Construction of distinguishers for iterative block ciphers on the base of neural networks

We present a new machine learning approach for creating distinguishers (or distinguishing attacks) for iterative block ciphers with a variable number of rounds. A main idea of the approach is based, firstly, on the observation that block cipher ciphertexts (if represented as images) have different textures (patterns) depending on the number of rounds and, secondly, on the fact that modern neural networks can classify images with high accuracy. So, we suggest to represent ciphertexts as images and train neural network to recognize them. In such a case, a level of the ciphertexts randomness can be determined by a classification error value. We introduce two methods that can be used for practice: the “etalon-ciphertext” method and the “neighbor-rounds” method. It has been experimentally demonstrated that the “etalon” method is slightly more accurate than the “neighbor-rounds” method, however, it requires an etalon sequence of true-random numbers or, at least, numbers with good statistical properties. At the same time, the second method requires only one cipher. In our experiments, we used the AES256 cipertext as the etalon, however, any other proper random number generator can be used. In both cases, the classification error converges to 50 % when the number of rounds increases. Both methods can also be employed in order to estimate the minimal number of rounds which provides acceptable statistical properties of the ciphertext.