A couple of months ago, a new paper demonstrated some new attacks against the Fiat-Shamir transformation. Quanta published a good article that explains the results. This is a pretty exciting paper from a theoretical perspective, but I don’t see it leading to any practical real-world cryptanalysis. The fact that there are some weird circumstances that result in Fiat-Shamir insecurities isn’t new—many dozens of papers have been published about it since 1986. What this new result does is extend this known problem to slightly less weird (but still highly contrived) situations. But it’s a completely different matter to extend these sorts of attacks to “natural” situations...

In the early 1960s, National Security Agency cryptanalyst and cryptanalysis instructor Lambros D. Callimahos coined the term “Stethoscope” to describe a diagnostic computer program used to unravel the internal structure of pre-computer ciphertexts. The term appears in the newly declassified September 1965 document Cryptanalytic Diagnosis with the Aid of a Computer, which compiled 147 listings from this tool for Callimahos’s course, CA-400: NSA Intensive Study Program in General Cryptanalysis. The listings in the report are printouts from the Stethoscope program, run on the NSA’s Bogart computer, showing statistical and structural data extracted from encrypted messages, but the encrypted messages themselves are not included. They were used in NSA training programs to teach analysts how to interpret ciphertext behavior without seeing the original message...

“Fifty Years of Mathematical Cryptanalysis (1937-1987),” by Glenn F. Stahly, was just declassified—with a lot of redactions—by the NSA. I have not read it yet. If you find anything interesting in the document, please tell us about it in the comments.

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” > Abstract: Key lengths in symmetric cryptography are determined with respect to > the brute force attacks with current technology. While nowadays at least > 128-bit keys are recommended, there are many standards and real-world > applications that use shorter keys. In order to estimate the actual threat > imposed by using those short keys, precise estimates for attacks are crucial. > > In this work we provide optimized implementations of several widely used > algorithms on GPUs, leading to interesting insights on the cost of brute force > attacks on several real-word applications...

Interesting research: “How to Securely Implement Cryptography in Deep Neural Networks.” > Abstract: The wide adoption of deep neural networks (DNNs) raises the question > of how can we equip them with a desired cryptographic functionality (e.g, to > decrypt an encrypted input, to verify that this input is authorized, or to > hide a secure watermark in the output). The problem is that cryptographic > primitives are typically designed to run on digital computers that use Boolean > gates to map sequences of bits to sequences of bits, whereas DNNs are a > special type of analog computer that uses linear mappings and ReLUs to map > vectors of real numbers to vectors of real numbers. This discrepancy between > the discrete and continuous computational models raises the question of what > is the best way to implement standard cryptographic primitives as DNNs, and > whether DNN implementations of secure cryptosystems remain secure in the new > setting, in which an attacker can ask the DNN to process a message whose > “bits” are arbitrary real numbers...

Really interesting research into the structure of prime numbers. Not immediately related to the cryptanalysis of prime-number-based public-key algorithms, but every little bit matters.