Goto

Collaborating Authors

 machine learning attack


SALSA PICANTE: a machine learning attack on LWE with binary secrets

arXiv.org Artificial Intelligence

Learning with Errors (LWE) is a hard math problem underpinning many proposed post-quantum cryptographic (PQC) systems. The only PQC Key Exchange Mechanism (KEM) standardized by NIST is based on module~LWE, and current publicly available PQ Homomorphic Encryption (HE) libraries are based on ring LWE. The security of LWE-based PQ cryptosystems is critical, but certain implementation choices could weaken them. One such choice is sparse binary secrets, desirable for PQ HE schemes for efficiency reasons. Prior work, SALSA, demonstrated a machine learning-based attack on LWE with sparse binary secrets in small dimensions ($n \le 128$) and low Hamming weights ($h \le 4$). However, this attack assumes access to millions of eavesdropped LWE samples and fails at higher Hamming weights or dimensions. We present PICANTE, an enhanced machine learning attack on LWE with sparse binary secrets, which recovers secrets in much larger dimensions (up to $n=350$) and with larger Hamming weights (roughly $n/10$, and up to $h=60$ for $n=350$). We achieve this dramatic improvement via a novel preprocessing step, which allows us to generate training data from a linear number of eavesdropped LWE samples ($4n$) and changes the distribution of the data to improve transformer training. We also improve the secret recovery methods of SALSA and introduce a novel cross-attention recovery mechanism allowing us to read off the secret directly from the trained models. While PICANTE does not threaten NIST's proposed LWE standards, it demonstrates significant improvement over SALSA and could scale further, highlighting the need for future investigation into machine learning attacks on LWE with sparse binary secrets.


How to Protect Chatbots from Machine Learning Attacks

#artificialintelligence

Artificial Intelligence is a growing industry powered by advancements from large tech companies, new startups, and university research teams alike. While AI technology is advancing at a good pace, the regulations and failsafes around machine learning security are an entirely different story. Failure to protect your ML models from cyber attacks such as data poisoning can be extremely costly. Chatbot vulnerabilities can even result in the theft of private user data. Furthermore, we'll explain how Scanta, an ML security company, protects Chatbots through their Virtual Assistant Shield.


New Research Claims to Have Found a Solution to Machine Learning Attacks

#artificialintelligence

AI has been making some major strides in the computing world in recent years. But that also means they have become increasingly vulnerable to security concerns. Just by examining the power usage patterns or signatures during operations, one may able to gain access to sensitive information housed by a computer system. And in AI, machine learning algorithms are more prone to such attacks. The same algorithms are employed in smart home devices, cars to identify different forms of images and sounds that are embedded with specialized computing chips.


How Machine Learning Attacks the Problems of Database Performance - The New Stack

#artificialintelligence

Data centers store a tremendous -- some would say, ridiculous -- amount of logs. There is too much data for the smartest administrator to make immediate sense of. For analytics to continue to be helpful, it needs to be smarter than it is now. If this much logging on a granular scale is to be of use to anyone -- before, during, or after a network event -- logic needs to be capable of ascertaining causes and effects as they happen. Machine learning could be one thing that could provide such an intelligence.