Embed Size (px)
Citation preview
Modified Advanced Encryption Standard
Algorithm for Reliable Real-Time
Communications
ألنظمة االتصاالت المتقدم المعياري شفيرتتعديل خوارزمية ال الوقت الحقيقي الموثوقة في
Mahmoud A. eltatar
Supervised by
Dr. Ammar Abu-Hudrouss
Associate prof. Of electrical
engineer
A thesis submitted in partial fulfillment
of the requirements for the degree of
Master of electrical enigneer
Dec/2017
زةــغ – تــالميــــــت اإلســـــــــبمعـالج
والدراسبث العليب شئىن البحث العلمي
الهندستت ليــــــك
الهندست الكهرببئيتمبجستير
The Islamic University–Gaza
Research and Postgraduate Affairs
Faculty of engineering
Master of electrical engineer
I
إقــــــــــــــرار
أنا الموقع أدناه مقدم الرسالة التي تحمل العنوان:
Modified Advanced Encryption Standard Algorithm for
Reliable Real-Time Communications
الموثوقة في تعديل خوارزمية التشفير المتقدم المعياري ألنظمة االتصاالت
الوقت الحقيقي
أقر بأن ما اشتممت عميو ىذه الرسالة إنما ىو نتاج جيدي الخاص، باستثناء ما تمت اإلشارة إليو حيثما ورد،
لنيل درجة أو لقب عممي أو بحثي لدى أي االخرين وأن ىذه الرسالة ككل أو أي جزء منيا لم يقدم من قبل
مؤسسة تعميمية أو بحثية أخرى.
Declaration
I understand the nature of plagiarism, and I am aware of the University’s policy on
this.
The work provided in this thesis, unless otherwise referenced, is the researcher's own
work, and has not been submitted by others elsewhere for any other degree or
qualification.
:Student's name حد عدا اتتس اسم الطالب:
:Signature التوقيع:
:Date التاريخ:
II
III
Abstract
Ensuring the security of the senetive data from being accessed by unauthorized user
is very important issue, especially while being transmitted or stored for the
companies and end users.
Multiple ways are used to do this job; one of the most famous is to use cryptography.
Cryptography is used to transfer the data in a form that is not understood by anyone
apart from the intended recipient. The advance standard encryption algorithm (AES)
is one of the most secure encryption algorithms, but AES suffers from consumption
of unnecessary time to achieve the necessary complexity needed to meet the security
level, especially for real time application. In this research, a modified scheme is
developed for the encryption/decryption algorithm by modifying the MixColumns
stage.
The aim of new scheme is to increase the speed of the encryption/ decryption process
while maintaining the complexity of the design by using IV vectors depends on true
random number generator.
Such a schem will keep the security level for the proposed scheme as complex as
possible .
The result verifies that the modified scheme of encryption and decryption (MAES) is
twice faster than the advance standard encryption algorithm (AES). The complexity
of the modified scheme of encryption and decryption algorithm (MAES) is high
achive the security level as the advance standard encryption algorithm AES
algorithm as verified by tests.
IV
Abstract in Arabic
الملخصAbstract in Arabic
ضمما نمم اا١امما إ ممما ن عممد ع١مم بممع ع١مما اتلمما ع١مما مم ارممتسد١ ١ممس ا ا مم١
اعد٠د اطسق حا٠م ٠جد. جصة احا ١ب جدا شسوا ارتسد١ ا ارائنحد تسص٠ا
اا١اا عد ما ن تسص٠ا ى نشسا ع١ تشف١س اا١اا .
٠ىم شمى إم اا١اما ع١م تح٠م اتشف١س فم شمسا م ن اجم م مر اشمسا م
ما اتشف١س ا وثس ناا ى ا خازش١ اتشف١س ام١ا ١ اتمد احدة خازش١إ . اا١اا ن ا ا
تطا١مما تحم١مك اتعم١مد امالش تا١م رمت ا مة خانم بارما وا١مس رما١ا عا ا تالن لم ت
.اتفاع١ ن ات تحت تأخ١س
خم ا عمدة تشمف١س فمه اتشمف١س عم س٠مك تعمد٠ سحم عد خازش١ ف را ااحثة ت تط٠س فم
اتشممف١س ام١ا مم١ اتمدمم خازش١مم ص٠ممادة ممسع اتشممف١س فممه اتشممف١س ممع احفممات عمم تعم١ممد اتلمم١
خازش١مم اتشممف١س اعتممد فممحفممات عمم رممت ا مما ذممه با ممتسدا ممدا نزلمما عشممائ١ تمدمم
.ام١ا ١ اتمد
ا ن١ اسازش١ ام١ا ١ ست١ ن سع اا١اا ف١سن اسط اعدي تشف١س فه تش تا١ اتائج
وا تا١ اتائج ن٠ضا ن اتعم١د اجد ف اسازش١ اجد٠مدة تشمف١س فمه اتشمف١س عممدة وفا٠م .تشف١س
امالش تىافئ اتعم١د اجد ف خازش١ اتشف١س ام١ا ١ ا ن١ ا ٠حافظ ع رت عا ا م
ع١ اتشف١س م اا١اا بأا.
V
Dedication
To my parents
VI
Acknowledgment
First and the foremost, I would like to thank Almighty Allah for bestowing His
blessings upon me and giving me the strength to carry out and complete this work.
I am extremely grateful to my supervisors Dr. Ammar Abu-Hudrouss and Dr. rezal
for their valuable advice, guidance, beneficial discussions and encouragement
throughout my research. Apart from their valuable academic advice and guidelines,
they have been extremely kind, friendly, and helpful. I am also very grateful to my
thesis committee member, Dr. Fady El-Nahal and Dr. Mohammed Ghazal for their
care, cooperation and constructive advices
I would like to give my special thanks to my parents, brothers and my sisters for their
support, patience and love. Without their encouragement, motivation and
understanding, it would have been impossible for me to complete this work. Finally,
my sincere thanks are due to all people who supported me to complete this work.
VII
Table of Contents
Declaration ......................................................................................................................... I
Abstract in Arabic ........................................................................................................... IV
Dedication ........................................................................................................................ V
Acknowledgment ............................................................................................................ VI
Table of Contents ........................................................................................................... VII
List of Tables .................................................................................................................. IX
List of Figures .................................................................................................................. X
List of Abbreviations ...................................................................................................... XI
Chapter 1 Introduction ...................................................................................................... 1
Chapter 1 Introduction ...................................................................................................... 2
1.1 Background and Context ........................................................................................ 2
1.2 Scope and Objectives .............................................................................................. 3
1.3 Motivation ............................................................................................................... 4
1.4 Research methodology ............................................................................................ 4
1.5 Limitations .............................................................................................................. 4
1.6 Overview of Thesis ................................................................................................. 5
Chapter 2 Cryptography Theory ....................................................................................... 6
Chapter 2 Cryptography Theory ....................................................................................... 7
2.1 Introduction to Cryptography ................................................................................. 7
2.2 Symmetric Encryption Algorithm .......................................................................... 9
2.3 Advanced Encryption Standard (AES) ................................................................. 11
2.3.1 Introduction ........................................................................................................ 11
2.3.2 The SubBytes Step ............................................................................................. 12
2.3.3 The ShiftRows Step ........................................................................................... 13
2.3.4 The MixColumns Step ....................................................................................... 14
2.3.6 Key Schedule ..................................................................................................... 16
2.4 random number generators ................................................................................... 17
2.5 AES Modifications ............................................................................................... 18
2.6 Previous work 1 - Modified Advanced Encryption Standard for Text and
Images: ........................................................................................................................ 18
VIII
2.7 Previous work 2 - An Efficient Modified Advanced Encryption Standard
(MAES) Adapted for Image Cryptosystems: .............................................................. 19
2.8 Previous work 3 -Modified Advanced Encryption Standard: ............................... 20
2.9 Summary: .............................................................................................................. 21
Chapter 3 Design of Modified AES Algorithm (MAES) ............................................... 22
Chapter 3 Design of modified AES algorithm (MAES) ................................................. 23
3.1 Introduction ........................................................................................................... 23
3.5 Summary: .............................................................................................................. 31
Chapter 4 Evaluation ...................................................................................................... 32
Chapter 4 Evaluation ...................................................................................................... 33
4.1 Introduction ........................................................................................................... 33
4.5.1 Introduction ........................................................................................................ 40
4.5.2 Compare the Speed Result ................................................................................. 40
4.5.3 Compare the Complexity ................................................................................... 41
4.6 Summary: .............................................................................................................. 42
Chapter 5 Conclusion and Future Work ......................................................................... 43
Chapter 5 Conclusions and Future Work ........................................................................ 44
5.1 Conclusions ........................................................................................................... 44
The Reference List .......................................................................................................... 45
IX
List of Tables
Table (2.1): Summery of results for the previous works modifications ........................ 21
Table (4.1): The result of the test vectors for the encryption process ............................ 35
Table (4.2): The time consumption for the two algorithms used to generate the IVs
vector. ............................................................................................................................. 36
Table (4.3): The time consumption for the mix column stage process compared with the
permutation stage in the MAES. ......................................................................................... 37
Table (4.4): The overall time consumption for the encryption and decryption process ........... 38
Table (4.5): The entropy for the MAES compared with the AES algorithm .......................... 40
Table (4.6): Speed efficiency for the both algorithms ........................................................ 41
Table (4.7): the MAES and Efficient Modified Advanced Encryption Standard
entropy value. .................................................................................................................. 41
X
List of Figures
Figure (1.1): overall structure of MAES ........................................................................... 3
Figure (2.1): Secure link between Alice and Bop ............................................................. 6
Figure (2.2): The symmetric algorithm use the same key for encryption and
decryption ......................................................................................................................... 7
Figure (2.3): The Asymmetric algorithm uses different keys for encryption and
decryption ......................................................................................................................... 8
Figure (2.4): The The SubBytes Step applies in bytes .................................................... 11
Figure (2.5): Split the byte into two parts to find the output ........................................... 11
Figure (2.6): ShiftRows example for encryption ............................................................. 12
Figure (2.7): ShiftRows process for A: encryption B: decryption .................................. 12
Figure (2.8): MixColumns process .................................................................................. 13
Figure (2.9): MixColumns process for A: encryption B: decryption .............................. 13
Figure (2.10): key addition process ................................................................................. 14
Figure (2.11): The full encryption and decryption process of the AES .......................... 15
Figure (2.12): The full encryption and decryption process for the modified scheme ..... 16
Figure (2.13): Pseudo code for the modified shift row algorithm ................................... 17
Figure (2.14): The state matrix for the MAES when select 1024 bits key ...................... 18
Figure (3.1): The MAES algorithm compared with AES algorithm design ................... 22
Figure (3.2): The xor operation that replaces the MixColumns stage in the MAES ....... 23
Figure (3.3): The function that represents the first approach of MAES .......................... 23
Figure (3.4): The function that represents the second approach of the MAES ............... 24
Figure (3.5): The pseudocode of the AES key expansion algorithm .............................. 25
Figure (3.6): The pseudocode modified AES key expansion processes used to
generate the one IV vector approach .............................................................................. 26
Figure (3.7): The pseudocode modified AES key expansion to generate the 16 IVs
vectors approach algorithm ............................................................................................. 27
Figure (3.8): SHA3 as external random number generator ............................................. 28
Figure (3.9): The pseudocode to use SHA3 to generate the one IV vector approach
algorithm ......................................................................................................................... 28
Figure (3.10): The pseudocode to use SHA3 to generate the 16 IVs vectors approach
algorithm ......................................................................................................................... 29
Figure (4.1): The over all tests will be applied on the MAES ................................................... 33
Figure (4.2): The flowchart for the AES algorithm ................................................................... 34
Figure (4.3): The deleted mix column stage in AES algorithm ...................................... 34
Figure (4.4): The new scheme for the encryption and decryption process ..................... 35
Figure (4.5): The histogram analysis for the new scheme .............................................. 38
XI
List of Abbreviations
3DES Triple Data Encryption Algorithm Standerd
3G Third Generation
AES Advanced Encryption Standard
DES Data Encryption Algorithm Standerd
FIPS Federal Information Processing Standards
GF Galois field
GSM Global System for Mobile communications
IDEA International Data Encryption Algorithm
IP Initialization vector for permutation
IV Initialization vector
MAES Modified Advanced Encryption Standard
NIST The National Institute of Standards and Technology
SHA-3 Secure Hash Algorithm 3
Chapter 1
Introduction
2
Chapter 1
Introduction
1.1 Background and Context
The security of the sensitive information is a prime concern for every company.
Modern communication and storage techniques, using computers connected through
networks, make the sensitive data vulnerable for lot of threats. The basic security
concepts which are important to sensitive information include(Durcikova & Jennex,
2017):
Confidentiality: the information is accessed only by the authorized
people.
Integrity: only the authorized people can change the data.
Availability: accessing the data without problem.
While the Concepts that relating to the people who use the sensitive information
are(Durcikova & Jennex, 2017)
Authentication: proving that a user is the person he claims to be.
Authorization: the act of determining whether a particular user has the
right to access the data.
Non-repudiation: the user cannot deny performing an activity.
Cryptography: is the science of using mathematics to encrypt and decrypt
data.(Patarin, 2017)
Cryptography allows anyone want to store his sensitive information or send it over
any insecure channel (like the Internet) to transform the information in a form that is
not understood by anyone apart from the intended recipient.
Therefore security of any communication system is one of the big issues today, when
design any communication system because the companies must keep the data secrete
against the attackers whom have high power computers that can easily break the
system if it does not be complex.
On the other hand making the encryption algorithms more complex to increase the
security will affect the speed of the encryption and decryption process and this
solution will be not suitable solution because slowing the encryption will affect the
3
reliability of the communication link specially for the real time application that needs
to be connected online all the time and such solution raises the cost of the project.
The AES algorithm is one of the best algorithms for symmetric cryptography. The
AES uses variable key length and can encrypt 128 bit data block.(Daemen & Rijmen,
2013)
In this research project, we aim to develop a new scheme for encryption by
modifying the AES algorithm to increase the speed of the encryption process with a
complex design to keep the security level for the proposed scheme as high as
possible
1.2 Scope and Objectives
the advance encryption standerd suffer from consuming unnecessary time to achive
the complexity needed for the security level, so in this research, a new modification
will be applied on the AES algorithm to reduce the time consumption while
maintaine the security level as in the AES algorithm, the main change will done by
replacing the Mixcolumn stage at each round with permutation stage depends on
randomly generated key-dependent IP vector as shown in Figure (1.1). The
researcher will test two methods in generation the IP vector, the first one will be
generate IP vector for all round of encryption and the second one will be to generate
an IP vector for each round.
The modification must depend on a strong random number source and this random
number must have the key as a seed for generation the IP vector by using modified
Figure (1.1): Overall structure of MAES.
4
key expansion stage of the AES algorithm or external key-dependent random number
generaator .
1.3 Motivation
Most of the modified encryption schemes do their modifications to ensure only
the speed or the complexty of the algorithm(Hameed et al., 2011; Shtewi, Hasan, &
Hegazy, 2010).
Increasing the speed of the encryption and decryption algorithm, while keeping the
security level high by make the algorithm processes as complex as possible will be
very convenient for a lot of application that required high security level with limited
resource, and this can be done by replacing the Mixcolumn stage with random
Generated IP vector for Permutation stage at every session of encryption will
increase the speed of algorithm without decrease the security of the AES algorithm.
In addition, the security will increase in case of the permutation stage change at
every round in the block encryption.
1.4 Research methodology
The research will be done by design and analysis the proposed scheme, the two
approachs are one one IV vector for all rounds and one IV vectors for each round.
Then the random number generator will be designed and analysed to choose between
the modified key expansion algorithm or external random number generator. All this
result will be simulated using programming language C++ software to prove that the
new modification pass the security tests needed.
The speed measurements will be calculated by measure the average time consumed
by rerun the process for 1000 times.
1.5 Limitations
This project will implement the new schem for modified AES algorithm using the
general proposed algorithm and not for specific target algorithm (hardware
implemetaion) which be some times faster because this kind of hardware is designed
speically for cryptography purpose.
5
1.6 Overview of Thesis
The thesis is organized as follows:
In Chapter 2 an introduction to the new scheme is presented and the scope with the
Singnification while the limitation is cleared.
In Chapter 3, the theory of cryptography will be discussed by definig the
cryptography and its branche then some of the modified schems will be reviwed.
In Chapter 4, the researcher will present the new scheme by show the modified
algorithm and source of the random number generator.
In Chapter 5, the results of new scheme will be discussed and it will contain test
vectors of new scheme compared with original scheme then speed of new algorithm
will discuss with speed of original algorithem then the security tests will be shown
compared with other security tests for modified algorithms.
Finaly the conclusion and future work will be in Chapter 5.
6
Chapter 2
Cryptography Theory
7
Chapter 2
Cryptography Theory
2.1 Introduction to Cryptography
In the modern systems, cryptography deals with a lot of problems. But the basic one
is to ensure the security of information in a communication channel. For
demonstration, let us assume that there are two communication sides the sender
which will be called A and the receiver which will be called B, and they want to
communicate securely with each other as shown in Figure (2.1).
Figure (2.1): Secure link between Alice and Bop.
The most basic aim for Cryptography is to provide an ideal channel between A and B
so over an insecure channel so no one such as eavesdropper can listen to the
transmitted data between A and B.
But in general the cryptography provides two goals:
1- Privacy: hiding the content of a transmission form an eavesdropper.
2- Authenticity or Integrity: ensuring that the receiver has the message from the
predetermined transmitter, and prevent any eavesdropper from taking the
receiver or transmitter identity.
8
To achieve the security goals such privacy or authenticity, Cryptography distributes a
protocol that contains software and rules to each party in the secure link of
communication that not leaks any information they don’t want to be known. The
software contains the sender algorithms that will secure the data and ensures the
security goals before sending it over the insecure channel and the receiver algorithm
that let the receiver accepts the data or denies it when it has security errors such as
eavesdropper modification on the data.
All cryptography protocols depend on a Key, which is shared between the parties of
communication, and the cryptography algorithms are divided into two types:
1) Symmetric Encryption Algorithm:
Sometimes, it called pre-shared key. In the symmetric encryption algorithm,
the key between the sender and the receiver is the same key and this key must
be distributed to all parties involved in the secure link to ensure that the
eavesdropper does not have it.
In this kind of encryption the encryption process and decryption process is
done using the same key as shown in Figure (2.2).
Figure (2.2): The symmetric algorithm use the same key for encryption and decryption.
1- Asymmetric Encryption Algorithm:
Sometimes it called public-key algorithm. In the asymmetric encryption
algorithm, the key is divided into two pieces: the first is called the private key
and the other called the public key. In order to make secure link between the
sender and the receiver the sender must have the public key and it can be sent
over an insecure channels because it is used only for the encryption of the
data and it cannot be used to decrypt it. Meanwhile, the receiver which has
9
the private key will be able to decrypt the data using it and the private key
must be stored securely.
The process of encryption and decryption process for this kind of algorithm is
shown in Figure (2.3) (Gilbert, 2017).
Figure (2.3): The Asymmetric algorithm uses different keys for encryption and decryption.
2.2 Symmetric Encryption Algorithm
Symmetric encryption is the most used of the two types of encryption algorithms and
it is used in the modern communications before the asymmetric type. Symmetric
Encryption Algorithm was used in the past as some kind of securing the
communication such as the vegenere algorithm (Stallings & Tahiliani, 2014).
In the encryption process, the plaintext is the data that meant to be secure while the
ciphertext is the data in unknown format so the eavesdropper can’t determine and
valuable information from it.
The process that converts the plaintext to ciphertext is called an encryption while the
process to restore the plaintext from the ciphertext is called decryption.
The cryptanalysis is the process that aims to decrypt the data without the key
intended to decrypt it and in such case the algorithm is called a broken algorithm.
The symmetric algorithms contain two basic types of operations:
1- Substitution operation:
These kinds of algorithm use the substituation to encrypt the data by
replacing the symbol with another symbol depending on a pre-define Table
and the most famous algorithm uses this type is the Caesar Cipher that
replaces the plaintext letter to cipher the text letter depending on a pre-define
key as shown in the example bellow (Stallings & Tahiliani, 2014).
01
Plain text M E E T F U
Cipher text B C C K X O
Pre-define Table
E F G H i …. M S T U
C X F V G …. B V K O
The operation of substitution can be also done by xor the plain text with a
pre-define symbols in the mathematical representation of the data.
2- Transposition operation:
In this kind of algorithms, some kind of permutation is done to the plaintext
letter. A simple example for encrypt the letter message such as “meet ku” we
can transport each letter. The 2-step of encryption is shown below,
A C
B D
C E ….
The encrypted message will be “oggv mw”
Most of the modern symmetric encryption algorithms use combined collection of the
two types of substitution algorithm and transposition algorithms.
The modern design princible of the symmetric algorithm depends on two types of
structure:
1- Stream cipher:
This kind of structures encrypts the data bit by bit or byte by byte at a time.
The most famous algorithm from this type is A5 algorithms that used in the
mobile phone calls (GSM and 3G)
2- Block cipher:
This kind of structures divides the data into blocks. Each block contains part
from the data and the entire block is encrypted at the same time. this structure
contain lots of algorithms, one of the most important algorithm isstandard
encryption algorithm (AES) (Stallings & Tahiliani, 2014).
00
2.3 Advanced Encryption Standard (AES)
2.3.1 Introduction
In 1997, the National Institute of Standards and Technology (NIST) declared a
competition for new encryption standard to replace it with DES algorithm. The DES
algorithm was from 1976 until 1998 when it was cracked in less than two days using
the DES cracker (Selent, 2010).
Some replacement of the DES was available such as 3DES and IDEA but they have
some problems, NIST wanted an easy algorithm and free one so they declare the
competition. In 2001 NIST chose an algorithm created by two Belgain computer
scientists, Vincent Rijmen and Joan Daemen which called Rijndael algorithm, as the
new standard for encryption. This standard was called Advanced Encryption
Standard and is currently still the standard for encryption (Selent, 2010).
Advanced Encryption Standard (AES) is an iterated from the kind of symmetric key
with block cipher structure that means the following:
1- AES contains four operations denoted as "rounds" and they are repeated
several times depending on the key length.
2- AES has a pre-shared key between the encryption party and decryption party
which is used in the encryption and decryption process.
3- The plaintext is divided into blocks before encryption and then the encryption
process encrypts each block separately.
The fact that the AES algorithm is reversible simplifies the encryption and
decryption algorithms because the decryption process becomes very similar to
encryption process.
Each round in the encryption process contains four operations as follows(Daemen &
Rijmen, 2013):
1- The SubBytes Step.
2- The ShiftRows Step.
3- The MixColurmns Step.
4- The Key Addition.
02
The algorithm is capable to use key lengths of 128,192, and 256-bit and the number
of rounds is 10, 12, and 14, respectively.
The plaintext is divided into blocks of 256-bit size. These blocks are encrypted one
by one using 16 byte as 4*4 matrix called state (Pancholi & Patel, 2016).
2.3.2 The SubBytes Step
The SubBytes step is a non-linear transformation in the Rijndael algorithm, it is done
by making permutation process; each byte in the 16-byte block is divided into two 4-
bit parts. The two parts is applied to an S-box to choose the output as shown in
Figure (2.4) and Figure (2.5) (Daemen & Rijmen, 2013).
Figure (2.4): The The SubBytes Step applies in bytes.
Figure (2.5): Split the byte into two parts to find the output.
The design criteria for the SubBytes Step is to ensure the following
03
1- Non-linearity by maintaining the maximum input-output correlation
amplitude as minimum as possible. Moreover, it maintains the difference
propagation probability as small as possible.
2- Algebraic complexity by maintain the complexity of the S-box in Galois
field GF (28) (Daemen & Rijmen, 2013; Jacobson, 2012).
2.3.3 The ShiftRows Step
The ShiftRows Step is a transposition operation performed on the bytes of the block.
Each byte is shifted depending on its position in the block matrix. The Figure (2.6)
shows an example for a ShiftRows step.
Figure (2.6): ShiftRows example for encryption.
As shown in Figure 2.6, in the encryption process the first row will be circularly
shifted by zero byte, then the second row will be circularly shifted by 1 byte to the
lift, then the third row will be circularly shifted to the lift by 2-byte, while the last
row will be circularly shifted to the lift by three rows the shiftrow scheme is shown
in Figure (2.7).
A B
Figure (2.7): ShiftRows process for A: encryption B: decryption.
The design criteria for the SubBytes Step are to ensure the following:
04
1- To ensure that the diffusion is optimal by changing the offset for each row
this is important to provide immunity against differential and linear attacks.
2- To be immune against the truncated differential attacks and maximize the
saturation attackes (Daemen & Rijmen, 2013).
2.3.4 The MixColumns Step
The MixColumns Step is a permutation operation performed in the state column by
column.
The operation of the mix column stage is performing by multiplying the input
column by a matrix called D-box over polynomial of GF (28) to generate the output
column as shown in Figure (2.8).
Figure (2.8): MixColumns process.
An example for the equation of multiplication and the inversion D-box is shown in
Figure (2.9).
Figure (2.9): MixColumns process for A: encryption B: decryption.
The design criteria for the MixColumns Step are to ensure the following:
1- To work on the dimensions of the state columns as a four-byte process.
2- To be linear transformation over GF (2).
05
3- The transformation must have relevant diffusion power.
4- The transformation optimized to work on 8-bit processors (Daemen &
Rijmen, 2013) .
During the Mixcolums stage operation, each column is transformed using a fixed
matrix shown in figure 2.9.
Each column is treated as a polynomial over GF (2^8) multiplied over modulo
(Daemen & Rijmen, 2013)
For example the equation to compute the first byte b0 will be
The operation + denote to xor operation while the operation 02*x will be
multiplication in a finite field
The most complex process in the mix column stage is the multiplication in finite
field and is the fundamental process since the other multiplication derived
from this multiplication.
This operation will optimize for the following equation
(( ) )
This equation contains five cycle operation, but in the decryption process the
eqauation will containe 0E*x, 0D*x, 0B*x, 09*x as shown in figure 2.9.
These equations will be defined in term of 02*x equation as follow(Daemen &
Rijmen, 2013):
( ( ))
( )
( )
This will lead the operation cycles to increase to 15 cycles per finite field
multiplication operation.
So in general one byte mix column operation in the encryption process will consume
17 cycles and one one byte mix column operation in the decryption process will
consume 60 cycles which considered too long time.
06
2.3.5 The Key Addition
The Key addition which is called sometimes AddRound key is a transformation step
performed in each byte in the state. It’s done by performing the betwise xor between
the state matrix and a round key matrix which is generated by the key expansion
process.
The key addition process is shown in Figure (2.10)
Figure (2.10): Key addition process.
2.3.6 Key Schedule
The key Schedule contains two components: the key expansion and the key selection.
The key expansion is the process to generate the round key matrices which needed to
perform the key addition process and its generated from the cipher key, the number
of matrices needed is equal to the number of the round used.
The design criteria for the key expansion:
1- To achieve the maximum efficiency by decreasing the amount of the memory
used to the minimum value and has a high performance over a wide range of
processors.
2- To eliminate the symmetry using round constants.
3- To maintain the diffusion of cipher key differences to be effective.
4- The full determination of difference in the expanded key is prohibited only
from the cipher key by ensuring enough non-linearity (Daemen & Rijmen,
2013).
The full encryption and decryption process of the AES algorithm is shown in Figure
(2.11)
07
Figure (2.11): The full encryption and decryption process of the AES(Daemen & Rijmen,
2013).
2.4 random number generators
The randomness is a main issue in cryptography since for the keys to be secure, it
mustn’t be regenerated by attackers. Therefore, the random number generator is very
important for any encryption session and the main type of the random number
generator is True Random Number Generators (TRNG), Pseudorandom Number
Generators (PRNG), and Cryptographically Secure Pseudorandom Number
Generators (CSPRNG) (Paar & Pelzl, 2009).
08
2.5 AES Modifications
Modifying the AES algorithm has been done several times before, each researcher
limits his concerns to one characteristic to improve. The main characteristics that the
researchers concentrate on are the speed of the encryption and decryption or
customization for specific application, in the next sections, three schemes will be
discussed.
2.6 Previous work 1 - Modified Advanced Encryption Standard for Text
and Images:
This scheme concentrates on the overhead calculation for the advance encryption
standard (AES) and implements its modification to increase the speed of the
encryption and decryption algorithms. The proposed scheme achieves the speed
purpose by replacing the mix-column stage by a permutation stage that depends on
the permutation stage in the Data Encryption Standard (DES) algorithm as shown in
Figure (2.12) (Hameed et al., 2011).
Figure (2.12): The full encryption and decryption process for the modified scheme(Hameed
et al., 2011).
09
The proposed scheme achieves high speed encryption and decryption process
specifically for media like image also for plaintext transfer by eliminate the complex
process of the mix column, but in the other hand the security level of the algorithm
will decrease significantly because the using of old and part of an insecure
algorithms such as DES(FIPS197, 2001 ). Therefore, this will not be good solution
for high security requirements, taking into consideration the powerful computational
process for the attackers.
2.7 Previous work 2 - An Efficient Modified Advanced Encryption
Standard (MAES) Adapted for Image Cryptosystems:
This scheme concentrates on customizing the advance encryption standard (AES) for
specific application while maintain the complexity as high as possible because the
original implementation from the view of the writer is not suitable for real-time
applications.
The proposed modification is focused on the shift row stage in the original
implementation. It divides the shift row into two cases, the first case if the value of
the first byte in the state is odd and the second one if the first byte in the state is even.
A shifting operation is defined for each case as shown in pseudo code in Figure
(2.13) (Shtewi et al., 2010).
Figure (2.13): pseudo code for the modified shift row algorithm(Shtewi et al., 2010).
21
The proposed scheme achieves high level of security over the original AES
algorithm but on the other hand the speed of the algorithm will decrease and this is
not convenient with limited resource application which doesn’t have enough
processing resource to complete this processes especially in real time applications.
2.8 Previous work 3 -Modified Advanced Encryption Standard:
This modification concentrates on the fact that the computation power and attacks
against the advance encryption standard (AES) soon or later will be succeeded so
they introduce a large modification for the algorithm to expand the key to be 284,
512, 768 or 1024 bits, and that means to increase the security for the algorithm.
The modified AES algorithm which called (MAES) achieve the large key by redefine
the data block (state) to be contain 8 rows and variable number of column depends
on the key length chosen to be 6, 8, 12, or 16 columns when choose key length of
384, 512, 768, or 1024 bits, respectively. The Figure (2.14) shows when choosing the
1024-bit key length.
Figure (2.14): The state matrix for the MAES when select 1024 bits key(Scripcariu &
Frunza, 2012).
All the stage of encryption and decryption were extended to deal with this length of
the state (Scripcariu & Frunza, 2012).
Finally, the whole structure of the algorithm has been modified by increasing the key
length and the data block increase to large data block but this is not suitable for the
real time application that use small data for each packet since the block length of this
algorithm is too large and to fill a single block of data the real time link will be
delayed .
20
2.9 Summary:
In this chapter an introduction to cryptography and its purpose was discussed, then
the types of algorithms, which are Symmetric Encryption Algorithm and Asymmetric
Encryption Algorithm, and the difference between them was discussed. Then the
most used operations in the symmetric Encryption Algorithm were shown and one
example was given for each one.
After that the Symmetric Encryption Algorithm structures have been discused and
viewed two type of structure the block cipher and the stream cipher and an example
for each one, then we discussed the AES algorithm and its structure, then previous
modifications to upgrade the speed or the complexity for the algorithm was
reviewed.
Summary of the modification algorithms show the entropy test value and the speed
of the modified algorithm compared with the AES in Table (2.1)
Table (2.1): Summery of results for the previous works modifications.
Algorithm Security
test
Speed
up
AES 7.9941 1x
An Efficient Modified Advanced Encryption
Standard 7.9992 1x
Modified Advanced Encryption Standard for Text
and Images N/A 2x
Modified Advanced Encryption Standard 7.9941 .25x
22
Chapter 3
Design of Modified AES
Algorithm (MAES)
23
Chapter 3
Design of modified AES algorithm (MAES)
3.1 Introduction
Increasing the speed of the encryption and decryption algorithm, while keeping the
security level high is a vital for a lot of applications that require high security level
with limited resources. The AES algorithm explained in the previous chapter suffers
from consumption of unnecessary time to achieve the necessary complexity needed
to meet the security level. A new modification for the AES algorithm (MAES) is
done by replacing the MixColumns stage with random Generated IP vector for
Permutation or Transposition stage at every session of encryption. This will increase
the speed of the algorithm without a decrease in the security of the AES algorithm. In
addition, the security of the MAES algorithm can be enhanced using the permutation
stage that changes the IV vectors at every round of the encryption process.
The design of the MAES algorithm will ensure the following:
1- Speed up the encryption and decryption processes by replace MixColumns
stage with simple xor operations.
2- The input state will be the first input for the xor operation.
3- Increase the decryption level of complexity by
a. Using random number generator output as second input for xor
operation.
b. Key dependent random number generator.
The overall design of the MAES scheme compared with the AES algorithm is shown
in Figure (3.1).
24
Figure (3.1): The MAES algorithm compared with AES algorithm design.
3.2 The proposed design algorithm
The first goal of the MAES scheme is to increase the speed of the encryption and
decryption algorithms. The MixColumns stage is the most calculation demanding
stage in the AES design and therefore it consumes most of the time needed for
encryption and decryption. In the MAES design, the MixColumns stage is replaced
with a xor operation between the input state and random vector called IV.
This xor operation decreases the calculation demands to only 16 xor cycles since the
input state has 16 bytes and the xor operation consumes one cycle for each byte to be
done.
This number of cycles can be achieved using low-cost hardware that depends on 8-
bit processor the implementation of this scheme. However, this number of cycles can
be optimized if the encryption/decryption process is accomplished using hardware
with higher specifications. For example, if the dedicated hardware depends on 32-bit
processor, the overall cycle will be reduced to only 4 cycles since 4 xor operations
can be done in one cycle.
The overall design for the new stage that replaces the MixColumns stage is shown in
Figure (3.2).
25
Figure (3.1): The xor operation that replaces the MixColumns stage in the MAES design.
The MAES uses two approaches for the second input of the xor operation:
1- One IV vector for the entire rounds in encryption and decryption process.
2- One IV vector for each round in the encryption and decryption process.
The first approach will increase the speed of the initialization at the start of
the encryption session while the second will increase the security complexity
for the modified scheme.
The pseudocode of the first approach of the MAES is shown in Figure (3.3).
Figure (3.3): The function that represents the first approach of MAES.
The pseudocode of the second approach of the MAES is shown in Figure (3.4).
26
Figure (3.4): The function that represents the second approach of the MAES.
As shown in Figure (3.3) and (3.4), the input for the first approach is the input state
while the input of the second approach is the input state and the round number but in
the two cases the estimate time is similar.
To increase the security level, the second design will be chosen for the following
reasons:
1- It’s more complex with similar time consumption.
2- The extra time needed for the generation is small as the operation is done
once at the initialization step only.
3.3 The proposed random number generator
3.3.1 Extend the key expansion
The second goal of the MAES is to ensure the complexity of the algorithm to be high
while using the xor stage that replaces the MixColumns stage. To achieve this goal,
the focus will be on the IV vectors generator.
As mentioned earlier, there are two approaches in the xor operation. For each
approach, one IV vector or multiple IVs vectors must be generated in the
initialization step before the beginning of the encryption and decryption processes.
27
The MAES uses two algorithms of random number generators to generate the IVs
vectors that are needed in the encryption process.
1- Algorithm A: extends the key expansion algorithm with modified rounds to
generate the IVs vectors.
2- Algorithm B: uses an external random number generator to generate the IVs
vectors.
Both of the algorithms above use the secret key as a starting point so the generated
IVs vectors can be considered as key-dependent. This gives the MAES the
complexity needed to be secure as the AES algorithm (This will be verified later).
3.3.2 Extend the key expansion
Algorithm A can be done using the key expansion algorithm as a random number
generator, this algorithm will decrease the memory needed for the MAES in compare
with external random number generators algorithms that need high memory
allocation.
The pseudocode of the AES key expansion algorithm is shown in Figure (3.5). As
shown in the Figure (3.5), the first 16-byte is generated from the key then each 16-
byte is generated from the previous 16-byte so if we continue this operation we can
generate the IVs vectors needed for xor operation.
Figure (3.5): The pseudocode of the AES key expansion algorithm.
28
The MAES modifies the GENERATE_ROUND_KEY FUNCTION to add more
complexity to the IV vectors by combining more than one
GENERATE_ROUND_KEY function together.
The pseudocode of the modified AES key expansion processes used to generate the
one IV vector approach is shown in Figure (3.6)
Figure (3.6): The pseudocode modified AES key expansion processes used to generate the
one IV vector approach.
The pseudocode of the modified AES key expansion processes used to generate the
16 IVs vectors approach is shown in Figure (3.7)
29
Figure (3.7): The pseudocode modified AES key expansion to generate the 16 IVs vectors approach algorithm
As shown in the pseudocode, the one IV vector approach is done by generating
double the amount of the vectors needed for the AddRoundKey stage then the
algorithm combine all the generated vectors in one IV vector using xor operation.
The second approach is done by combining all the generated vectors into number of
IV vectors equals the round number.
The approach of using the key expansion algorithm in generating the random number
IV vectors gives the speed to the MAES but the key expansion algorithm is not
considered as complex random number generator due to simplicity in the function
GENERATE_ROUND_KEY. Therefore in order to raise the complexity of the
MAES more than this, an external random number generator can be used.
31
3.3.3 Using an external random number generator
The external random number generator will allow generating a complex random
numbers that needed to generate the IV vectors, and this will increase the security of
the MAES.
The new design uses the sha3 which is one of the HASH functions (Preneel, 2010) as
random number generator as shown in Figure (3.8), the pseudocode of the algorithm
that use the sha3 function to generate the one IV vector is shown in Figure (3.9)
while the pseudocode of the sha3 function to generate the 16 IVs vectors is shown in
Figure 3.10.
Figure (3.8): SHA3 as external random number generator.
Figure (3.9): The pseudocode to use SHA3 to generate the one IV vector approach
algorithm.
30
Figure (3.10): The pseudocode to use SHA3 to generate the 16 IVs vectors approach
algorithm.
The fact that the HASH function is used in the random number generators algorithms
have a high complexity and high speed encourages using it in the MAES as IV
vectors generator (Zeller & Neuhaus).
3.5 Summary:
In this chapter the MAES algorithm is discussed, when the MixColumns stage is
replaced with a xor operation to increase the speed of the encryption and decryption
algorithm. The encryption/decryption complexity will decrease and using external
random number generator will restore the complexity.
As discussed above using the 16 IVs vectors approach with external HASH function
due to high complexity and high speed (Falk & Fries, 2017) will be the best choice to
increase the speed while preserving the complexity.
32
Chapter 4
Evaluation
33
Chapter 4
Evaluation
4.1 Introduction
Any new encryption algorithm needs to pass some tests before adopting it, these tests
ensure that the new scheme will work without problems and don’t have any security
problem.in this chapter, these tests and encryption speed tests will be applied on the
MAES algorithm then the results will be discussed.
The first section displays the test vectors results that shows the three stages of design
1- The test vector for the AES algorithm.
2- The test vector when deleting the MixColumns stage from the AES
algorithm.
3- The test vector for the MAES when using the two approaches (one IV vector
and 16 IV vectors) of design.
The time needed for the xor operation stage will be calculated and compared with the
time MixColumns stage. Moreover, the overall time consumption needed for the
encryption and decryption process will be measured and compare with the time
needed for the AES encryption and decryption processes. After that, two of security
test algorithms will be applied on the MAES and compared with the AES algorithm
complexity.
Finally, a comparison between the speed and complexity results with previous works
will be shown.
The over all tests will be applied on the MAES is shown in Figure (4.1).
Figure (4.1): The over all tests will be applied on the MAES.
34
4.2 Test Vectors Compared with AES
To ensure the correctness of the MAES, test vectors must be generated by encrypt
multiple input states and decrypt it correctly, so when the MAES is implemented in
any hardware, the result of the encryption of these input state must be the same
(FIPS197, 2001 ).
The result of the test vectors for the AES algorithm that represented in Figure (4.2)
and the result of the test vectors for the AES algorithm while deleting the
MixColumns stage represented in Figure (4.3) and the result of the test vectors for
the MAES for the encryption process represented in Figure (4.4) are shown in Table
(4.1).
Figure (4.2): The flowchart for the AES algorithm.
In this Figure, the stages of the encryption are not modified since the first one is the
SubByte then the output of which will be shifted using the MixColumns stage. The
output of the MixColumns stage will be entered to the AddRoundKey operation.
Figure (4.3): The deleted mix column stage in AES algorithm.
35
Figure (4.3) represents the transition state between the AES algorithm and the MAES
scheme. The first two stages still without any modification but the output of the
second operation will be the direct input for the AddRoundKey stage.
Figure (4.4): The new scheme for the encryption and decryption process.
The final stage in the modification in Figure (4.4) shows that a new stage replaces
the MixColumns stage therefore the first two stages are still not modified but the
output of the second stage enter the new permutation stage and the output of the
permutation stage will be the input for the AddRoundKey stage.
Table (4.1): The result of the test vectors for the encryption process.
State / Output (Hex Value)
The KEY used in the encryption process (256-bit)
[00,01,02,03,04,05,06,07,08,09,0a,0b,0c,0d,0e,0f
00,01,02,03,04,05,06,07,08,09,0a,0b,0c,0d,0e,0f]
The Input state (16 - byte)
[00,11,22,33,44,55,66,77,88,99,aa,bb,cc,dd,ee,ff]
Output state for the AES algorithm
[04,a1,21,e9,20,33,c9,21,04,89,17,75,4f,96,1b,0d]
Output state for the Deleted the MixColumns algorithm
[b9,75,3f,3f,46,bc,92,27,af,00,86,a7,66,82,33,d3]
Output state for the permutation stage when using one IV vector for all rounds
[60 2a 40 8a 16 fe 60 78 b8 a9 7c f5 77 e6 19 5e]
Output state for permutation when using one IV vector for each round
[f1 75 d2 63 3c 33 cc a2 c7 fc aa 40 d9 2d aa c6]
36
The result of the test vector proves that the MAES have different output than the
AES and deleted the MixColumns stage. On the other hand the difference between
the input and the output of the encryption process in the bits level make an initial
impression that the complexity of the MAES algorithm is high.
4.3 Time calculation
In this section the time consumption needed for the MAES will be compared with the
AES algorithm. The modification in the algorithm is done in two places, the first one
in the key expansion algorithm to generate the IVs vectors which is dependent on the
approach used and the second place in the third stage in the encryption and
decryption process.
Notice that the results were computed at Windows 10 device that has core i7 on 2.4
GHz processor.
The time consumption needed for the sha3 and modified key expansion used in
generating the IVs vectors for the AES algorithm and the one IV vector for all rounds
and one IV vector for each round is shown in Table (4.2).
Table (4.2): The time consumption for the two algorithms used to generate the IVs vector.
State Time
(sha3)
Time
(key expansion)
AES (optimized implementation) 8.3 us 8.3 us
Approach 1: One IV vector generation for
all rounds 17 us 26.5 us
Approach 2: One IV vector generation for
each round 70 us 29.1 us
The result in Table (4.2) shows that using an external random number generator will
increase the time needed to generate the IV vector in the first approach to the double
amount needed in the AES Key expansion algorithm and this time is less than the
time needed in the modified AES key expansion algorithm. On the other hand using
the external approach will increase the time needed to 7 times greater than the AES
algorithm and double value needed for the modified key expansion algorithm.
37
This difference between the two modified algorithms depends on the design of the
modification. In the modified key expansion algorithm the cycles needed for the two
approaches is similar to achieve the complexity, but in the external random number
generator the operations needed to generate 16 IV vectors is 7 times greater than the
operations needed to generate one IV vector.
Table (4.3) show the time consumption for the MixColumns stage process compared
with the permutation stage in the MAES.
Table (4.3): The time consumption for the mix column stage process compared with the
permutation stage in the MAES.
Implementation Encryption
Time
Decryption
Time
AES (optimized implementation) 0.063000 us 2.361000 us
Approach 1: One IV vector generation
for all round 0.032000 us 0.040000 us
Approach 2: one IV vectors generation
for each round 0.031000 us 0.031000 us
In this Table the difference between the two algorithms is clear, when using an
optimized implementation for the MixColumns stage the time is reduced to the half
in the encryption process. While in the decryption process where it has more
complex operations of the MixColumns stage, the time needed for the permutation
stage is greater by 50 times.
The final result in the time consumption is shown in Table (4.4) that compares the
overall time consumption for the encryption and decryption process.
38
Table (4.4): The overall time consumption for the encryption and decryption process.
Implementation Encryption
Time
Decryption
Time
AES 74 us 253 us
AES (optimized implementation) 34 us 50 us
Approach 1: One IV vector generation for
all round 31 us 31 us
Approach 2:One IV vectors generation for
each round 30 us 30 us
In this Table the time of the encryption decreases to the half when using the AES
implementation while the decryption time decrease to one of fifth.
These results will be little worse when using optimized implementation for the AES
algorithm. The optimized implementation depends on assumptions found in the
hardware used to decrease the time needed for the Mixcolumns stage. Therefore the
encryption time for the MAES decreases slightly and decryption time decrease to the
half.
The overall results show that even when using an optimized implementation which
cost more memory, the MAES still the fastest.
4.4 Security Test
4.4.1 Introduction
To ensure the security of the encrypted data and the encryption algorithm the MAES
must pass several security tests. Here the following three tests will be examined:
1- The key space analysis.
2- The histogram statistical analysis.
3- The information entropy analysis.
4.4.2 Key Space Analysis
The key space analysis depends on the encryption key length and how much the
attacker need to decrypt the data using brute force attack (which depend on trying all
possible key to decrypt the data) (Henk, 2000), for example if the key length is 3 bit
then the attacker need to try only 8 keys ( to break the encryption. In the MAES
39
the key is still as the AES algorithm so the key space to perform the brute force
attack is ( depending on the key size, and such a
combination make the brute force attack invisible. This is reliable implementation for
practical use.
4.4.3 Histogram Statistical Analysis
Histogram is a statistical test that describes how the bytes distributed in data block
such a data file or images (Shtewi et al., 2010) In the total file for the plaintext (not
encrypted data) there is some data is duplicated and this can leak some sort of
information about the data, for this reason encrypted data must have equally
distributed byte so no information is leaked from the histogram of the encrypted data.
The MAES histogram analysis is shown in Figure (4.4)
Figure (4.5): The histogram analysis for the new scheme.
Figure (4.5) show the difference between the histogram of the original image before
the encryption and after the encryption process, while the original image have some
peaks that can describe the image, the histogram for the MAES show equally
distribution for all bytes of the data.
41
4.4.4 Information Entropy Analysis
The entropy is a measurement that indicates the randomness level of the data. For
security purpose, the output of the encryption algorithm must appear as random as
possible (Smart, 2003). For the 8-bit algorithm base (one byte) the entropy must be 8
to indicate complete randomness for the data, but the achieved entropy is usually less
than 8 by small value for the practical reasons. The entropy for the MAES compared
with the AES algorithm shown in Table (4.5).
Table (4.5): The entropy for the MAES compared with the AES algorithm.
Implementation Entropy (from 8)
unitless
AES 7.9941
Approach 1: One IV vector generation for
all round 7.9936
Approach 2:One IV vectors generation for
each round 7.9946
The previous Table shows that the MAES has good entropy value even more than the
AES algorithm in the Approach 2, also when using one IV vector for each round this
leads that the security for the MAES will be high.
4.5 Comparison the modified scheme with similar research results
4.5.1 Introduction
In this section two comparisons will be discussed with the previous works result the
first one will compare the speed result while the second will compare the entropy
result.
4.5.2 Compare the Speed Result
In this comparison the speed result for the MAES will be compared with the speed
result of the Modified Advanced Encryption Standard for Text and Images (Hameed
et al., 2011). The proposed algorithm modifies the AES algorithm to meet the speed
needed for real time application for the multimedia content. The result of the
proposed algorithm in the paper with the MAES compared with the AES algorithm is
shown in Table (4.6).
40
Table (4.6): Speed efficiency for the both algorithms.
Implementation Speed up
Modified Advanced Encryption Standard for Text
and Images 2X
MAES (decryption time) 2X
The Table shows that the time efficiency in the proposed scheme in the paper is
similar to the MAES.
The advantage of the new scheme lies in the randomness of the IV vector while it is
change in each encryption session. The modified scheme in the paper depends only
on static IV vector.
4.5.3 Compare the Complexity
In this comparison the complexity result for the MAES will be compared with the
complexity result of the proposed scheme An Efficient Modified Advanced
Encryption Standard (MAES) Adapted for Image Cryptosystems (Shtewi et al.,
2010). The proposed scheme modifies the AES algorithm to increase the complexity
to meet the multimedia real time applications needs. Table (4.7) shows the entropy
analysis between the proposed scheme in the paper and the MAES.
Table (4.7): the MAES and Efficient Modified Advanced Encryption Standard entropy
value.
Implementation entropy
An Efficient Modified Advanced Encryption Standard 7.9992
The MAES: one IV vector for each round 7.9946
The Comparison shows that the MAES have an entropy value similar to the one in
the proposed scheme in the paper.
The advantages of the MAES lie in the speed results, while on the MAES the speed
is twice of the AES, the speed in the proposed scheme in the paper same as AES
Algorithm.
42
4.6 Summary:
In this chapter, test vectors for the MAES are done to verify that the MAES work
correctly. Then the time consumption needed for the MAES has been computed and
compared with the time needed in the AES algorithm implementation and show that
the MAES decrease the time to half. After this and to ensure the security of the
encrypted data and the encryption algorithm the new scheme pass three security tests.
In the last section, the result of the speed and entropy for the new scheme was
compared with the previous works results, and illustrates the advantage of the new
scheme.
43
Chapter 5
Conclusion and Future
Work
44
Chapter 5
Conclusions and Future Work
5.1 Conclusions
Companies use Cryptography and encryption to protect the sensitive data from
unauthorized access or modification.
One of the widly used algorithms is advance encryption standered (AES), this
algorithm suffer from consuming unnecessary time to achive the complexity
requrments needed for the encryption process specially for the real time application.
Several modifications have been done on the algorithm to reduce the consuming time
or to increase the complexity of the algorithm, but all the modification concentrate
on one purpose which is decrease the consumption time or increase the complexity of
the algorithm.
In this thesis, a new modification is applied on the AES algorithm to adapt the AES
algorithm for real time applications. The new algorithm which is called MAES can
increase the speed of the encryption and decryption processes while maintaining the
complexity of the encryption as high as possible.
The modification can increase the speed of the algorithm by replacing the
mixcolumn stage with xor operation; while the complexity requirements can be
achieved by using random number generator depends on the key to generate the IV
vector.
This MAES will be good step in the next generation of applications that considers
speed and complexity one of the critical issues like the blockchain algorithms.
5.2 Future Work
Implement the design of the MAES on a hardware kit that supports multimedia
applications will give good support for the algorithm.
On the other hand the complexity of the algorithm will be more complex if the length
of the key twice longer than the AES algorithm. And applying the MAES design on
another symmetric encryption schemes will increase the security level of the
algorithms.
45
The Reference List
Daemen, J., & Rijmen, V. (2013). The design of Rijndael: AES-the advanced
encryption standard: Springer Science & Business Media.
Durcikova, A., & Jennex, M. (2017). Introduction to Confidentiality, Integrity,
and Availability of Knowledge and Data Minitrack. Paper presented at the
Proceedings of the 50th Hawaii International Conference on System
Sciences.
Falk, R., & Fries, S. (2017). Random number generator and method for
generating random numbers. In: Google Patents.
FIPS197. (2001 ). Advanced Encryption Standard (AES). Springfield,
Virginia,US.
Gilbert, S. P. (2017). An Introduction to Cryptography RSA, ElGamal And Elliptic
Curve Encryption. American University,
Hameed, S., Riaz, F., Moghal, R., Akhtar, G., Ahmed, A., & Dar, A. G. (2011).
Modified Advanced Encryption Standard For Text And Images.
Computer Science Journal, 1(3).
Henk, T. (2000). fundamentals of cryptology A Professional Reference and
Interactive Tutorial: KLUWER ACADEMIC PUBLISHERS.
Jacobson, N. (2012). Basic algebra I: Courier Corporation.
Paar, C., & Pelzl, J. (2009). Understanding cryptography: a textbook for students
and practitioners: Springer Science & Business Media.
Pancholi, V. R., & Patel, B. P. (2016). Enhancement of cloud computing security
with secure data storage using AES. International Journal for Innovative
Research in Science and Technology, 2(9), 18-21.
Patarin, J. (2017). Mirror theory and cryptography. Applicable Algebra in
Engineering, Communication and Computing, 28(4), 321-338.
Preneel, B. (2010). Cryptographic Hash Functions: Theory and Practice. Paper
presented at the ICICS.
Scripcariu, L., & Frunza, M. (2012). Modified Advanced Encryption Standard.
Paper presented at the 11th international conference on development
and application systems, Romania.
Selent, D. (2010). Advanced encryption standard. Rivier Academic Journal, 6(2),
1-14.
Shtewi, A. A., Hasan, B. E. M., & Hegazy, A. (2010). An efficient modified
advanced encryption standard (MAES) adapted for image
cryptosystems. IJCSNS International Journal of Computer Science and
Network Security, 10(2), 226-232.
Smart, N. P. (2003). Cryptography: an introduction (Vol. 3): McGraw-Hill New
York.
Stallings, W., & Tahiliani, M. P. (2014). Cryptography and network security:
principles and practice (Vol. 6): Pearson London.
Zeller, A., & Neuhaus, S. Random Number Generator Designs.
