awesome-cryptanalytic-model-extraction: A Comprehensive Resource Collection for Cryptanalytic Neural Network Model Extraction

Maintained by springli07 and published on GitHub on June 5, 2026, this project is a bilingual resource list covering papers, code, classification systems, and open problems in the field of cryptanalytic neural network model extraction, providing a systematic reference for security researchers.

Traditional cryptanalysis relies on mathematical derivation and statistical methods, while deep learning brings new paradigms (e.g., block cipher analysis, stream cipher attacks, etc.). However, when cryptanalytic models are deployed as services, they are vulnerable to model extraction attacks—attackers reconstruct equivalent copies by querying the black-box model to steal intellectual property or evade security detection.

The attack model includes attacker capabilities (only able to query input and output), objectives (building equivalent substitute models), and constraints (query count/precision limits). Core methodologies include: training substitute models based on synthetic data, using adversarial examples to improve information acquisition efficiency, meta-learning to quickly adapt to target model characteristics, and designing query strategies tailored to the input-output characteristics of cryptography.

Proactive defense methods include query limitation (reducing attack efficiency), output perturbation (adding noise to prevent precise reconstruction), and model watermarking (tracking leakage sources); detection and response include abnormal query pattern recognition and dynamic adjustment of output strategies to handle suspicious requests.

The resources organized by the project include: 1. Academic paper classification (basic theory, attack methods, defense mechanisms, application research); 2. Open-source code implementations (reproducible research results); 3. Classification system framework (attack/defense types, evaluation metrics); 4. Open problems and challenges (technical bottlenecks and future directions).

Research in this field has multiple values: academically, it explores basic issues such as machine learning interpretability; industrially, it provides security design guidance for AI cryptanalysis service enterprises; in terms of security, it helps understand the vulnerabilities of AI systems and promotes the development of robust tools.

Future directions include extraction techniques for Transformer architectures, model protection in federated learning scenarios, the impact of quantum computing on attack complexity, and the application of formal verification in defense. It is recommended that relevant technical personnel use this resource as an entry guide to conduct in-depth research in the intersection of AI security and cryptography.