SALSA: Attacking Lattice Cryptography with Transformers
This work addresses the security of quantum-resistant cryptosystems for cryptographic applications, representing a novel attack method rather than an incremental improvement.
The authors tackled the vulnerability of lattice-based cryptography to quantum computers by proposing SALSA, a machine learning attack using transformers and statistical cryptanalysis, which fully recovers secrets for small-to-mid size LWE instances with sparse binary secrets.
Currently deployed public-key cryptosystems will be vulnerable to attacks by full-scale quantum computers. Consequently, "quantum resistant" cryptosystems are in high demand, and lattice-based cryptosystems, based on a hard problem known as Learning With Errors (LWE), have emerged as strong contenders for standardization. In this work, we train transformers to perform modular arithmetic and combine half-trained models with statistical cryptanalysis techniques to propose SALSA: a machine learning attack on LWE-based cryptographic schemes. SALSA can fully recover secrets for small-to-mid size LWE instances with sparse binary secrets, and may scale to attack real-world LWE-based cryptosystems.