SALSA: Attacking Lattice Cryptography with Transformers

by   Emily Wenger, et al.

Currently deployed public-key cryptosystems will be vulnerable to attacks by full-scale quantum computers. Consequently, "quantum resistant" cryptosystems are in high demand, and lattice-based cryptosystems, based on a hard problem known as Learning With Errors (LWE), have emerged as strong contenders for standardization. In this work, we train transformers to perform modular arithmetic and combine half-trained models with statistical cryptanalysis techniques to propose SALSA: a machine learning attack on LWE-based cryptographic schemes. SALSA can fully recover secrets for small-to-mid size LWE instances with sparse binary secrets, and may scale to attack real-world LWE-based cryptosystems.


page 9

page 10


Machine-Learning Side-Channel Attacks on the GALACTICS Constant-Time Implementation of BLISS

Due to the advancing development of quantum computers, practical attacks...

Lattice PUF: A Strong Physical Unclonable Function Provably Secure against Machine Learning Attacks

We propose a strong physical unclonable function (PUF) that is provably ...

Sapphire: A Configurable Crypto-Processor for Post-Quantum Lattice-based Protocols

Public key cryptography protocols, such as RSA and elliptic curve crypto...

Publicly verifiable quantum money from random lattices

Publicly verifiable quantum money is a protocol for the preparation of q...

Prediction and compression of lattice QCD data using machine learning algorithms on quantum annealer

We present regression and compression algorithms for lattice QCD data ut...

The Polynomial Learning With Errors Problem and the Smearing Condition

As quantum computing advances rapidly, guaranteeing the security of cryp...

A Systematic Study of Lattice-based NIST PQC Algorithms: from Reference Implementations to Hardware Accelerators

Security of currently deployed public key cryptography algorithms is for...