Google has shown that artificial intelligence has the ability to create its own cryptography standard—a step in the right direction in automating encryption.
In an academic paper, the internet behemoth’s Google Brain team details the creation of three neural networks (Alice, Bob and Eve). The team assigned them individual tasks: Alice was asked to send encrypted messages to Bob, who then was tasked with decrypting them. Eve played the role of the hacker, and was asked to crack the messages without possessing the key.
Here’s the cool part: They were asked to make it up as they went along.
“Instead of training each of Alice and Bob separately to implement some known cryptosystem, we train Alice and Bob jointly to communicate successfully and to defeat Eve without a pre-specified notion of what cryptosystem they may discover for this purpose,” researchers Martín Abadi and David Andersen wrote. “We would like Alice and Bob to defeat the best possible version of Eve, rather than a fixed Eve.”
After 15,0000 simulations, Alice and Bob were able to routinely send and decrypt secure messages. Eve wasn’t as successful though: She never achieved full decryption.
In a separate exercise using asymmetric encryption, the results were somewhat different and harder to evaluate. “In most training runs, the networks failed to achieve a robust outcome,” the researchers noted. “Often, although it appeared that Alice and Bob had learned to communicate secretly, upon resetting and retraining Eve, the retrained adversary was able to decrypt messages nearly as well as Bob was.”
The exercises were fairly basic, and didn’t use cryptographic algorithms for developing sophisticated systems, according to the paper.
“The learning does not require prescribing a particular set of cryptographic algorithms, nor indicating ways of applying these algorithms: It is based only on a secrecy specification represented by the training objectives,” the researchers explained.
But while it’s still not very complex, the new research could set the table for an encryption method that can dynamically, progressively strengthen as hackers attempt to crack it.
“When you consider that humans are consistently the weakest point in a security chain, there’s both financial and operational value in automating encryption between systems,” Jacob Ginsberg, senior director of Echoworx, told Infosecurity. “It has the potential to dramatically increase security. It’ll be interesting to see how this technology develops over the next few years and what the adoption levels among businesses will be.”