Artificial intelligence (AI) techniques can be applied to cryptographic problems in various ways. The goal is to understand potential attacks and security guarantees of cryptographic methods and implementations in more detail. AI can be used to improve or automate attack techniques, but also to create security proofs or to uncover errors in security proofs.
Conversely, cryptographic techniques can also be applied to reduce problems in the application of AI methods, such as methods for privacy-preserving machine learning and inference.

Artificial Intelligence in Side-Channel Analysis

In the last decade, techniques and approaches from machine learning have become well established attack methods in side-channel analysis. In general, the best results can be achieved when machine learning is combined with expert knowledge about plausible sources of side-channel information in a cryptosystem. Currently, in particular the use of neural networks is very successful.

Because of its high practical relevance for the security assessment of cryptographic implementations , the BSI actively follows the progress in the field of side-channel analysis with AI methods and also contributes to research in this area. For example, a BSI team won two sub-disciplines of the international CHES Challenge 2018 by combining a neural network with a SAT solver. The challenge was to determine the secret key of an AES implementation using power-consumption curves. The techniques used by the BSI can be applied in a flexible manner, so the neural network developed by the BSI for the CHES Challenge 2018 could be adapted and further extended to renewed the success of the BSI at the CHES-Challenge 2020, where the task was to break an implementation of the lightweight cipher Clyde-128 that was particularly protected against side-channel attacks. This time, the BSI team was able to win all the prizes that were finally awarded.

BSI Project: AI Methods in Side-Channel Analysis, AI Side-Channel Guide

The vast majority of AI approaches so far have concentrated on the side-channel analysis of symmetric mechanisms; in the area of asymmetrical and post-quantum mechanisms, there are currently only very few or no results at all as to whether and, if so, in what form AI methods can be used for side-channel analysis. For this reason, the BSI has initiated a project to obtain an overview of existing AI approaches in the area of side-channel analysis, with a focus on asymmetric mechanisms. One of the central aspects of the project is an analysis of the question which AI approaches can be taken over from the area of symmetric cryptography or adapted if necessary and where there are general differences between symmetric and asymmetric mechanisms. Furthermore, comparisons of AI-based attack methods with classical statistical methods are to be carried out, whereby in particular the question is to be examined whether AI methods are superior or inferior to classical methods in certain aspects or whether both approaches can be profitably combined.

Due to the great importance of side-channel attacks in practice, the BSI has published guidelines with minimum requirements for side-channel analysis of RSA and ECC implementations (see side-channel resistance). In addition to that, a foundational document and a further AI guideline were created as part of the last revision. The foundational document provides an overview of the essential concepts, methods and evaluation principles (“best practices”) in the field of side-channel and fault analysis, while the AI guideline deals with machine-learning methods in the context of side-channel analysis and will also serve as a basis for evaluating implementations in terms of their side-channel resistance in the future.

Artificial Intelligence in Cryptanalysis

Mathematical cryptanalysis focuses on assessing the security of cryptographic mechanisms by examining attacks that exploit only the mathematical properties of these cryptographic algorithms. There are numerous cryptographic mechanisms that are considered secure against this type of attacks. However, this security nowadays cannot generally be rigorously proven mathematically. Therefore, researching new attack methods is crucial to identifying potential vulnerabilities in cryptographic systems at an early stage.

The application of AI techniques to the analysis of cryptographic algorithms is a relatively recent development. The German Federal Office for Information Security (BSI) made a significant contribution in this field with its Paper at Crypto 2019, providing important new impulses. Since 2019, various other research groups have followed up on this topic with additional studies.

BSI projects: AI-assisted Analysis Methods for Symmetric Cryptography

Building on these preliminary works, a team from Ruhr University Bochum, led by Prof. Dr. Gregor Leander and Prof. Dr. Asja Fischer, investigated the potential of AI in analyzing and evaluating symmetric cryptographic algorithms as part of two consecutive BSI projects. One of the key objectives of these projects is the development of AI-driven tools that can contribute to the security assessment of symmetric ciphers. The final report of the first project is available here:

AI-supported Analysis Methods for Symmetric Cryptography

Further AI Topics at BSI

The BSI also deals with numerous AI topics beyond cryptography. The BSI considers both concrete AI systems and general AI methods and examines them in the context of IT security.