SALSA: Attacking Lattice Cryptography with Transformers

Emily Wenger; Mingjie Chen; Francois Charton; Kristin Lauter

SALSA: Attacking Lattice Cryptography with Transformers

Emily Wenger, Mingjie Chen, Francois Charton, Kristin Lauter

Published: 31 Oct 2022, Last Modified: 06 Jan 2023NeurIPS 2022 AcceptReaders: Everyone

Keywords: machine learning, cryptanalysis

TL;DR: We propose the first machine learning-based attack on lattice cryptography.

Abstract: Currently deployed public-key cryptosystems will be vulnerable to attacks by full-scale quantum computers. Consequently, "quantum resistant" cryptosystems are in high demand, and lattice-based cryptosystems, based on a hard problem known as Learning With Errors (LWE), have emerged as strong contenders for standardization. In this work, we train transformers to perform modular arithmetic and mix half-trained models and statistical cryptanalysis techniques to propose SALSA: a machine learning attack on LWE-based cryptographic schemes. SALSA can fully recover secrets for small-to-mid size LWE instances with sparse binary secrets, and may scale to attack real world LWE-based cryptosystems.

Supplementary Material: pdf

13 Replies

Loading