SALSA: Attacking Lattice Cryptography with TransformersDownload PDF

Published: 31 Oct 2022, 18:00, Last Modified: 06 Jan 2023, 19:03NeurIPS 2022 AcceptReaders: Everyone
Keywords: machine learning, cryptanalysis
TL;DR: We propose the first machine learning-based attack on lattice cryptography.
Abstract: Currently deployed public-key cryptosystems will be vulnerable to attacks by full-scale quantum computers. Consequently, "quantum resistant" cryptosystems are in high demand, and lattice-based cryptosystems, based on a hard problem known as Learning With Errors (LWE), have emerged as strong contenders for standardization. In this work, we train transformers to perform modular arithmetic and mix half-trained models and statistical cryptanalysis techniques to propose SALSA: a machine learning attack on LWE-based cryptographic schemes. SALSA can fully recover secrets for small-to-mid size LWE instances with sparse binary secrets, and may scale to attack real world LWE-based cryptosystems.
Supplementary Material: pdf
13 Replies

Loading