75

CHAPTER 5

A SECURE IMPLEMENTATION OF NONLINEAR AES S-BOX AND MIX-

COLUMN TRANSFORMATION WITH THE ENHANCEMENT OF

BIOMETRICS

5.1 Introduction

Cryptographic techniques increase the security of the network communication

techniques to a great extent. The Rijndael Algorithm replaces the DES algorithm [75].

The target of the hardware implementation of the algorithm mainly focuses on three

major factors. The main focus is to optimize area, to minimize the time and cost.

Rijndael is a symmetric byte-oriented iterated algorithm that is capable of processing

additional block sizes (160, 192 and 244 bits) and key lengths (160 and 244 bits).

5.2 AES Algorithm

The AES algorithm is composed of three main parts: Cipher, Inverse Cipher and

Key Expansion. Cipher converts data to an unintelligible form called cipher text while

Inverse Cipher converts data back into its original form called plaintext. Key

Expansion generates a Key Schedule that is used in Cipher and Inverse Cipher

procedure.

Cipher and Inverse Cipher are composed of specific number of rounds For the

AES algorithm; the number of rounds to be performed during the execution of the

algorithm is dependent on the key length. The AES encryption and decryption

processes are used for 128 bit plain text. The AES algorithm specifies three encryption

modes: 128-bit, 192-bit, and 256-bit. Each cipher mode has a corresponding number of

rounds Nr based on key length of Nk words. The state block size, termed Nb, is

constant for all encryption modes. This 128-bit block is termed the state. Each state is

comprised of 4 words. A word is subsequently defined as 4 bytes [79].

76

Encryption has an important role in data protection. The importance of

encryption is acknowledged with the increasing communication. Encryption makes

sense when data packets use open channels to transfer their contents from device to

device. Encryption is the knowledge of changing data with cipher key by using cipher

algorithms, so that someone who knows the cipher key and cipher algorithm can export

the plain text from cipher text. The meaning of Encryption is not only hiding

information, but also it means sending Information in another form, so as to ensure the

security of data.

An Encryption system contains set of transformations that convert plain text into

cipher text. In the block cipher system, plain text converts into blocks that cipher

algorithm applies on them to create cipher text. The block cipher systems divided into

two general principles: Diffusion and Confusion. In Diffusion principle, each bit of

plain text converts into many bits. However, in Confusion principle, number of bits

doesn't change and only transformations apply to plain text, hence in Confusion

principle, size of plain text and cipher text is equal. Usually in both the principles round

repetition is used to create cipher text. Repeating a single round contributes to cipher’s

simplicity [80].

Cipher algorithms have the two general categories: Private Key algorithms and

public key algorithms. Private Key algorithms using single key to encrypt plain text

and decrypt cipher text in sender and receiver side. Private Key algorithm samples are:

DES, 3DES and Advanced Encryption Standard (AES). Public Key algorithms, such as

the Rivest-Shamir-Adleman (RSA), using two different key for encrypt plain text and

decrypt cipher text in sender and receiver sides. Block cipher systems depend on the S-

Boxes, which are fixed and no relation with a cipher key.

77

Fig 5.1 Block diagram of AES encryption and decryption.

78

So only changeable parameter is cipher key. Since the only nonlinear component

of AES is S-Boxes, they are an important source of cryptographic strength. So we

intend use cipher key to generate dynamic S-Box which is changed with every change

of cipher key, which leads to increase in the cryptographic strength of AES algorithm.

For both its Cipher and Inverse Cipher, the AES algorithm uses a round function

that is composed of four different byte-oriented transformations: Sub Bytes, Shift

Rows, Mix Columns and Add Round Key. The encryption and decryption process is

shown in Fig 5.1.The data will first XOR with initial key, and repeat the basic round

operation N-1 times, where N depends on the key length. At the last round, it will

execute only three function modules except Mix Column or Inverse Mix Column.

5.3 Proposed Mix-Column

Let, Si.c=B(x) be an element to be multiplied. B(x) can also be written in the

polynomial form as;

Multiplications used in the (forward) Mix Column transformation are {03}.

B(x) =(x+ 1)B(x) and {02}. B(x) = x B(x). The resulted multiplications are:

and

79

Implementations of above equations are simple, since additions are XORs. As an

example the circuit to compute x is shown in below. The implementation of (x+1) Bi

shown in Fig 5.3 can be done similarly. The maximum delay time is expected to be that

of the delay unit of a 3-input XOR gate. The inverse of Mix Column transform would

be similar to Mix Column transform. Every column is transformed by multiplying by a

specific polynomial. It is possible to design a single hardware piece for both forward

and inverse Mix Column transform.

Fig 5.2 A ×2 Fixed Coefficient multiplier.

Fig 5.3 A ×3 Fixed Coefficient Multiplier.

80

5.4 The Inverse Mix-Column Transform

Fig 5.4 Implementations of Fixed-Coefficient Multiplication F(x) {D} D(x) = 0 and

F(x) {B} D(x) = 0.

81

The inverse of Mix-Column transform is similar to Mix-Column transform. Every

column is transformed by multiplying by a specific polynomial shown in Fig 5.4. As ()

axis the forward Mix-Column transform polynomial, then in inverse transform

polynomial can be found by noting that () () { } −=1axa x 01. For a(x) { } { } x { } x {

} x =+ + +23 02 01 01 03, AES specifies () () { } { } { } { } −==++ + 123 c x a x 0E

09 x 0D x 0B x.

5.4.1 The Substitution Box (S-BOX)

Substitution is a nonlinear transformation which performs confusion of bits. A

nonlinear transformation is essential for every modern encryption algorithm and is

proved to be a strong cryptographic primitive against linear and differential

cryptanalysis. Nonlinear transformations are implemented as lookup tables (S-Boxes).

An S-Box with p input bits and q output bits is denoted p * q. The DES uses eight 6 * 4

S_boxes. S-Boxes are designed for software implementation on 8-bit processors. The

block ciphers with 8 * 8 S-Boxes are SAFER, SHARK, and AES.

For processors with 32-bit or 64-bit words, S-Boxes with more output bits

provide high efficiency. The Snefru, Blowfish, CAST, and SQUARE use 8 * 32 S-

Boxes. The S Boxes can be selected at random as in Snefru, can be computed using a

chaotic map, or have some mathematical structure over a finite Galois field. Examples

of the last approach are SAFER, SHARK, and AES.

S-Boxes that depend on key values are slower but more secure than key

independent ones (Schneider, 1996). Use of key independent chaotic S-Boxes are

analyzed, in which the S-Box is constructed with a transformation F ((X + K) mod M),

where K is the key.

82

5.5 Proposed S-Box

Through the research of Rijndael algorithm, It can be seen that a non-linear

layer of S-box transformation is a key to make the entire algorithm strong. It is

well known that the cryptographic strength of the AES depends on the choice of

the S-box. Many cryptographists have discovered that there is some weakness in

the design of the existing S-box [78].

To improve complexity of S-box structure this approach combines a

dynamic nonlinear transformation method and linear function. A good S-box can be

very well resist differential cryptanalysis, linear cryptanalysis attacks and so on. The

Advanced Encryption Standard (AES) has S-boxes in its Substitution Bytes and

Inverse Substitution bytes. To enhance the complexity of the S-Box's structure,

the nonlinear and the linear transformations models need to be reconsidered in

the design of the S-box.

5.6 Implementation of Virtual Sbox

In the nonlinear implementation three S-Boxes is being used. During

encryption, the input value is first mapped to Default S-Box (Pre-defined S-Box),

which is the original AES S-Box and this value undergo a XOR process with

the new derived S-Box which is the l's complement of the actual S-Box to

generate the virtual S-Box shown in Fig 5.5. Thus for each different input value

the virtual S-Box will be dynamically generated. Similarly for the decryption, the

reverse process will take place using the inverse virtual S-Box [77].

83

Fig 5.5 Creation of dynamic S-Box.

During this encryption, the input value will be mapped to the virtually created

S-Box and then this value will map to the default S-Box to produce the encrypted

result as shown in the Fig 5.6

Fig 5.6 Encryption using Virtual S-Box.

84

During decryption, the input value will be mapped to the default S-Box and then

this value will be mapped to the virtually created S-Box to produce the decrypted

original result as shown in the Fig 5.7.

Fig 5.7 Decryption using Virtual S-Box.

5.7 Implementation Results

The implementation has been developed in VHDL and synthesized to Xilinx

FPGA devices [73]. Xilinx ISE is an Integrated Software Environment (ISE) tool 8.1i

from Xilinx Inc. the synthesis process to be done in FPGA with the help of Xilinx

software tool 8.1i. Simulation is done with the help of ModelSim XE III 6.2.

85

Fig 5.8 Simulation result of AES Encryption.

86

Fig 5.9 Simulation result of AES decryption.

87

Fig 5.10 Synthesis result of proposed AES Encryption.

88

Fig 5.11 Synthesis result of proposed AES Decryption for high security.

89

Table 5.1 Performance Comparison of Proposed AES using Virtual Sbox and

Optimized MixColumns.

In this research work Advanced encryption standard (AES) algorithm was

developed using HDL language. The coding is tested in both simulation and synthesis.

Simulation is performed in the ModelSim XE III 6.3 for analysis and synthesis in the

Xilinx ISE tool. The Fig 5.8 shows the simulation result of the encryption module and

the Fig 5.9 shows the decryption results. From the result, it can be concluded that the

proposed AES method offers more delay and power than the existing methods. But it

provides high security and less area than the CBC and CM methods.

Methods

Area

Delay (ns)

Frequency

(MHz)

Encryption

891

4.229

236.443

Decryption

892

4.729

211.443

90

Fig 5.12 Performance Comparison between Encryption and Decryption of

Proposed AES.

891 892

4.229 4.729

236.443

211.443

0

100

200

300

400

500

600

700

800

900

Encryption Decryption

Area

Delay

Frequency

91

5.8 Conclusion

Advanced encryption standard (AES) algorithm was improved using Verilog language

of 128 bit-key AES cipher. The algorithm consists of three main parts: Cipher, Inverse

Cipher and Key Expansion that have been developed using HDL. The proposed AES

methods replace the default S-Box by the Dynamic S-Box for high security reasons

than the existing CBC and CM methods. The novel optimized MixColumns is

introduced to reduce the hardware utilization in comparison with the existing CBC and

CM methods. Hence the proposed AES technique is suitable for high secure and less

area applications.