Elliptic Curve Cryptography (ECC) currently underpins much of modern digital security, protecting everything from online banking to cryptocurrency transactions, but surprisingly little research has investigated its vulnerability to advanced machine learning techniques. EmerGen LLC's Lily Erickson addresses this critical gap by demonstrating how modern language model architectures, specifically cross-axis transformers, can be used to crack ECC and effectively reverse the public key pair generation process. This research establishes a new approach to codebreaking that goes beyond traditional techniques and explores the potential of machine learning to memorize and exploit patterns within public-private key pairs. By proactively identifying these weaknesses, Ericsson's research highlights the urgent need to develop more robust cryptographic systems that can withstand the growing capabilities of artificial intelligence and protect digital infrastructure.
This study argues that machine learning can create effective rainbow tables, which can significantly reduce the effort required to break ECC, making it potentially insecure. The research team demonstrated that a machine learning model can learn to represent and remember a significant number of ECC private keys, effectively creating a precomputed database that enables rapid decryption. This approach requires less effort than traditional methods for deciphering ECC.
Calculations show that a smaller model can destroy half of all keys with the same effort as destroying 100 traditional keys, while a larger model can destroy half of all keys with the same effort as destroying 3 billion keys. The efficiency of storing keys is highlighted, and it is noted that batch size 4 can be executed on each core without quantization. Applying the birthday paradox, this study demonstrates that even a small fraction (e.g., 1%) of compromised keys can have a devastating impact on the security of the entire system. This is because an attacker only needs to destroy enough keys to create a significant risk of collision and compromise. The authors conclude that 256-bit encryption is effectively vulnerable and susceptible to large-scale attacks.
They urge cybersecurity professionals to take this threat seriously and consider alternative cryptographic solutions. Aware of the ethical implications, the researchers have chosen not to publish the model weights or training code, but are publishing the original Cross-Axis Transformer architecture and experimental results. The researchers initially demonstrated the model's ability to overfit a small dataset of 5,000 key pairs, achieving 99% training accuracy. This highlighted an important issue. Standard optimizers designed for language modeling struggle with the inherent randomness of cryptographically generated data. The optimizer fixed the iterative direction, effectively preventing gradient descent. To address this, the team disabled the momentum parameter within the AdamW optimizer to enable learning.
The model architecture employs a Cross-Axis Transformer with RoPE and consists of 16 layers with 784 million parameters, 2048 hidden sizes, and 16 attention heads. Training utilized a dataset of 100,000 key pairs, and performance was evaluated on a separate dataset of 38,200 pairs. Further experiments demonstrated the ability of the model to remember training data and achieved 99% accuracy on the training set. However, the evaluation loss increases as the training loss decreases, indicating overfitting. This study suggests that this model required much more data to learn the representation of elliptic curves. Researchers investigated whether modern machine learning models can learn to reverse engineer the process of generating ECC key pairs. The team employed a transformer model with 784 million parameters, 2048 hidden sizes, 16 layers, and 16 attention heads, trained on a dataset of 100,000 samples, and evaluated on 38,200. Initial experiments showed that the model achieved 99% accuracy on the training data, but the performance on the evaluation dataset remained statistically insignificant.
Subsequent tests using the generator function to create random key pairs showed no improvement and the loss remained flat after running 350 epochs with 100,000 samples each. This suggests that the model requires much more data to learn the elliptic curve representation. We performed detailed calculations to compare the computational complexity of generating the secp256r1 key pair to the cycles required for the machine learning model to memorize the key pair. Researchers determined that this model required fewer cycles to memorize a single key pair by utilizing bfloat16 precision. This study highlights potential vulnerabilities in current cryptographic systems and suggests that machine learning models may pose a future threat to digital security.
Machine learning breaks cryptographic key security
This study demonstrates that modern machine learning algorithms have a worrying ability to compromise current cryptographic security, particularly the elliptic curve discrete logarithm problem. The team was able to show that these algorithms can not only memorize a significant number of public-private key pairs, but also intuitively learn to reverse engineer the key generation process itself. The results show that a relatively small model with 784 million parameters can memorize enough key pairs to compromise half of all private keys with an effort equivalent to cracking just 100 keys using traditional methods. Scaling this up to a 405 billion parameter model suggests the potential to disable billions of keys with the same amount of effort.
This research highlights the efficiency of machine learning in creating what amounts to an advanced “rainbow table,” allowing for rapid lookup of private keys given their corresponding public keys. Importantly, this study suggests that violating a small percentage of the entire curve (sometimes less than 1 percent) can have widespread and harmful consequences. The authors acknowledge the limitations of their work, especially the computational resources required for full-scale training, and refrain from publishing the model weights or training code due to ethical concerns about the potential misuse of this technology. Looking ahead, the research team suggests that further research is needed to fully understand the implications of these findings and develop countermeasures against this emerging threat. This result strongly indicates that current 256-bit encryption may have vulnerabilities and that a proactive approach to cybersecurity is essential in an era where machine learning algorithms become increasingly powerful.
