tl;dr: we show that sometimes ML has an advantage in distinguishing between Deterministic Random Bit Generators (DBRGs)
Paper: Journal of Cryptographic Engineering (Vol. 12 2022) or personal pdf.
Code: Original repo, GitHub repo or project page
Carlo Brunetta, Pablo Picazo-Sanchez
Cryptanalysis is the development and study of attacks against cryptographic primitives and protocols. Many cryptographic properties rely on the difficulty of generating an adversary who, given an object sampled from one of two classes, correctly distinguishes the class used to generate that object. In the case of cipher suite distinguishing problem, the classes are two different cryptographic primitives. In this paper, we propose a methodology based on machine learning to automatically generate classifiers that can be used by an adversary to solve any distinguishing problem. We discuss the assumptions, a basic approach for improving the advantage of the adversary as well as a phenomenon that we call the “blind spot paradox”. We apply our methodology to generate distinguishers for the NIST Deterministic Random Bit Generators (DRBGs) cipher suite problem. Finally, we provide empirical evidence that the distinguishers might statistically have some advantage to distinguish between the DRBGs used.