

























We investigate the security of AES-128/192/256 when implemented as ReLU-based neural networks via the natural sum-of-corners construction. Although these implementations are bit-exact on Boolean inputs, they extend AES into a continuous piecewise-linear function over $\mathbb{R}^{128}$. We show that under real-valued oracle access, such neural realizations admit deterministic linear-time master-key recovery. The attack exploits a geometric property of the natural XOR (AddRoundKey) layer: for corner parameter c < 1, ReLU activations partition the input space into key-dependent linear regions. Using symmetric perturbations, exactly one key hypothesis preserves linear-region membership, enabling bitwise recovery through simple output-equality tests. We formalize this phenomenon via a local separability lemma and obtain attack complexity O(128R) neural queries for R rounds. Experiments over 1,000 independent random keys for AES-128, AES-192, and AES-256 achieve 100% recovery success. The vulnerability is independent of key size and round count; it stems solely from exposing a key-dependent XOR layer inside a continuous neural architecture. Our results reveal a fundamental gap between Boolean security and geometric security in neural implementations of cryptographic primitives.
BibTeX
@misc{cryptoeprint:2026/734,
author = {Kwangjo Kim},
title = {Assessing Geometric Security of {AES} Neural Realizations: Linear-Time Key Recovery via Neural Leakage},
howpublished = {Cryptology {ePrint} Archive, Paper 2026/734},
year = {2026},
url = {https://eprint.iacr.org/2026/734}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。