[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject


>Date: Fri, 10 Nov 1995 11:52:41 -0800
>From: Bill Stewart <[email protected]>
>Subject: Re: coding and nnet's

>Schneier's 2nd edition says "Neural nets aren't terribly useful for
>cryptography, primarily because of the shape of the solution space.

>Neural nets work best for problems that have a continuity of
>solutions, some better than others. This allows a neural net to
>learn, proposing better and better solutions as it does. Breaking an
>algorithm provides for very little in the way of learning
>opportunities: You either recover the key or you don't. (At least
>this is true if the algorithm is any good.)

Has anyone tried using neural nets or similar techniques for
searching for useful nonrandom properties of the round functions of
block ciphers or hash functions?  This might be useful in trying to
prepare some new kind of attack, find a balanced binary function
that is useful in using the generalization of linear cryptanalysis
discussed by Harpes, Kramer, and Massey at Eurocrypt '95, find a
better "difference" function for use in a differential attack, etc.

>Neural nets work well
>in structured environments when there is something to learn, but not
>in the high-entropy, seemingly random world of cryptography." And he
>doesn't give any references.

Merkle's paper on Khufu and Khafre addresses this idea, I think.
Merkle comments that it's not going to be useful against a full
cipher, but that it might be useful against (say) Khufu with one or
two octets.

>#				Thanks;  Bill
># Bill Stewart, Freelance Information Architect, [email protected]
># Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Note:  Please respond via e-mail as well as or instead of posting,
as I get CP-LITE instead of the whole list.

   --John Kelsey, [email protected]
 PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36

Version: 2.6.2