查看文章

Although it has been a long-standing question that whether computers can learn to perform cryptanalytic tasks, positive answers made by breakthrough machine-learning-based cryptanalysis are still rare. In CRYPTO 2019, a remarkable work made by Gohr shed light on a positive answer. It shows that well-trained neural networks can perform cryptanalytic distinguishing tasks at a superior level to traditional differential-based distinguishers. Additionally, a non-traditional key-recovery procedure was devised, integrating with the Upper Confidence Bounds and Bayesian optimization. Combining the neural distinguishers with a classical differential, integrating the advanced keyrecovery procedure, an 11-round key-recovery attack on Speck32/64, a small-sized modern cipher designed by researchers from NSA, was achieved, which has a competitive performance compared with the stateof-the-art result. However, it turns out to be still difficult for the community to achieve a comparable performance increase on longer reducedversions of the same cipher. This difficulty calls into a question: to what extent is the advantage of machine-learning approaches over traditional ones, and whether the advantage generally exists on modern ciphers? To answer these questions, we devised the first practical 13-round and improved 12-round neural-distinguisher-based key-recovery attacks on Speck32/64 and 16-round key-recovery attacks on Simon32/64. The results confirm the advantages of using machine-learning approaches in cryptanalysis. However, the main reason lies in the enhancement made on the classical components. The crucial technical element …