See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/365187162

EveGAN: Using Generative Deep Learning for Cryptanalysis

Conference Paper · November 2022

DOI: 10.1145/3548606.3563493

CITATIONS READS
0 140

1 author:

Roger Hallman
CAT Labs (https://catlabs.io/)
52 PUBLICATIONS 217 CITATIONS

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

DAES 2017 : The Third International Workshop on Data Analytics and Emerging Services (DAES) with the International Conference on Engineering and Technology 2017 View
project

IoDDoS -- The Internet of Distributed Denial of Service Attacks View project

All content following this page was uploaded by Roger Hallman on 08 November 2022.

The user has requested enhancement of the downloaded file.

 Poster: EveGAN: Using Generative Deep Learning for
Cryptanalysis
Roger A. Hallman∗
Thayer School of Engineering, Dartmouth College
Hanover, New Hampshire, USA &
Naval Information Warfare Center (NIWC) Pacific
San Diego, California, USA
[email protected]
ABSTRACT
Cryptography and Machine Learning are two computational sci-
ence fields that intuitively seem related. Privacy-preserving ma-
chine learning–either utilizing encrypted models or learning over
encrypted data–is an exploding field thanks to the maturation of
primitives such as fully homomorphic encryption and secure mul-
tiparty computation. However there has been surprisingly little
work on applying recent advances in machine learning to the task
of cryptanalysis, the branch of cryptography that studies how cryp-
tographic ciphers can be attacked. In particular, while a crypto-
graphic cipher seeks to keep certain information secret by making
it appear random, discerning patterns and structure from random
data is a common machine learning task. This poster paper pro-
poses EveGAN, an approach that treats cryptanalysis as a language
translation problem. While treating cipher cracking as a language
translation problem has been validated against a handful of clas-
sical substitution ciphers, the EveGAN approach builds on these
results to create a new class of generative deep learning-based
cryptanalysis attacks.
CCS CONCEPTS
• Security and privacy → Cryptanalysis and other attacks; •
Computing methodologies → Adversarial learning; Neural
networks.
KEYWORDS
Cryptography, Cryptanalysis, Generative Adversarial Networks,
Language Translation, Forgery/Poisoning Attacks
ACM Reference Format:
Roger A. Hallman. 2022. Poster: EveGAN: Using Generative Deep Learning
for Cryptanalysis. In Proceedings of 2022 ACM SIGSAC Conference on Com-
puter and Communications Security (CCS ’22). ACM, New York, NY, USA,
3 pages. https://doi.org/10.1145/3548606.3563493
∗ RogerA. Hallman is partially supported by the United States Department of Defense
SMART Scholarship for Service Program, funded by USD/R&E (The Under Secretary
of Defense-Research and Engineering), National Defense Education Program (NDEP) /
BA-1, Basic Research.
Permission to make digital or hard copies of part or all of this work for personal or
classroom use is granted without fee provided that copies are not made or distributed
for profit or commercial advantage and that copies bear this notice and the full citation
on the first page. Copyrights for third-party components of this work must be honored.
For all other uses, contact the owner/author(s).
CCS ’22, November 07–11, 2022, Los Angeles, Ca, USA
© 2022 Copyright held by the owner/author(s).
ACM ISBN 978-1-4503-9450-5/22/11.
https://doi.org/10.1145/3548606.3563493
3355
1 INTRODUCTION
Cryptography and machine learning are two computational ca-
pabilities that are foundational to modern life; we interact almost
unknowingly with each during the course of an average day. Indeed,
while the two fields may seem wholly separate at first blush there is
a long relationship between them [19]. The “Cambrian Explosion"
of data due to the ever-increasing adoption of distributed sensor
networks, the Internet of Things (IoT), mobile and wearable devices,
and other networked ‘smart’ technologies has led to a public aware-
ness of just how much sensitive information they produce. There
is a natural tension as governments and businesses would like to
utilize this data while the public would like sensitive data kept
private. Privacy-preserving machine learning (PPML) [13], employ-
ing advanced cryptography such as fully homomorphic encryption
(FHE), secure multiparty computation, and differential privacy offer
the ability to utilize this deluge of data while protecting the sen-
sitive information of individual data subjects. However, there are
surprisingly few applications of machine learning to cryptanalytic
attacks against cryptographic systems.
To that end, this paper proposes EveGAN as an approach to
cracking cryptographic ciphers that utilizes recent advancements
in generative deep learning. The key insight is that deciphering
encrypted texts can be thought of as a language translation problem
[9]. Furthermore, if a deep learning system can learn to accurately
decipher an encrypted message, then it should be able to mimic the
encryption algorithm well enough to “encrypt" a fraudulent mes-
sage that can be meaningfully decrypted by encryption algorithm’s
evaluation function. If successful, the EveGAN approach will open
up new classes of cryptoanalytic attacks.
The remainder of this paper is organized as follows: A terse but
sufficient introduction to relevant background information is given
in Section 2. Section 3 presents the EveGAN approach to generative
deep learning-based cryptanalysis. Section 4 presents concluding
remarks, as well as planned future work.
2 BACKGROUND AND RELATED WORK
2.1 Generative Deep Learning and Language
Translation
Deep learning refers to machine learning architectures that are
inspired after human neurological systems [2]. Where many statis-
tical learning approaches perform well with moderately-sized data
sets, deep learning systems tend towards improved performance
as the size of the data set increases. Generative deep learning [18]
seeks to learn the probability distribution for a class of data and
CCS ’22, November 07–11, 2022, Los Angeles, Ca, USA
Figure 1: The EveGAN Cryptanalysis Framework.
then create synthetic data that is similar to that class. Most of the
recent advances in generative deep learning have come from the
field of generative adversarial networks (GANs) [10], which simulta-
neously train generator and discriminator networks to create more
realistic synthetic data. GANs have led to great advances in image
processing [24] and captioning [5], as well as language translation
[22]. Transformers [20], a recently-developed attention-based ar-
chitecture, have led to groundbreaking results in various language
processing tasks [11]. GAN architectures utilizing transformers
[23] have shown convincing results with stylistic text generation.
2.2 Cryptography and Cryptanalysis
Cryptography is a method of keeping information secret and pro-
viding a guarantee that only authorized parties should have access
to it by making that structured data difficult to recognize by appear-
ing to be random. This is distinct from steganography [16], which
attempts to hide information by embedding it in some other object
(e.g., a digital image, a data stream, etc.). With a cryptographic
approach, Alice and Bob would like to share information that they
want to keep secret from an adversary, Eve. There are too many
cryptographic ciphers to mention here and the reader is referred to
[12] for a detailed exposition on classic and modern cryptography.
The “gold standards" for modern ciphers are semantic security [8]
and indistinguishability [17], equivalent criteria [12] guaranteeing
that no adversary has a better than 50% chance of determining
whether a ciphertext 𝑐 is an encryption of two different plaintext
messages 𝑚 1 or 𝑚 2 . Alice and Bob agree on a cryptographic key 𝑘,
then Alice encrypts her message 𝑚 with the function Enc(𝑘, 𝑚) =
𝑐. Bob is able to decrypt 𝑐 with an evaluation function Eval(𝑘, 𝑐) =
𝑚. Eve would like to discover 𝑚 and so she must use cryptanalysis.
Cryptanalysis [6] is the branch of cryptography that studies how
to attack and break cryptographic ciphers, often with the ultimate
goal of recovering the cryptographic key. Attacks on classic ciphers
3356
Roger A. Hallman
rely on knowledge of context (e.g., the plaintext language) and uti-
lize tools of frequency analysis to discover the key. While there are
many strategies to attack a cipher, this work exclusively considers
the ciphertext-only attack [4] wherein Eve can only capture en-
crypted messages. Ciphertext-only attacks have been successfully
leveraged against both classical and modern ciphers.
2.3 Deep Learning and Cryptanalysis
Cryptographic ciphers seek to guarantee data confidentiality by
making it appear random while machine learning systems are often
tasked with finding patterns and order in seemingly random noise
[1]. There have been surprisingly few applications of advanced ma-
chine learning techniques to cryptanalysis attacks. Gohr’s seminal
paper [7] demonstrated the potential for deep learning, successfully
recovering keys by implementing a differential cryptanalysis attack
against the SPECK-32/64 block cipher. More recently, Wenger, et
al. [21] used a transformer-based architecture to recover secret
messages hidden by the Learning with Errors Problem, on which
modern FHE schemes are built. While these results are not immedi-
ately germane to the approach of this paper, their results illustrate
the possibilities for deep learning and cryptanalysis and may inform
future work directions. Ahmadzadeh, et al. [3] used a bidirectional
Recurrent Neural Network model for ciphertext classification from
classical substitution ciphers. Most relevant to this paper’s approach
are instances where machine learning-based language translation
tools were used to decipher ciphertexts from classic substitution
and homophonic ciphers. Knight’s 2011 paper [14] hints at the po-
tential of this approach to produce a reasonable translation of the
Copiale Cipher, an enciphered book that dates to the mid-19th Cen-
tury. A more recent GAN-based approach [9] utilizes CipherGAN,
an adaptation of the CycleGAN architecture, to decipher encrypted
texts from Shift and Vigenère Ciphers, two well-known classes of
substitution cipher.
 Poster: EveGAN: Using Generative Deep Learning for Cryptanalysis
3 THE EVEGAN APPROACH
This work proposes the inverse problem presented in [9]: Can a
deep learning system learn to mimic (i.e., learn a representation of)
a cryptographic cipher well enough that it can produce a synthetic
ciphertext that can be decrypted by the cipher’s evaluation function?
Moreover, while treating cipher cracking as a language translation
problem works for classical substitution ciphers, questions remain
as to whether this approach will work against modern, semantically
secure cryptographic systems.
The basic EveGAN framework (Figure 1) is laid out as follows:
Alice has a series of messages {𝑚 1, ..., 𝑚𝑖 } that she would like to
share only with Bob, therefore she uses a cryptographic cipher to
encrypt her messages and sends Bob the evaluation function so
that he can correctly decrypt Alice’s messages. In keeping with
Kerkhoff’s Principle [15], an adversary is assumed full knowledge
of the system except for the encryption key. The adversary observes
the ciphertexts 𝑥𝑟𝑒𝑎𝑙 in transit from Alice to Bob and processes 𝑥𝑟𝑒𝑎𝑙
with EveGAN in order to generate a synthetic ciphertext which can
be sent to Bob.
EveGAN takes 𝑥𝑟𝑒𝑎𝑙 and inputs it into two modules, (𝑖) a Dis-
criminator Network and (𝑖𝑖) a Ciphertext Classifier that extends
the results from [3]. The ciphertext is taken as representative of
a language. The Discriminator Network is trained to differentiate
between the real and mimicked ciphertext language. The Ciphertext
Classifier module is trained on a prototype of Alice’s cipher and
is used to give the generator network message context 𝑥𝑐𝑙𝑎𝑠𝑠 (e.g.,
message topics, numerical ranges, etc.). The Generator Network
takes a seed message 𝑧 and outputs a synthetic ciphertext 𝑥 𝑓 𝑎𝑘𝑒
which is routed to the Discriminator Network. The Discrimina-
tor Network should reject 𝑥 𝑓 𝑎𝑘𝑒 until the Generator is sufficiently
trained at mimicking 𝑥𝑟𝑒𝑎𝑙 . The Generator Network will eventually
succeed in outputting a synthetic ciphertext 𝑥𝑚𝑖𝑚𝑖𝑐 that fools the
Discriminator Network. EveGAN injects the synthetic ciphertext
𝑥𝑚𝑖𝑚𝑖𝑐 into the stream that gets routed to Bob for decryption.
3.1 Open Questions Raised by EveGAN
EveGAN is a framework that utilizes recent advances in generative
deep learning and language translation for cryptanalysis. This ap-
proach builds on promising results against classical substitution
ciphers [9] but a number of open questions remain: (𝑖) How well
will EveGAN work against modern semantically secure ciphers? (𝑖𝑖)
How will key switches and subsequent retraining affect EveGAN
performance? (𝑖𝑖𝑖) How effective would EveGAN’s mimicked data
be for mounting a poisoning attack against PPML learning models?
(𝑖𝑣) Assuming that EveGAN can effectively mimic Alice’s cipher,
can this achievement be leveraged into a key recovery attack?
4 CONCLUSION AND FUTURE WORK
This paper presents EveGAN, a conceptual cryptanalysis framework
that treats cipher cracking as a language translation problem. As
it is conceptual there is ongoing work, at present validating the
framework against a classical substitution cipher as a proof-of-
concept. Future work will include testing EveGAN against modern
ciphers. Additionally, it would be interesting to test EveGAN against
an applied cipher such as an encrypted control system. This scenario
would be particularly revealing as EveGAN would not just capture
3357
View publication stats
CCS ’22, November 07–11, 2022, Los Angeles, Ca, USA
ciphertexts, but would also observe actions taken which correspond
with observed ciphertexts. If it is successful, the EveGAN approach
will lead to new classes of cryptanalysis attacks against modern
cryptographic systems.
REFERENCES
[1] Najwa Aaraj. 2021. How machine learning and cryptography might
work better together. Blockchain Tribune (December 28 2021).
https://blockchaintribune.com/how-machine-learning-and-cryptography-
might-work-better-together/.
[2] Charu C Aggarwal et al. 2018. Neural networks and deep learning. Springer 10
(2018), 978–3.
[3] Ezat Ahmadzadeh, Hyunil Kim, Ongee Jeong, Namki Kim, and Inkyu Moon. 2022.
A Deep Bidirectional LSTM-GRU Network Model for Automated Ciphertext
Classification. IEEE Access 10 (2022), 3228–3237.
[4] Alex Biryukov and Eyal Kushilevitz. 1998. From differential cryptanalysis to
ciphertext-only attacks. In Annual International Cryptology Conference. Springer,
72–88.
[5] Chen Chen, Shuai Mu, Wanpeng Xiao, Zexiong Ye, Liesi Wu, and Qi Ju. 2019.
Improving image captioning with conditional generative adversarial nets. In
Proceedings of the AAAI Conference on Artificial Intelligence, Vol. 33. 8142–8150.
[6] Christophe De Canniere, Alex Biryukov, and Bart Preneel. 2006. An introduction
to block cipher cryptanalysis. Proc. IEEE 94, 2 (2006), 346–356.
[7] Aron Gohr. 2019. Improving attacks on round-reduced speck32/64 using deep
learning. In Annual International Cryptology Conference. Springer, 150–179.
[8] Shafi Goldwasser and Silvio Micali. 1984. Probabilistic encryption. Journal of
computer and system sciences 28, 2 (1984), 270–299.
[9] Aidan N. Gomez, Sicong Huang, Ivan Zhang, Bryan M. Li, Muhammad Osama,
and Lukasz Kaiser. 2018. Unsupervised Cipher Cracking Using Discrete GANs.
In International Conference on Learning Representations. https://openreview.net/
forum?id=BkeqO7x0-
[10] Ian Goodfellow, Jean Pouget-Abadie, Mehdi Mirza, Bing Xu, David Warde-Farley,
Sherjil Ozair, Aaron Courville, and Yoshua Bengio. 2014. Generative adversarial
nets. Advances in neural information processing systems 27 (2014).
[11] Shigeki Karita, Nanxin Chen, Tomoki Hayashi, Takaaki Hori, Hirofumi Inaguma,
Ziyan Jiang, Masao Someki, Nelson Enrique Yalta Soplin, Ryuichi Yamamoto,
Xiaofei Wang, et al. 2019. A comparative study on transformer vs rnn in speech
applications. In 2019 IEEE Automatic Speech Recognition and Understanding Work-
shop (ASRU). IEEE, 449–456.
[12] Jonathan Katz and Yehuda Lindell. 2020. Introduction to modern cryptography.
CRC press.
[13] Kwangjo Kim and Harry Chandra Tanuwidjaja. 2021. Privacy-preserving Deep
Learning: A Comprehensive Survey. Springer.
[14] Kevin Knight, Beáta Megyesi, and Christiane Schaefer. 2011. The copiale cipher.
In Proceedings of the 4th Workshop on Building and Using Comparable Corpora:
Comparable Corpora and the Web. 2–9.
[15] Thorsten Knoll. 2018. Adapting Kerckhoffs’s principle. Advanced Microkernel
Operating Systems (2018), 93.
[16] Wojciech Mazurczyk, Steffen Wendzel, Sebastian Zander, Amir Houmansadr, and
Krzysztof Szczypiorski. 2016. Information hiding in communication networks:
fundamentals, mechanisms, applications, and countermeasures. John Wiley &
Sons.
[17] Moni Naor and Moti Yung. 1990. Public-key cryptosystems provably secure
against chosen ciphertext attacks. In Proceedings of the twenty-second annual
ACM symposium on Theory of computing. 427–437.
[18] Achraf Oussidi and Azeddine Elhassouny. 2018. Deep generative models: Survey.
In 2018 International Conference on Intelligent Systems and Computer Vision (ISCV).
IEEE, 1–8.
[19] Ronald L Rivest. 1991. Cryptography and machine learning. In International
Conference on the Theory and Application of Cryptology. Springer, 427–439.
[20] Ashish Vaswani, Noam Shazeer, Niki Parmar, Jakob Uszkoreit, Llion Jones,
Aidan N Gomez, Łukasz Kaiser, and Illia Polosukhin. 2017. Attention is all
you need. Advances in neural information processing systems 30 (2017).
[21] Emily Wenger, Mingjie Chen, François Charton, and Kristin Lauter. 2022.
SALSA: Attacking Lattice Cryptography with Transformers. arXiv preprint
arXiv:2207.04785 (2022).
[22] Zhen Yang, Wei Chen, Feng Wang, and Bo Xu. 2018. Generative adversarial
training for neural machine translation. Neurocomputing 321 (2018), 146–155.
[23] Kuo-Hao Zeng, Mohammad Shoeybi, and Ming-Yu Liu. 2020. Style example-
guided text generation using generative adversarial transformers. arXiv preprint
arXiv:2003.00674 (2020).
[24] He Zhang, Vishwanath Sindagi, and Vishal M Patel. 2019. Image de-raining using
a conditional generative adversarial network. IEEE transactions on circuits and
systems for video technology 30, 11 (2019), 3943–3956.