In the 70s of the last century a thousand years old premise of cryptography was challenged. The idea of using the same key to encrypt a message as to decrypt it was no longer a given. Rivest, Shamir and Adelman (the RSA 'gang') have exploited the emergent computing power to build cryptography on the basis of the idea that the encryption key is different from the decryption key, and one cannot easily be deduced from the other. This simple idea revolutionized the field, and it came in so handy with the rise of the Internet. In particular the RSA gang made dramatic social contributions by extending cryptography to communication between strangers, not just between parties who formerly exchanged keys.
Nothing since was of any similar impact on the science and society. It's high time for a similar milestone, and a comparable pivoting point. Looking around, one realizes that in parallel to the computing power that became commonly available in the 70s, enabling public key cryptography, today we witness the rise of artificial intelligence. As Ronald Rivest (the R of the RSA) observed: AI and cryptography are eerily similar. Say then that the big momentum we witness in AI is bound to shake up cryptography. In what way?
What old established premise of cryptography would be challenged this time?
The answer pops up with a touch of obviousness. Until now cryptography got busy hammering the ciphertext, trying to extract the plaintext from it. Nobody really tried the other way: guessing a good plaintext and checking its viability against the given ciphertext. The reason for that was simple: there are too many plausible plaintext messages, and if one letter is changed in the plaintext, then the ciphertext looks completely different (given the high quality ciphers of today).
Now we all experience with awe how when we type the first letters of a Google or of a Bing query, the respective AI completes our query to the T. And it does so on a basis of analyzing our past behavior and everything else of even limited relevance. Even the designers of AI are surprised by its level of deduction, and machine learning is getting better by the day. For cryptography it means that AI will come up with a list of plaintext candidates one of them is the right one. And it would be pointed to by casting each candidate against the ciphertext.
Never before was it possible to build such a list of plaintext candidates. And mind you, its power to crack cryptographic schemes is applicable to all ciphers and schemes. It is the "Maginot Line" all over again: while cryptography is building up its defense against frontal cryptanalytic attack, the adversary sneaks in from behind. Any one who uses cryptography is behaving in a characteristic way within rather known circumstances. This is the raw material AI is working with to generate the list of plausible plaintext candidates and single out the right one by checking each of them against the ciphertext. Our privacy and discrete operation in cyberspace are facing a surprising new risk, for which a matching countermeasure is called for.
It so happened that the defense built by BitMint against another threat -- quantum computers cryptanalysis -- is equally effective against AI, and it is now built as AI-Resistant (AIR) cryptography. Good News!
Details were just published by the International Association for Cryptologic Research: https://eprint.iacr.org/2023/524
Comments