基于Transformer模型与注意力机制的差分密码分析

doi:10.19678/j.issn.1000-3428.0068486

摘要/Abstract

摘要：

基于差分分析的密码攻击中, 通常使用贝叶斯优化方法验证部分解密的数据是否具有差分特性。目前, 主要采用基于深度学习的方式训练1个差分区分器, 但随着加密轮数的增加, 差分特征的精确度会呈现线性降低的趋势。为此, 结合注意力机制和侧信道分析, 提出了一种新的差分特性判别方法。根据多轮密文间的差分关系, 基于Transformer训练了1个针对SPECK32/64算法的差分区分器。在密钥恢复攻击中, 借助前一轮的密文对待区分密文影响最大特性, 设计了新的密钥恢复攻击方案。在SPECK32/64算法的密钥恢复攻击中, 采用2⁶个选择明密文对, 并借助第20轮密文对将第22轮65 536个候选密钥范围缩小至17个以内, 完成对最后两轮子密钥的恢复攻击。实验结果表明, 该方法的攻击成功率达90%, 可以有效应对加密轮数增多造成的密文差分特征难以识别的问题。

关键词: Transformer模型, 注意力机制, 差分区分器, SPECK32/64算法, 密钥恢复攻击

Abstract:

In differential analysis-based cryptographic attacks, Bayesian optimization is typically used to verify whether the partially decrypted data exhibit differential characteristics. Currently, the primary approach involves training a differential distinguisher using deep learning techniques. However, this method has a notable limitation in that, as the number of encryption rounds increases, the accuracy of the differential characteristics decreases linearly. Therefore, a new differential characteristic discrimination method is proposed based on the attention mechanism and side-channel analysis. Using the difference relationship between multiple rounds of the ciphertext, a difference partition for the SPECK32/64 algorithm is trained based on the transformer. In a key recovery attack, a novel scheme is designed based on the previous ciphertext treatment to distinguish the most influential features of the ciphertext. In the key recovery attack of the SPECK32/64 algorithm, 2⁶ selected ciphertext pairs are used. Using the 20th round ciphertext pairs, the 65 536 candidate keys of the 22nd round can be screened within 17 on average, and the key recovery attack of the last two wheels can be completed. The experimental results show that this method achieves a success rate of 90%, effectively addressing the challenge of recognizing ciphertext differential features caused by an increase in the number of encryption rounds.

Key words: Transformer model, attention mechanism, differential distinguisher, SPECK32/64 algorithm, key recovery attack

肖超恩, 李子凡, 张磊, 王建新, 钱思源. 基于Transformer模型与注意力机制的差分密码分析[J]. 计算机工程, 2025, 51(1): 156-163.

XIAO Chaoen, LI Zifan, ZHANG Lei, WANG Jianxin, QIAN Siyuan. Differential Cryptanalysis Based on Transformer Model and Attention Mechanism[J]. Computer Engineering, 2025, 51(1): 156-163.

https://www.ecice06.com/CN/Y2025/V51/I1/156

图/表 8

图1 Transformer差分区分器模型

Fig.1 Transformer differential discriminator model

图2 数据集构造流程

Fig.2 Procedure of dataset construction

图3 准确率随Epoch的变化曲线

Fig.3 The change curves of accuracy with Epoch

图4 损失值随Epoch的变化曲线

Fig.4 The change curves of loss values with Epoch

参考文献 25

1	BIHAM E, SHAMIR A. Differential cryptanalysis of DES-like cryptosystems[EB/OL]. [2023-08-22]. https://link.springer.com/content/pdf/10.1007/BF00630563.pdf.
2	Nation Bureau of Standards. Data encryption standard—Federal information processing standards publication[EB/OL]. [2023-08-22]. http://bitsavers.trailing-edge.com/pdf/nbs/fips/FIPS_46-1_Data_Encryption_Standard_Jan88.pdf.
3	BLONDEAU C, GÉRARD B. Multiple differential cryptanalysis: theory and practice[EB/OL]. [2023-08-22]. https://link.springer.com/content/pdf/10.1007/978-3-642-21702-9_3.
4	KRIZHEVSKY A , SUTSKEVER I , HINTON G E . ImageNet classification with deep convolutional neural networks. Communications of the ACM, 2017, 60 (6): 84- 90. doi: 10.1145/3065386
5	YOUNG T , HAZARIKA D , PORIA S , et al. Recent trends in deep learning based natural language processing. IEEE Computational Intelligence Magazine, 2018, 13 (3): 55- 75. doi: 10.1109/MCI.2018.2840738
6	GOHR A. Improving attacks on round-reduced SPECK32/64 using deep learning[C]//Proceedings of the 39th Annual International Cryptology Conference. Berlin, Germany: Springer, 2019: 150-179.
7	BEAULIEU R, SHORS D, SMITH J, et al. The SIMON and SPECK lightweight block ciphers[C]//Proceedings of the 52nd Annual Design Automation Conference. New York, USA: ACM Press, 2015: 1-6.
8	BENAMIRA A, GERAULT D, PEYRIN T, et al. A deeper look at machine learning-based cryptanalysis[C]//Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. Berlin, Germany: Springer, 2021: 805-835.
9	宿恒川, 朱宣勇, 段明. 基于PU分类的差分区分器及其应用. 密码学报, 2021, 8 (2): 330- 337.
	SU H C , ZHU X Y , DUAN M . Differential distinguisher based on PU learning and its application. Journal of Cryptologic Research, 2021, 8 (2): 330- 337.
10	CHEN Y, YU H B. Bridging machine learning and cryptanalysis via EDLCT[EB/OL]. [2023-08-22]. https://eprint.iacr.org/2021/705.
11	SU H C, ZHU X Y, MING D. Polytopic attack on round-reduced Simon32/64 using deep learning[M]//WU Y D, YUNG M. Lecture Notes in Computer Science. Berlin, Germany: Springer, 2021: 3-20.
12	付超辉, 段明, 魏强, 等. 基于深度学习的多面体差分攻击及其应用. 密码学报, 2020, 8 (4): 591- 600.
	FU C H , DUAN M , WEI Q , et al. Polytopic differential attack based on deep learning and its application. Journal of Cryptologic Research, 2020, 8 (4): 591- 600.
13	YANG G Q, ZHU B, SUDER V, et al. The Simeck family of lightweight block ciphers[C]//Proceedings of Conference on Cryptographic Hardware and Embedded Systems. Berlin, Germany: Springer, 2015: 307-329.
14	SO J , KHOKHAR U M . Deep learning-based cryptanalysis of lightweight block ciphers. Security and Communication Networks, 2020, 32, 3701067.
15	YADAV T, KUMAR M. Differential-ML distinguisher: machine learning based generic extension for differential cryptanalysis[C]//Proceedings of International Conference on Cryptology and Information Security in Latin America. Berlin, Germany: Springer, 2021: 191-212.
16	BAO Z, GUO J, LIU M, et al. Enhancing differential-neural cryptanalysis[C]//Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. Berlin, Germany: Springer, 2020: 561-570.
17	BAKSI A. Machine learning-assisted differential distinguishers for Lightweight ciphers[M]//Computer Architecture and Design Methodologies. Berlin, Germany: Springer, 2022: 141-162.
18	JAIN A, KOHLI V, MISHRA G. Machine Learning Assisted Differential Distinguishers for Lightweight Ciphers[M]//Classical and Physical Security of Symmetric Key Cryptographic Algorithms. Berlin, Germany: Springer, 2022: 141-162.
19	杨小雪, 陈杰, 韩立东. 深度学习在ARX分组密码差分分析的应用. 密码学报, 2022, 9 (5): 923- 935.
	YANG X X , CHEN J , HAN L D . Application of deep learning in differential cryptanalysis of ARX block ciphers. Journal of Cryptologic Research, 2022, 9 (5): 923- 935.
20	陈怡, 包珍珍, 申焱天, 等. 用于大状态分组密码的深度学习辅助密钥恢复框架. 中国科学: 信息科学, 2023, 53 (7): 1348- 1367.
	CHEN Y , BAO Z Z , SHEN Y T , et al. A deep learning-aided key recovery framework for large-state block ciphers. Scientia Sinica(Informationis), 2023, 53 (7): 1348- 1367.
21	VASWANI A, SHAZEER N M, PARMAR N, et al. Attention is all you need[C]// Proceedings of the 31st International Conference on Neural Information Processing Systems. New York, USA: ACM Press, 2017: 6000-6010.
22	YU H S , YANG Z G , TAN L , et al. Methods and datasets on semantic segmentation: a review. Neurocomputing, 2018, 304, 82- 103. doi: 10.1016/j.neucom.2018.03.037
23	孙晓丽, 郭艳, 李宁, 等. 基于seq2seq模型的深度学习密码破译方法. 通信技术, 2019, 52 (9): 2217- 2222. doi: 10.3969/j.issn.1002-0802.2019.09.026
	SUN X L , GUO Y , LI N , et al. Deep learning password deciphering method based on seq2seq model. Communications Technology, 2019, 52 (9): 2217- 2222. doi: 10.3969/j.issn.1002-0802.2019.09.026
24	AUER P. Using upper confidence bounds for online learning[C]//Proceedings of the 41st Annual Symposium on Foundations of Computer Science. Washington D. C., USA: IEEE Press, 2000: 56-64.
25	HOU Z Z , REN J J , CHEN S Z . Improve neural distinguishers of SIMON and SPECK. Security and Communication Networks, 2021, (404): 1- 1178.

[1]	罗旭东, 袁笛, 常晓军, 何震宇. 基于不确定性启发图像增强的水下目标跟踪[J]. 计算机工程, 2025, 51(1): 11-19.
[2]	周雪阳, 傅启明, 陈建平, 陈延明, 陆悠, 王蕴哲. 基于证据和图推理的文档级关系抽取方法: 以医学关系为例[J]. 计算机工程, 2025, 51(1): 106-117.
[3]	杨红菊, 吉昌. 学习驱动的图像压缩算法研究[J]. 计算机工程, 2025, 51(1): 190-197.
[4]	胡涌涛, 黄洪琼. 结合特征融合和通道注意力的多分支换装行人重识别[J]. 计算机工程, 2025, 51(1): 225-234.
[5]	火久元, 苏泓瑞, 武泽宇, 王婷娟. 基于改进YOLOv8的道路交通小目标车辆检测算法[J]. 计算机工程, 2025, 51(1): 246-257.
[6]	郑雅洲, 刘万平, 黄东. 一种基于注意力机制的BERT-CNN-GRU检测方法[J]. 计算机工程, 2025, 51(1): 258-268.
[7]	王骞, 张俊华, 王泽彤, 李博. X2S-Net:基于双平面X线片的脊柱三维重建[J]. 计算机工程, 2025, 51(1): 277-286.
[8]	刘钟, 唐宏, 王宁喆, 朱传润. 融合RNN与稀疏自注意力的文本摘要方法[J]. 计算机工程, 2025, 51(1): 312-320.
[9]	刘兆伟, 方艳红, 郑明宇, 锁斌. 基于注意力机制与多任务的肺部疾病诊断方法[J]. 计算机工程, 2025, 51(1): 332-342.
[10]	李俊俊, 董建刚, 李坤. 基于Kubernetes的集群节能策略研究[J]. 计算机工程, 2024, 50(9): 82-91.
[11]	林畅, 郭伟, 任哲聪, 金海波. 基于Transformer的目标跟踪与分割统一算法[J]. 计算机工程, 2024, 50(9): 130-141.
[12]	李泽霖, 吕兆峰, 陈富强, 李克. 基于多跳信息融合的实体对齐模型[J]. 计算机工程, 2024, 50(9): 142-152.
[13]	王汝英, 马嘉骏, 董建强, 刘万龙, 张海涛, 尹凯, 赵博超. 基于MTS-BiGRU-DMHSA的工业负荷预测方法[J]. 计算机工程, 2024, 50(9): 169-178.
[14]	朱凯, 李理, 张彤, 江晟, 别一鸣. 基于Transformer的多阶段运动模糊图像修复网络[J]. 计算机工程, 2024, 50(9): 276-285.
[15]	张天鹏, 韩晶, 吕学强. 基于多任务学习的超分辨率辅助小目标检测[J]. 计算机工程, 2024, 50(9): 304-312.

选择文件类型/文献管理软件名称

选择包含的内容