Implement HopSkipJump attack

[zimmerrol]

This PR implements the HopSkipJump attack as described in the paper. The code is based on the reference reference implementation.

There are still some test cases missing at the moment.

[coveralls]

Coverage increased (+57.1%) to 95.247% when pulling 863fc03 on zimmerrol:hsja into 8394996 on bethgelab:master.

[jonasrauber]

What’s the status of this?

Could you explain why this attack requires a separate attack-specific test file?
Maybe we should add a comment in the file to document this reason.

[zimmerrol]

@jonasrauber The attack is implemented and seems to work. However, the tests are still taking a lot of time (especially for the TF backend)... Regarding the attack-specific test file: this attack needs a separate test file for the same reasons the Brendel Bethge attack does: the attack uses another attack at the beginning to find the initial adversarial perturbations; next, the attack tries to minimize the perturbation while keeping it adversarial. Thus, we cannot just use the other test file that only checks whether the final result is adversarial but we have to verify that the magnitude of the perturbation was decreased to validate the attack's behavior. Does this make sense to you?