CS3072/CS3605 Final Year Project: Task 1 - Project Synopsis

Provisional Title: Implementation of Post Quantum Encryption

using Neural Networks

Brunel Student ID: 1339404

Supervisor: Dr Stephen Swift

Programme: Computer Science BSc

Specialism: none

November 11, 2016

1 Problem Definition

The majority of cryptographic systems currently in use fall under the pervue of factorization of primenumbers as well as discrete logarithms; which on classical computers has an exponential asymptoticrunning time. However thanks to [Shor, 1997] which is a rewrite of his paper in 1994, it has been proventhat on a quantum computer the same problems have a polynomial asymptotic running time.

This discovery by Peter Shor in conjunction with the ubiquitousness of authentication and encryptionwithin the modern digital world gives rise to the very real and immediate need for research and develop-ment into practical post-quantum cryptographic (cryptography resistant to Shor’s Algorithm) systemsthat can replace existing infrastructure [Campagna et al., 2015].

2 Aims and Objectives

The aim of this project is to develop a system that will implement [Kinzel and Kanter, 2002] key exchangealgorithm as well as using the tree parity machines used for this key exchange as a form of stream cipher.

The objectives needed to achieve this are as follows:

1. Complete a literature review of the relevant sources to inform my design.

2. Design a solution revolving around the work packages in figure 1.

3. Implement the following work packages to meet the project aim:

Figure 1: Work Packages

4. Thoroughly test the implemented solution using methods discussed in the evaluation section.

5. Write a dissertation documenting this project its results and conclusions.

1

3 Background Sources

A significant body of work developed over the last 16 years pertaining to the field of post-quantumcryptography some of which are described by [Perlner and Cooper, 2009, Chen et al., 2016]; howeverrelatively few opensource or commercial systems seem to have been implemented as yet.

One noteable exception to this is [NTRUCrypt, ]: a fast lattice based encryption(NTRUEncrypt) andauthentication(NTRUSign) mechanism that has already been implemented as [WolfSSL, ] an SSL/TLSlibrary and as a plugin for the [StrongSwan, ] VPN system.

Another area that has shown promise, and the one that I would like to make the focus of this project,is Neuro-Cryptography.

In a similar vein, the objectives of this project would be to design and implement an encryption and/orauthentication mechanism that is resistant to Shor’s algorithm, and to evaluate the efficacy of such amechanism as a replacement for current prime factorisation and discrete logarithm based ciphers.

[Kinzel and Kanter, 2002] showed how Neural Networks (specifically tree parity machines) could be usedto provide a secure symetric key exchange protocol(where the weights of the trained synchronised net-works are used as a symetric key), and a fair few papers have built on this work and explored it further[Shihab, 2006][Al-Maitah, 2014], including the its suceptability (and lack thereof) to various attack vec-tors [Mislovaty et al., 2004, Shacham et al., 2004, Ruttor et al., 2006]. However there is very little workwhich I have found which covers the actual usage of these symetric keys to encrypt a message, with theexception of [Shrestha, 2010, Singh and Aarti, 2013] who all combine these keys with an implementationof AES as the encryption mechanism.

I would like to explore the use of neural networks as a mechanism for message encryption in conjunctionwith the key exchange protocol set out by [Kinzel and Kanter, 2002].

4 Approach

In the development of the software necessary for this project I will be taking a Test Driven Developmentapproach, with the acceptance tests(implemented using cucumber) providing the definition of whether aparticular piece of functionality is ”done”. This allows for constant testing and easy feature managementof the product hopefully leading to less bugs and quicker overall development. The language used forthis project will be C++ as is is fast and flexible and their is still a good deal of support for it, includingthe automated build system ”CMake”, which allows me to integrate the compilation, documentation,and testing into one easily managed build script that is cross compatible.

I plan on using a scaled down version of scrum, taking from it the ideas that are salient to a smallerscale project as well as my own personality; I will be using a digital scrum board, and while it does notseem practical to have a daily scrum, the weekly meetings with my supervisor will fulfill that role. Ihope that this will keep me on top of the project and will bring to the fore any issues that I might havein a timely way.

As this project does not deal with users or user data, their will be no need for user data collection andhence no ethical issues that I can identify.

5 Evaluation

I plan to evaluate this project both analytically and empirically; The analytical part of the evaluationwill be comprised of:

1. Computing the assymptotic running time and the Order of the algorithm (Big-T and Big-O)evaluating the algorithm on this basis against other cryptography systems.

2. Computing the number of permutations needed to brute force the algorithm(under ideal conditions)and combining this with the assymptotic running time work out the predicted brute force effortneeded to crack. This would be evaluated for different sizes of input vector and network depth.

2

The empirical portion of the analysis would be comprised of:

1. verify the claims of [Kinzel and Kanter, 2002] with regards to claims of being secure against aman-in-the-middle style attack by simulating this for different sizes of input vector and networkdepth.

2. using a brute force method to attack the system in order to back up the findings of the analyticalevaluation.

3. Using the findings of [Perlner and Cooper, 2009] in their survey on ”Quantum Resistant Public KeyCryptography” to compare the empirical running times observed in (1) with other well known cryp-tography algorithms, including classical algorithms such as AES and 3DES. [Perlner and Cooper, 2009]also gives figures for key sizes needed to achieve particular encryption levels which provide anotherlevel of comparison.

References

[Al-Maitah, 2014] Al-Maitah, M. (2014). Appliance of neuron networks in cryptographic systems. Re-search Journal of Applied Sciences, Engineering and Technology, 7(4):740–744.

[Campagna et al., 2015] Campagna, M., Chen, L., Dagdelen, ., Ding, J., Fernick, J. K., Gisin,N., Hayford, D., Jennewein, T., Ltkenhaus, N., Mosca, M., Neill, B., Pecen, M., Perl-ner, R., Ribordy, G., Schanck, J. M., Stebila, D., Walenta, N., Whyte, W., and Zhang, Z.(2015). Quantum safe cryptography and security: An introduction, benefits, enablers and chal-lenges. ETSI White Paper 8, European Telecommunications Standards Institute. [available fromhttp://www.etsi.org/images/files/ETSIWhitePapers/QuantumSafeWhitepaper.pdf].

[Chen et al., 2016] Chen, L., Jordan, S., Liu, Y.-K., Moody, D., Peralta, R., Perlner, R., and Smith-Tone,D. (2016). Report on post-quantum cryptography. NISTIR 8105, National Institute of Standards andTechnology, U.S. Department of Commerce. [available from http://dx.doi.org/10.6028/NIST.IR.8105].

[Kinzel and Kanter, 2002] Kinzel, W. and Kanter, I. (2002). Neural cryptography. eprint arXiv:cond-mat/0208453.

[Mislovaty et al., 2004] Mislovaty, R., Klein, E., Kanter, I., and Kinzel, W. (2004). Security of neuralcryptography. In Electronics, Circuits and Systems, 2004. ICECS 2004. Proceedings of the 2004 11thIEEE International Conference on, pages 219–221.

[NTRUCrypt, ] NTRUCrypt. NTRUOpenSourceProject. Software, Security Innovations. [GitHub repos-itory available from https://github.com/NTRUOpenSourceProject].

[Perlner and Cooper, 2009] Perlner, R. A. and Cooper, D. A. (2009). Quantum resistant public keycryptography: A survey. In 8th Symposium on Identity and Trust on the Internet(IDtrust2009)),pages 85–93. [NIST].

[Ruttor et al., 2006] Ruttor, A., Kinzel, W., Naeh, R., and Kanter, I. (2006). Genetic attack on neuralcryptography. Phys. Rev. E, 73:036121.

[Shacham et al., 2004] Shacham, L. N., Klein, E., Mislovaty, R., Kanter, I., and Kinzel, W. (2004).Cooperating attackers in neural cryptography. Phys. Rev. E, 69:066137.

[Shihab, 2006] Shihab, K. (2006). A cryptographic scheme based on neural networks. In Proceedings ofthe 10th WSEAS International Conference on COMMUNICATIONS, pages 7–12. [WSEAS].

[Shor, 1997] Shor, P. W. (1997). Polynomial-time algorithms for prime factorization and discrete loga-rithms on a quantum computer. SIAM J. Comput., 26(5):1484–1509.

[Shrestha, 2010] Shrestha, S. (2010). C++ Implementation of Neural Cryptography for Public KeyExchange and Secure Message Encryption with Rijndael Cipher. Research paper and software, De-partment of Electronics and Computer Engineering, Tribhuvan University - Kathmandu EngineeringCollege, Nepal. [GitHub repository available from https://github.com/sagunms/NeuroCrypto].

3

[Singh and Aarti, 2013] Singh, A. and Aarti, N. (2013). Neural cryptography for secret key exchange andencryption with aes. International Journal of Advanced Research in Computer Science and SoftwareEngineering, 3:066117.

[StrongSwan, ] StrongSwan. VPN plugin. Software. [https://wiki.strongswan.org/projects/strongswan/wiki/NTRU].

[WolfSSL, ] WolfSSL. SSL/TLS library. Software. [https://www.wolfssl.com].

4