The Dichotomy of Neural Networks and Cryptography

NIn recent years, neural networks and cryptographic schemes have come together in war and peace; a cross-impact that forms a dichotomy deserving a comprehensive review study. Neural networks can be used against cryptosystems; they can play roles in cryptanalysis and attacks against encryption algorithms and encrypted data. This side of the dichotomy can be interpreted as a war declared by neural networks. On the other hand, neural networks and cryptographic algorithms can mutually support each other. Neural networks can help improve the performance and the security of cryptosystems, and encryption techniques can support the confidentiality of neural networks. The latter side of the dichotomy can be referred to as the peace.  There are, to the best of our knowledge, no current surveys that take a comprehensive look at the many ways neural networks are currently interacting with cryptography.

neural network;cryptography;cryptanalysis;survey

1. Introduction

In recent years, artificial neural networks (ANNs), simply referred to as neural networks (NNs) have been of great interest to the research community. They consist of layered networks of nodes meant to mimic a human brain, where the nodes represent biological neurons and the connections between them represent the synapses. Neural computing, as technology and a field of research has a wide ecosystem. It is in close interaction with many scientific and technological fields. NNs support a range of technological fields including medical technology [1] as well as image processing [2], cloud computing [3], aerospace technology [4], meteorology [5], and especially in security-related technologies [6][7][6,7]. Moreover, several technologies and sciences such as chaos theory [8], frequency-domain transforms [9], genetic algorithms [10] and Digital Signal Processing (DSP) [1] are supporting neural networks as enablers.

23. War: Neural Computing against  Cryptography

2.1. Detecting Malicious Encryption

3.1. Detecting Malicious Encryption

Detecting and locating malicious encrypted data can help detecting ransomware and other kinds of malware. Some researchers have focused on the applications of NNs in this area [11][36]. Some research works focusing on malicious encryption detection in software code and network traffic are briefly reviewed in the following. Cryptography can be used to hide malicious data until it is needed. When encrypted data is detected and it cannot be decrypted, there is normally no way to tell if it is malicious or not. It has been proposed to use machine learning models to identify encrypted files and network traffic as malicious.

23.1.1. Software  Code

Cryptography is a tool that can protect the confidentiality of data, while often used to the benefit of users it can be used by attackers to hide malware on a system until it is needed or obfuscate network traffic. It can be difficult to identify malware that is able to encrypt data as it might require reverse engineering the suspicious program and applying a thorough understanding of many encryption methods [12][37]. It has been found that NNs could simplify the process of detecting encryption in obfuscated programs. This section will discuss some researchers applying NNs to detecting encrypted malicious code. Wright and Manic [13][38] built a NN system trained with error back propagation that analyzes the ratio of certain opcodes that are commonly used by cryptographic algorithms. Trained on functions in OpenBSD it was found this system could identify most typical encryption functions regardless of compiler optimization or specific implementation, but failed to detect methods that operate sufficiently different from typical encryption methods such as elliptical curve cryptography and public key encryption. Jia et al. [12][37] propose solving this issue with a NN model called K-max-CNN-Attention that looks for common instruction patterns rather than relative instruction density. The improvements this model brings is in the move to a convolutional NN (CNN), which interpret blocks of data maintaining the original structure and a better preprocessing scheme which simplifies the input enough to be meaningful to the NN but leaving more information to be interpreted, while these changes improve on performance and accuracy of existing techniques Jia et al. [12][37] speculate that better accuracy could be achieved by changing the preprocessing and classification models to consider non-sequential execution of code.

2.2. Cryptanalysis

3.2. Cryptanalysis

Cryptanalysis is the processes of finding vulnerabilities in ciphers by studying their operation. This is usually completed with knowledge of some combination of the cipher text, plain text, and key. Though it is often associated with attacks on cryptogrphic systems, cryptanalysis can be used to audit current systems to improve them. In some cases, cryptanalysis can be considered as an aggressive activity against cryptosystems, because it can be conducted in an initial stage of an attack. There have been some attempts at creating cryptanalysis attacks to directly decrypting cipher text using NNs. Apolinhrio Jr. et al. found an early cryptanalysis application for NNs reordering blocks of audio data scrambled with time segment permutation scrambler [14][41]. Their Hopfield network, trained with simulated annealing with a “genetic algorithm” approach on a small set of words, was able to meet the performance of exhaustively searching for a solution [14][41]. Ruzhentsev et al. attempted to apply neural nets to decrypt 8 bit cipher texts from a substitution permutation cipher using the same key for the training set and the test set [15][42], while they did not find complete success decrypting cipher texts this way, they found it possible to decrypt 232 out of the 256 possible cipher texts with the average number of wrong bits in each erroneous decryption being 1.3. Other papers focused on applying NNs to determine some amounts of the key used to encrypt a cipher text, possibly reducing the amount of time needed to guess the correct key. Abassal and Wahdan propose an attack specific to Feistel block ciphers using NNs to determine the key but was limited to only the cipher the neural net is designed for [16][43]. Danziger and Henriques studied how effective NNs could be at cryptanalyzing S-DES ciphers [17][44]. In particular they attempted to determine key bits based on a given plain text and it’s corresponding cipher text. Their test found that certain bits of the key were more easily determined due to problems with the substitution box being used by the cipher. Xiao et al., utilized NNs to quantify the strength of ciphers by predicting cipher text based on the plain text [18][45]. Using this approach only ciphers as strong as DES-3 were successfully mimicked, though the researchers suggested that using a neural net architecture that more closely reflected that of the cipher being analyzed would be more capable. NNs have also been used to analyze cipher operation in order to encrypt data. Khan et al. tested the application of neural nets to directly replicate the functionality of a cipher by training some models on cipher, plain text pairs with and without knowledge of the key [19][46]. Hsiao et al. proposed a different system, training a NN to analyze the output of multiple time-delay chaotic system in order to approximate its output and synchronize a second multiple time-delay chaotic system as a means for establishing an encrypted communication over a public channel [20][47].

2.3. Vulnerability Analysis

3.3. Vulnerability Analysis

Vulnerability analysis is the act of evaluating threats to security or cryptographic systems and networks. This process will identify and assess these systems and networks for flaws that could lead to exploitation by malicious actors. Like the case of cryptanalysis, vulnerability analysis can help an adversary design the attack scenario against a cryptosystem. There are a few research works where NNs have been used to analyze the vulnerabilities of cryptosystems. The use of feed-forward NNs FNNs has been applied to the vulnerability analysis of Physical Unclonable Functions (PUFs) [21][48]. More specifically FNNs are being used to model out attack scenarios against the Challenge Response Pairs (CRPs) of the PUFs [21][48]. It was found that given very few CRPs as a baseline, an FNN using the Dragonfly Algorithm(DA) was able to accurately predict more challenge–response pairs with a 85.2% accuracy attacking the Configurable Ring Oscillator PUF and 71.3% against the XOR-inverter Ring Oscillator PUF [21][48]. DA works by moving neurons as dragonflies, moving them closer to the goal (food sources) and away from bad predictions (enemies) by using the neurons as dragonflies on a dimensional grid with speed and velocity [21][48].

2.4. Attack

3.4. Attack

Some researchers have been able to develop attacks on cryptogrphic systems leveraging the features of NNs. In some research works, NNs have been directly used to attack cryptosystems. It has been shown that symmetric ciphers can be broken by using Real-time Recurrent NNs (RRNN) with Chosen Plaintext Attack (CPA) [22][49]. As another example, UFnet, a NN using ReLU activation functions and Xavier initialization techniques, can predict the responses of double-arbiter physically unclonable functions (PUFs) [23][50].

34. Peace: Coexistence and  Alliance

3.1. Coexistence

4.1. Coexistence

It has been proposed to use NNs trained on encrypted data. Since there is a noticeable performance drop when using encrypt data, either in processing time accuracy or both. The methods to address this are twofold, developing infrastructure that can better support using encrypted data or tailoring the encryption scheme and the Neural net to improve accuracy and reduce training and processing time.

34.1.1. NNs Adapted to Encrypted  Data

Researchers are working on the design of NNs capable of being applied on encrypted data. To this end, NNs need to be able to be trained over encrypted datasets, and process encrypted input data. Training NNs on normal data can be computationally expensive. However training on encrypted data can be even more expensive. To reduce the extra cost of using encrypted data researchers have proposed several efficiency increasing methods.

NNs Trained over Encrypted Datasets

To train NNs on encrypted data, very large and diverse datasets are needed. Instead of coming up with individual training datasets for each new model it is common to create a database of standard training data. Xu et al. proposed a framework to securely share encrypted data sets from multiple sources, comparing the model training time and accuracy to that of MINST data sets [24][51]. Xu et al. proposed another different framework which applies functional encryption scheme to cloud AI service architectures where user supplied data is processed by the service provider [25][52]. Another consideration is the extra complexity of creating a model to understand information that is not meant to be readable as would be the case creating a model which can process encrypted data. In order to train a NN on data that has to be permuted to maintain privacy, Molek and Hurtik proposed using a fully connected auto encoder as a preprocessor for a convolutional NN to make the encoded data more readable [26][53]. Similarly Nandakumar et al. developed a method of training a NN on fully homomorphicaly encrypted data [27][54]. By making some optimizations in training a small drop in accuracy is traded to reduce the time needed to train on encrypted data from 6.5 h to 40 min.

3.2. Alliance

4.2. Alliance

Aside from training NNs on encrypted data, NNs have also shown to be useful to improve the functionality of cryptographic systems and vice versa.

34.2.1. The Role of NNs in  Cryptography

NNs have been applied to improving several aspects of cryptographic systems from encrypting several data types to key management and generally securing different aspects of cryptographic systems. Neural Cryptography: Neural cryptography refers to the application of mutual learning, self learning, and stochastic behavior of neural networks as well as similar algorithms in the design, implementation, or evaluation of any cryptographic algorithm, device, system, or scenario. Particularly, neural networks have been used as enablers in the design of several cryptographic mechanisms, which are implemented as individual modules in cryptosystems. This should be considered an important aspect of neural cryptography.
  • Key Management: Neural Cryptography has been applied to key management in many different ways, some have researched its use in concealing keys in Deep NNs [28][81], while others have researched the use of NN’s using tree parity machines as a way to distribute keys of a symmetric encryption system [29][82]. A more novel approach uses Artificial Spiking NNs (ASNNs) to create keys for a symmetric block cipher algorithm with the ability to use any block size [30][83]. This method provides no need for key exchange [30][83]. The environment systems itself uses a semblance of public key cryptography where the public key is the seed used to generate the private key on both sides [30][83]. Additional approaches to neural cryptography symmetric key exchanges involve using a 3D cube algorithm in order to induce secrets on the receiver side or search guided gravitational neural keys [31][32][84,85].
  • Random Number Generation: Neural cryptography has guided the verification of Pseudo Random Number Generators (PRNGs) by picking up on statistical biases unknown to humans [33][86]. This is achieved using neural cryptography to detect the difference between actual output and desired ideal random numbers [33][86].
The use of neural cryptography for encryption [34][87] and decryption [35][88] has received a focus from the research community in recent decades [36][37][38][89,90,91]. Different security models have been proposed based on neural cryptography [39][92] and different kinds of NNs [40][93] have been used for design and implementation of cryptosystems [41][94]. This effort has led to the development of different types of neural cryptosystems [41][42][94,95]. In the following, rwesearchers use the research literature to establish an ecosystem for neural cryptography. This ecosystem consists of applications, enablers, and challenges.
  • Applications: The applications of neural cryptography can be studied in the following lines.
    Encrypting Different Content Types: Neural cryptography has been successfully tested on different content types, among which one may refer to the following.
    Image: Regular scrambling-diffusion image encryption suffers from many vulnerabilities [43][96]. Particularly both the scrambling and diffusion are performed independently meaning an attacker can attack each separately [43][96]. With neural cryptography this vulnerability can be resolved. More specifically using an algorithm that performs the initial scrambling and diffusion in parallel then a second diffusion from a Hopfield chaotic NN trained [43][96]. This allows not only for the protection from the aforementioned independent cracking of the scrambling and diffusion steps, but also resists chosen plaintext attacks [43][96]. Other groups have also implemented parallelization in their neural cryptography encryption algorithms, electing instead to perform these operations using cellular NNs and block encryption to create an algorithm based on the feistel framework [44][97]. Cellular NNs are being used in all kinds of Image Encryption software, including an encryption scheme that uses the hyper chaotic system sequences of a cellular NN to shuffle around the bit of an image before performing a bit-wise XOR [45][98]. It is important to note that this method uses asymmetric RSA for key exchanges [45][98]. This can pose an issue since the security of the model relies then on the RSA key and not the Neural Cryptography system [46][99]. To resolve this issue a NN at the receiver end and a stochastic encryption method at the senders end can be used to eliminate the need for key exchanges all together [46][99]. Finally, Wavelet Chaotic NNs (WCNN) and chaotic NNs have also been used for secure encryption and decryption of images [47][100]. However, research has shown that WCNN provides stronger ciphertext [47][100]. Furthermore, during transmission the only data that would need to be sent is approximation coefficients, reducing the size of the ciphertext drastically [47][100].
    Video: For video encryption of the MPEG-2 video code, research has shown that using Chaotic NNs to encrypt the bitstream results in high entropy and high key sensitivity, both desirable results for security [48][101]. This model transmits data via the Orthogonal Frequency Division Multiplexing (OFDM) modulation technique and controls the bit rate and quality of the decrypted video [48][101]. A hybrid chaos and NN cipher encryption algorithm for compressed video signal transmission over wireless channel.
    Text: While image and video encryption introduces new types of encryption, some approaches taken for text encryption have been to improve upon existing systems to provide new cryptographic schemes. Some groups have used Neural cryptography to encrypt plaintext, generating both a secret key and a hash using the Auto Encoder NNs (AENN) [49][102]. AENN is a NN meant to provide the least possible distortion to the resulting ciphertext, this allows ciphertext normalization to still appear as ascii [49][102]. Another improvement of schemes is the use of secret dimensions of a NN model as key instead of relying on asymmetric keys and trapdoor functions [50][103]. The application of delayed Chaotic NNs to generate binary sequences has also been researched in text encryption [51][104]. The binary sequence is used to create the key for the first level of encryption [51][104]. Then used in conjunction with DNA cryptography to create a secure ciphertext [51][104].
    Applications in Security-Related Scenarios: There are some security-related scenarios, which depend on cryptography. Neural networks have been used by researchers in many of these scenarios. To mention a few, researchwers may refer to the following.
    Privacy: The security of ubiquitous computing has seen great improvement due to Neural cryptography. The idea of neural synchronization to generate shared keys is currently one that provides real-time security for systems already in place [52][105].
    Authentication: While issues with WiMAX have been thoroughly documented [53][106]. Neural Cryptography proposes solutions to authentication and authorization by creating neural synchronized key pairs [53][106]. To achieve this neural synchronization two NNs are created with the same weight changing algorithm and passed the same input [54][107]. To achieve neural synchronization boundary conditions are set, whenever both weights shift to the same direction and one of the networks touches the boundary, the boundaries close tighter eventually leading to neural synchronization [54][107]. RFID has seen many problems due to having no international standards and posses security risk, one proposed solution [55][108]. Involves using a tree parity NN in order to perform key generation [55][108]. Biometric recognition for authentication has also seen support from deep recurrent NNs in order to increase accuracy and performance of models [56][109].
    Steganography: Stenography is the study of hiding messages within something that is not a message, in some cases an image. One way to achieve this using neural cryptography is to first perform Discrete Cosine similarity Transform and Elliptic Curve Cryptography to first encrypt the image you would like to hide [57][110]. Then using a Deep NN this message is embedded into a host image [57][110]. Other groups have achieved similar results of image using Self-Organizing Map (SMO) NNs with 26 clusters for every letter of the alphabet [58][111]. Research has also been conducted to hide messages within sound [59][112]. To accomplish sound stenography, SMO’s are used again with 27 clusters, 1 for every letter in the alphabet and then a cluster for the space between words [59][112].
    Visual Cryptography: One drawback of visual cryptography is its lack of evaluation criteria [60][113]. One group proposed a method of evaluating the desirable results of visual cryptography would be encryption-inconsistency and decryption-consistency [60][113]. Visual cryptography via NNs can be achieved by passing a Q’tron NN a set of greyscale images and the output be a set of binary images [61][62][114,115]. Other types of NNs used for visual cryptography includes Pi-Sigma NNs, which is a double layered feed forward network [63][116]. Allowing for fewer communications between sender and receiver with higher security [63][116].
    Technological Applications: The recent literature comes with several successful applications of neural cryptography in the technology. Some of these applications are studied below.
    Applications in Industry: A large contribution to NN in technology comes from its applications for secure wireless communication [55][64][65][108,117,118]. After proof of its security was published [66][119]. Particularly, NN have been used with Fast Handover Protocol in place of MIPv6 to replace its short comings, allow the encryption of large scale satellite images for secure transmission and decryption efficiently and lightweight implementation for key systems in an IoT environment [64][67][68][117,120,121]. Other applications of Neural Cryptography has allowed for homomorphic encrpytion to be applied to cloud services for secure communication and noise compression, as well as intelligent transportation systems to allow confidentiality of personal information [69][70][122,123]. Finally, chaotic NNs has seem many applications as well [71][72][73][124,125,126]. To note, hyper chaotic systems and chaotic Feistel transform and time synchronization with multiple dimensions have allowed the resistance of plain text attacks and brute force attacks within the physical layer [72][125[73],126].
    Applications in Medical Technologies: Applications of neural cryptography in the field of medicine have come from the requirement of keeping patient images confidential [74][127]. One approach uses a Hermite Chaotic NN in two rounds, first a chaotic sequence is generated from a logical mapping and used to train the NN, then the image is passed into the network to generate a key for encryption [75][128]. Other methods of security proposed involve using the Region of Non-Interest in the image in order to watermark the image [74][127].
  • Challenges:
    NN Type Selection: A look at the literature shows that different kinds of NNs are useful for different applications. NN type selection is critical to the ability of neural cryptography to be successful, one group has even used NNs to effectively create new cryptography based off NN training [76][129]. Investigated the use of Complex-valued tree parity machines in order to perform key synchronizations and how CVTPM’s can be seen as more secured to create key synchronizations than using simple tree parity machines [77][130]. Achieved postquantum key exchange protocols by using NNs in order to augment Diffie–Hellman key exchange protocols by using multivariate cryptosystems [78][131]. Explored the relationship between cryptographic functions and the learning abilities of RNN [79][132[80],133]. Used Principle Component Analysis NNs to generate random numbers for a chaos encryption system [81][134]. Other groups have experimented with cellular NNs with iterative interchangeability to produce encryption that allows flat historgrams for randomness and bias [82][135]. Back-propogating NNs in order to provide strong image compression-encryption using a fractional-order hyperchaotic system [83][136]. unbounded inertia NNs with input saturation in order to obtain good cryptographic properties [84][137]. Memristive bidirectional associative memory NNs for colored image encryption [85][138]. Uses recurrent NNs parallel processing speed to increase the performance of encryption, also proposes a symmetric encryption scheme allowing for variable message and block sizes for data integrity and data encryption [86][87][139,140]. A look at the literature shows that different kinds of NNs are useful for different applications.
    Hardware Implementation: A successful implementation of Izhikevich’s neural model has been created using SIMECK block cryptography to allow the spiking NN to perform authentication [88][141].
    Neural Physically Unclonable Function (PUF): A Physically Unclonable Function is a physical device that when provided with challenges provides a response that acts as a digital finger print. The uniqueness of these fingerprints relies on the physical variations created during manufacturing of the device. Neural PUF are PUFs with NNs embedded into the hardware in an attempt to make them resistant against attacks from NNs learning the outcome of challenge response pairs [89][142]. It is well known that Strong PUF’s can have their pattern recognized by NNs, thus it is suggested to used a WiSARD NN in order to add machine learning resistance to strong PUF’S [89][142]. Further ways to disallow NNs to learn from challenge responses of PUF’s is to use analog NNs [90][143]. Moving on to hardware purposes, researches have created a 1-bit PUF with a 2 neuron CNN with good metrics for robustness [91][144]. Other uses for NNs in the space of PUF’s involve Error Coding Correction for keys which provides more efficient corrections than standard models [92][145]. Finally, Tests have been conducted to show there is feasibility in using NN based PUF’s for authentication purposes [93][146].
    Security Evaluation: Here reswearchers discuss attacks on previously mentioned cryptographic systems [94][95][147,148]. First rwesearchers note a majority attack on neural synchronization via NN to provide secret keys, this attack is possible due to many cooperating attackers [94][147]. Then reswearchers view the lack of side-channel resistance in tree parity machine NNs and how you can obtain the secret weight vector via this side channel attack [95][148]. Finally, rwesearchers look at a power analysis attack on NNs in order to discover their secret information and then propose resistances against these types of side channel attacks [96][149]. Although NNs are susceptible to the aforementioned attacks, it also provides resistances to the more commonly known vectors of classical cryptography [97][150].
    Synchronization: Synchronization of NNs is when a client and network exchange output of NN’s with the goal of having identical weights for synapses. Following with the derivation of a shared key using these keys. Researchers use Period Self-Triggered Impulses to attempt synchronization of NNs and then applied the NN to encrypted images [98][151]. There has also been study into the generalization of synchronization by using Discrete Time-Array Equations [99][152]. Other papers investigate the use of lag within the neuron activation functions of a network of NNs in order to provide secure synchronization [100][153]. Papers have also tested different reaction-diffusion technique of Lyapunov time-dependent impulses within NNs to see its applicability to encrypting images [101][154]. Synchronization for arrays in a network system can also be achieved by using master-slave synchronization of a delayed NN [102][155]. The use of memristor-based models and its chaotic properties have also been studied in regards to its image encryption capabilities [103][156]. Other memristive models using lyapunov functions have also been used for image encryption [104][157].
    Asynchronous Neural Cryptography: Asynchronours Neural cryptography is neural cryptography where synchronization of the sender and receiver model need not be conducted, in fact they can calculate their weights separately based on information passed to each other via encryption schemes such as one time pad [105][158]. Produce a chaotic time series using a chaotic NN and use that to encrypt plaintext [105][158], while the method does have its errors the proposed encryption scheme to use in conjunction, a one-time pad, does alleviate those problems [105][158].