyone is interested.)

Mike Edward Moras
  • 18,161
  • 12
  • 87
  • 240
user42363
  • 61
  • 3

2 Answers2

6

While your question is somewhat opinion-based and it depends on how far we stretch cryptography, my answer (having some experience in both fields) would be no, there are no applications of Machine Learning in cryptography.

Why?

Well, for starters, machine learning is made to find some regularities in input data and to produce output data from it. This requires a lot of inputs and well defined function that will define if we are doing good or bad. And they operate on floating-point numbers (they might lose some accuracy with result).

Cryptography and cryptographic functions are designed to be very random-looking and to be very complex. They are designed so that there are no visible structures in output data. They are nearly always defined on integers.

So cryptographic data can't be easily mapped onto machine learning data, because for machine learning 1.0 and 1.5 are close, but in cryptographic sense they aren't close, they are just numbers. And for machine learning representing data in meaningful way is very important to get meaningful results. This is nearly impossible with inputs and outputs from most cryptosystems.

I will ignore your first point, as this probably deserves investigation into it on it's own (but I think most of us fail to believe that those results are correct - it might be worth asking question about that paper specifi).

Side-channel attacks. This looks more promising, especially power analysis attacks, there are some very interesting articles where ML is used on power signal.

Now depends if we call that cryptography. I'd say that Machine Learning in this case is used to extract data. We can represent power-consumption as floats, and we can represent results as confidence in key bit. However, I do not agree that this is strictly cryptography, as this isn't really meaningful way to connect Machine Learning to cryptosystem. This is barely used as way to analyze data. For me it's like saying that medicine and cryptography are related fields, because cryptosystems are used to secure medical records.

Machine learning on encrypted data. This one needs homomorphic encryption, as I see it, there is a bunch of articles too.

This is something I don't understand. Homomorphic encryption allows us to modify encrypted data to some extent and Machine Learning allows us to find regularities in data. Just because both were used, I won't say that both are related.

Summary

Cryptosystems are used as means to operate on data (including encryption and verifying). This is merely usage of cryptography. Cryptography is art of designing and verifying security of such systems. Machine Learning is used to analyze data and produce some action based on data. This is again just usage of Machine Learning, not "machine learning in cryptography". So to clarify: Machine Learning is applicable when we have input which we can efficiently map into ML and we want to act upon input. This applies to any data which we can efficiently map into ML. Cryptographic functions can't be efficiently mapped into Machine Learning input, so Machine Learning is of no special use in cryptography (but it can analyze some non-cryptographic data even when evaluating cryptographic designs).

So I guess answer can also be: There are infinitely many applications of machine learning in cryptography, just as any other field.

axapaxa
  • 2,970
  • 12
  • 21
1

In Discovering faster matrix multiplication algorithms with reinforcement learning (Nature, 2022; lightweight intro), the authors use AI techniques to devise a new, slightly faster matrix multiplication algorithm (for 4x4 matrices if I get it correctly).

Perhaps a similar technique would be successful at finding a better multiple-precision modular multiplication algorithm (as at the core of RSA and ECC using prime fields). I have opened a question about this.

Although more far fetched, it seems conceivable that reinforcement learning could help in devising cryptanalytic attacks given a formal description of a block cipher or hash.

Note: "Neuro-Cryptanalysis of DES and 3DES" cited in the question operates on the block cipher as a black box. That approach has failed to produce anything interesting when applied on a serious cipher; see this.

fgrieu
  • 149,326
  • 13
  • 324
  • 622