A generic cryptographic algorithm identification scheme based on ciphertext features

Abstract

To assist relevant agencies in conducting security assessments of commercial cryptographic applications or establishing security monitoring and early warning mechanisms for cryptographic system, this paper proposes a generic cryptographic algorithm identification scheme based on ciphertext features and machine learning. The assessment agency generates a dataset with the information for testing and sends it to the testing server. Subsequently, the target agency server employs the cryptographic system to generate a ciphertext dataset, which is then transmitted to the testing server. By extracting features from the ciphertext and applying machine learning techniques, the cryptographic algorithms can be accurately identified on the testing server. Finally, the test results are generated and transmitted back to the assessment agency. This paper formally defines the scheme model and presents a detailed implementation. The scheme is primarily used in the security assessment of commercial cryptographic applications, allowing the assessment agency to analyze the obtained ciphertext files and determine whether the cryptographic algorithms meet specified requirements, as well as assess any potential risks. Notably, this approach avoids physical contact with cryptographic equipment and minimizes disruptions to the target agency’s normal operations during the assessment.