Hill Cipher with Parallel Processing Involving Column, Row Shuffling, Permutation and Iteration on Plaintext and Key

Transcription

1 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue.2 7 Hill Cipher with Parallel Processing Involving Column, Row Shuffling, Permutation and Iteration on Plaintext and ey Aruna Varanasi Sreenidhi Institute of Science & Technology Yamanmpet, Ghatkesar, Hyderabad - 53, AP, India arunavaranasi@sreenidhi.edu.in ABSTRACT We have developed a block cipher by modifying the classical Hill cipher. In this we have introduced features like column shuffling, row shuffling, circular shift, modular arithmetic addition, Permutation and Iteration. Iteration involves parallel operations to reduce the execution time. All the transformations applied on the plaintext are also applied on the key for generating sub keys. The plaintext bits are thoroughly mixed using column shuffling and row shuffling. For simplicity, the plaintext is added with the unique sub key in iteration. The above mentioned operations carried out in this analysis led to a thorough confusion and diffusion of the plaintext. The avalanche effect and the cryptanalysis, carried out in this investigation, clearly indicate that he cipher is secured one. Here we conclude that the parallel operation in each iteration increases the speed of execution, whereas the shuffling, permutation and modular arithmetic addition plays a prominent role in strengthening the cipher. eywords-plaintext, Ciphertext, Cryptography, Cryptanalysis, Encryption, Decryption.. INTRODUCTION We find a number of block ciphers [-5] in the literature of Cryptography, which have been extensively used for some sort of permutation and several transformations on the plaintext along with the key, resulting in strong ciphers. Recently Aruna et al [6] have suggested a block cipher by using an iterative method that involved permutation of plaintext and subkey generated in each iteration. The key which was taken in the form of a matrix containing ASCII bits and generated subkeys from the key for each iteration. The plaintext was taken in the form of matrix of size 4X8 comprising binary bits. During encryption modulo 2 6 addition was used. For decryption modular additive inverse of the subkeys were used. In this paper, we suggest a block cipher which involves permutation, mixing and modulo 2 6 addition of the plaintext and the key. It results in large number of transformations of the plaintext along with the key resulting in a strong cipher. All the transformations applied on the plaintext are also applied on the key for generating subkeys. The proposed cipher is different vis-a-vis the cipher [6] in the context of the simple algorithm developed for generating subkeys. This simplicity of generating subkeys facilitates the Rama Chandra Mummadi Sreenidhi Institute of Science & Technology Yamanmpet, Ghatkesar, Hyderabad - 53, AP, India ramchandram@sreenidhi.edu.in implementation of the cipher in Hardware. In section 2 of this paper we discuss the development of cipher, while in section 3 we present algorithm for Encryption and Decryption and the modulo arithmetic inverse. In section 4 we illustrate the cipher, while in subsequent section we present the cryptanalysis. Section 6 deals with the avalanche effect, a crucial factor that indicates the strength of the cipher. Towards the end, we present the conclusion. 2. DEVELOPMENT OF CIPHER Before discussing the development of the cipher let us now describe the generation of the key matrix. Let us assume the key denoted by written as = qrstuvwxyzabcdef (2.) From this we shall generate the subkeys, which will be subsequently used in each iteration in the generation of the cipher. The subkeys used in each iteration generated are as follows: Let us convert each element of the key into its corresponding 7 bit ASCII code. This will result in 2 bits denoted as OA. OA =[ ] (2.2) Let us take the first sixteen bits of OA out of 2 bits shown in (2.2) and place them in the first row of a matrix of size 7x6. The next sixteen bits of OA are taken and placed in the second row of the same matrix. We continue this process and generate the matrix until we exhaust all the 2 bits of OA. The resultant key is as shown below. (2.3) RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $

2 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue.2 7 Now let us choose another key, p comprising of sixteen ASCII characters in a random manner from to 5. p is chosen as p = [ ] (2.4) ey matrix is permuted using. from p by using the following equation p p is deduced p = p (2.5) = [ p ] (2.6) Now let us describe the permutation of each row of the above key matrix given in (2.3) based on the position of characters of given in (2.6) p The sixteenth bit in the first row of the matrix is placed as the first bit of the same row in the resultant matrix denoted by OAP. The fifteenth bit of the first row is placed as the second bit of the same row. We keep on arranging the remaining bits of the first row of depending upon the position of numbers given in. The same procedure is adopted for all the remaining rows of using. OAP p p (2.7) Now we describe the process of generating the subkeys. The procedure for generating the first subkey described hereunder: S is The process of mixing the bits of the ey matrix OAP, column wise, adopted in ColShuff () function can be described as follows: The first column of OAP is placed as it is. The second column is replaced by the ninth column, and the third column is replaced by the second column, the fourth column is replaced by the tenth column the fifth column is replaced by the third column, sixth column is replaced by the eleventh column, seventh column by the fourth column, eighth column by the twelfth column, ninth column by the fifth column, tenth column by the thirteenth column, eleventh column by the sixth column, twelfth column by the fourteenth column, thirteenth column by the seventh column, fourteenth column by the fifteenth column, fifteenth column by the eighth column. The sixteenth column is placed as it is. This will result in the matrix given by S S. The process of mixing the bits of the ey matrix (2.8) S, row wise, used in RowShuff () function can be described as follows: Now let us leave the first row as it is and replace the second row with the fifth row, third row with the second row, fourth row with the sixth row, fifth row with the third row, sixth row with the seventh row and seventh row with the fourth row. This will result in the first subkey, given by S (2.9) Now, let us describe the process of generating the second subkey from wherein we use permuted key, S 2 S p 2. The permuted key p 2 is derived from p by making the circular left shift operation by one element on shown in (2.6). p = [ p ] (2.) The procedure adopted in the generation of OAP from is used to generate OAP from S. Let us generate the subkey S 2 from OAP similar to the manner used in the generation of S from OAP. S 2 is then used to generate S 2 in the same way as S was generated from S. The above described procedures adopted in the generation of are used in the generation of the remaining S 2 subkeys namely, S 3 to S 6. Now these subkeys are used along with the plaintext in the generation of the cipher, which is described below. S RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $

3 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue.2 72 RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $ Let us denote the plaintext by P. Choose P =" network security " (2.) We shall now write the plaintext matrix, P from P as follows. By taking the 7 bit ASCII code for each character of the plaintext P, we get 2 bits of plaintext. P OA P OA = [ ] (2.2) Let us take the first 6 bits of P OA shown in plaintext matrix (2.2) and place them in the first row of a matrix P of size 7x6. The next 6 bits of P OA are taken and placed in the second row of the same matrix P. Similarly, we continue this process to generate the matrix P until we exhaust all the 2 bits of the plaintext P OA. P (2.3) We now describe the procedure adopted for the permutation of the plaintext P based on the permutation key P shown in (2.6). We shall place the sixteenth bit in the first row of the plaintext matrix P as the first bit of the same row in the resultant matrix, denoted as P OAP. The fifteenth bit of the first row of P is placed in the second bit of the same row of P OAP. In this way we arrange the remaining bits of the first row of matrix P depending upon the position of the numbers given in P resulting in the first row of the matrix P OAP. We adopt the same procedure for all the remaining rows of P using P. Hence, we have P OAP = (2.4) P OAP The matrix P given below, is derived from the matrix P OAP as per the procedure enunciated earlier in the generation of the first subkey S from OAP. (2.5) P Encryption Process: The process of encryption in single round is described by the flowchart given in Figure. Let us now convert the first row of S into its decimal equivalent. We shall also convert the first row of P into its decimal equivalent. We shall now perform the modulo arithmetic addition(2 6 ) on the resultant decimal equivalents of the first rows of S and P respectively, thereby resulting in the first row of the matrix,c deci whose size is 7x. The subscript deci is written to indicate the decimal equivalent. The process is repeated for the remaining 6 rows of P and S which would give rise to the rest of the six rows of C deci.

4 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue.2 73 C deci = (2.6) Convert each row of C deci (which is a decimal number) into its corresponding binary equivalent. This gives rise to sixteen bit binary number for each row. This would result in a matrix, C of size 7x6. C (2.7) Now we shall describe the Permute () operation. Let us now rearrange the bits of C as per the procedure explained below to generate the matrix, C of size 7x6. Here the first seven columns of C are obtained by the following process: Writing the element of the eighth column of fourth row of C as the element of first column of first row. Now we place the element of the seventh column of fourth row of C as the element of first column of second row. In a similar manner, the remaining elements of fourth row of C are placed in their reverse order explained previously. The same procedure is adopted for all the elements of the third, second and first rows of C. the eight columns of C are formed. Then the remaining eight columns of C are formed as follows: the last eight elements of fourth row, all the fifth, sixth and seventh row of C are placed directly in their order as the elements of ninth column to sixteenth column. C (2.7) This completes the first iteration (round) giving rise to the first round cipher denoted as C. Now, this C becomes the plaintext P for the second round. We shall adopt the same procedure for the remaining fifteen rounds to generate the ciphertext C of size 7x6. C (2.8) We concatenate each row of C and get the 2 ciphertext bits. Let us now convert the binary bits of C into decimal numbers by taking 7 bits at a time, starting from first bit. C (2.9 ) Decryption of the cipher is done using the same algorithm as encryption with the input being the ciphertext. The decryption subkeys used are the modular additive inverses of the Encryption subkeys with the key roles being reversed from that of encryption. It may be noted here that IPermute (), IRowShuff () and IColShuff () in decryption are reverse processes of Permute (), RowShuff () and ColShuff () respectively used in encryption process. 3. ENCRYPTION AND DECRYPTION ALGORITHMS In what follows, we briefly present the algorithms for subkey generation, encryption, decryption and additive inverse of the subkeys respectively. 3. Algorithm for Subkeys Generation Step : Initialize key, and permutation ey, p Step 2: Generate A from Step 3: Generate from A Step 4: = p p Step 5: for i= to 6 Permute to generate AP by using si = ColShuff ( AP ) si = RowShuff ( si ) = si p(i+) = Lcirshift( pi ) // left circular shift // s to s6 are the subkeys Step 6: end 3.2 Algorithm for Encryption Step : Read plaintext P, permutation key, p and subkeys s to s6. Step 2: Generate P A from P Step 3: Generate P from P A Step 4: = p p Step 6: for i= to 6 pi RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $

5 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue.2 74 Step 7: C = C 6 Step 8: end Generate P AP using P and pi P i = ColShuff (P AP ) P i = RowShuff(P i ) C i = (P i + si ) % 2 6 C i = Permute(C i ) P = C i 3.3 Algorithm for Decryption Step : Read ciphertext C, permutation key, p and subkeys s to s6. Step 2: C = C Step 3: p6 = Lcirshift 5 ( p ) // left circular shift by 5 bits. Step 4: for i=6 to C i = IPermute(C) P i = (C i + si - ) % 2 6 P i = IRowShuff(P i ) P AP = I ColShuff(P i ) Do Inverse permutation to generate P i from P AP using pi. C = P i p(i-) = rcirshift( pi ) // right circular shift Step 5: P = P 3.4 Algorithm for Finding Modular Additive Inverse of the Subkeys Step : Read subkeys s to s6\ Step 2: for i = to 6 Find si - such that ( si + si - ) % 2 6 == // s - to s6 - are the additive inverse of the subkeys s to s6 Step 3: end 4. ILLUSTRATION OF THE CIPHER Let us consider the plaintext given below in quotes (quotes are not part of the plaintext): network security measures are needed to protect data during their transmission (4.) Let us focus our attention on the first sixteen characters of the plaintext. we have network security (4.2) Now consider a key comprising 6 characters which is given by qrstuvwxyzabcdef (4.3) As discussed in section 2, we generate sixteen subkeys, s to s6 which is outlined in section 3.. By using the encryption algorithm as described in section 3.2, and the plaintext given by equation (4.2) and the subkeys s to s6, the ciphertext is generated for the plaintext is as shown below. The ciphertext is shown below C (4.4) The key given in (4.3) should be made available to the Receiver. The original plaintext is recovered from the cipher by using the decryption algorithm (explained in - - section 3.3) and the inverse subkeys, s to s6 (modulo additive inverse 2 6 of s to s6 ) outlined in section 3.4. As the encryption involves Permutation, modular arithmetic addition and mixing the complexity of the algorithm increases, which results in confusion and diffusion, which are the two basic building blocks to show that cipher is a strong one against cryptanalysis. 5. CRYPTANALYSIS In the literature of Cryptography the general methods of cryptanalytic attack are. Ciphertext only attack (Brute force attack) 2. nown plaintext attack 3. Chosen plaintext attack and 4. Chosen ciphertext attack In this analysis we have taken the key, consisting of 6 numbers, where each number can be represented in terms of 7 binary bits (ASCII). the length of the key is 2 bits, in view of this fact the size of the key space is 2 2 = (2 ). 2 ( 3 ). 2 = If the determination of the plaintext for each value of the key takes -7 seconds, then the time required for computation with all the possible keys in the key space is given by x years 365 x 24 x 6 x 6 = 3.7 x ( ) = 3.7 x () 8.6 years years the cipher is computationally secure. In the case of the known plaintext attack, we know as many pairs of plaintext and ciphertext as we require. For example, we confine our attention only to two rounds of the iteration process in the encryption. For the sake of convenience in presentation, let us denote the function Permute () as F(). RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $

6 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue.2 75 Then we have P = (P+) mod 2 6, (4.) P = F(P), (4.2) P = (P+) mod 2 6 and (4.3) P = F(P) mod 2 6. (4.4) C = P (4.5) From (4.) - (4.5), we get C = F(( F((+P) mod 256)+ ) mod 256). (4.6) In (4.6) the innermost and P are added and the result is operated with mod 2 6. On converting the resulting numbers into their binary form, permutation is performed, as mentioned earlier, and the resulting matrix containing decimal numbers is obtained. Then this matrix is added by and mod 2 6 is taken. we have got a new matrix whose permutation yielded C. In this process the and P are getting thoroughly interacted, and their binary bits are undergoing diffusion and confusion in a very strong chaotic manner. This is all on account of the permutation and mod operation. Moreover the plaintext bits are shuffled row wise and column wise. Hence, the Plaintext bits are scattered. The and P are losing their shapes and getting thoroughly mixed, so that no trace of them can be found separately. In the above analysis we have taken only two rounds. In general in our analysis of this problem, as we have sixteen rounds, we get C =F((.. F((F((P+) mod 256)+)mod 2 6 )..) mod 2 6 ). In this relation, as we have addition, mod 2 6 and Permutation playing a vital role, the binary bits of and P are undergoing several changes several times. we are not able to get the key or a function of the key so, that the cipher can be broken. Hence the cipher is a very strong one. The third and fourth attacks namely chosen plaintext and chosen ciphertext attacks merely depend upon the vision and the intuition of the attacker. Though the cipher is an elegant one, its suggesting a plaintext or a ciphertext to be chosen is found to be impossible. Hence the cipher is secure in the last two cases too. 6. AVALANCHE EFFECT Avalanche effect is one of the parameters that depict the strength of a Cryptographic algorithm. Here we test our algorithm by considering the avalanche effect. We obtain the ciphertext, C mentioned in (4.4) corresponding to the plaintext, P given in (4.2) and ey given in (4.3). Here we change the third character in the plaintext (4.2) from t to u, which is equivalent to changing the plaintext in a single bit position, i.e. Network security. By using the same key mentioned in (4.3) and applying the encryption algorithm discussed in section 3, we obtain the ciphertext, C new given by C new (6.) On comparing (4.4) and (6.), it is observed that the two ciphers differ by 63 bits out of 2 bits. This clearly shows that the cipher exhibits a strong avalanche effect. Let us change the fourteenth character in the ey (4.3) from d to e, which amounts to changing single bit. The new key is qrstuvwxyzabceef (6.2) eeping the plaintext as original plaintext given by(4.2) and applying the new key given by (6.2) and using the Encryption Algorithm mentioned in section 3.2 we get the ciphertext,c knew given by C knew (6.3) On comparing the two ciphers given in (4.4) and (6.3), it can be seen that the two ciphers differ in 6 bits out of 2 bits. This once again proves that the algorithm has pronounced avalanche effect. It is only after 3 rounds the algorithm becomes complex enough to make a one bit change in key or in the plaintext resulting in a significant change in the cipher (binary bits). One bit change in the key or the plaintext results into change of 7 bits or 65 bit in the ciphertext (binary bits). This clearly indicates that the cryptographic algorithm itself manifests avalanche effect significantly after ten rounds. 7. EXPERIMENTAL RESULTS AND CONCLUSIONS In this analysis we have written java programs corresponding to the algorithms for encryption and decryption presented in section 3. On dividing the complete plaintext (3.) into blocks, wherein each block contains 6 characters, we have adopted the process of the encryption. However, in the last block whose length is less than 6 characters, we have appended blank spaces at the end to make the block size to 6 characters. we get the ciphertext for the entire plaintext in the form shown below. RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $

7 International Journal of Computer Networks and Security, ISSN: , Vol.23, Issue REFERENCES [] William Stallings, Cryptography and Network Security, Principles and Practice, Third Edition, Pearson, 23. [2] V. U.. Sastry, S. Udaya umar, and A Vinaya Babu, A Large Block Cipher Using Modular Arithmetic Inverse of a ey Matrix and Mixing of the ey Matrix and the Plaintext, Journal of Computer Science, Vol. 2(9), pp , 26. [3] Behrouz A. Forouzan, Introduction to Cryptography and Network Security, McGraw-Hill Higher Education, 28. [4] Davies D W, Some Regular Properties of the DES, Advances in Cryptology, Springer-Verlag, 992. [5] V. U.. Sastry, V. Janaki, On the Modular Arithmetic Inverse in the Cryptology of Hill Cipher, Proceedings of North American Technology and Business Conference, Sep. 25. [6] V.U..Sastry, Aruna Varanasi, A Modified Hill Cipher Involving Permutation, Iteration and the ey in a Specified Position (IJCNS) International Journal of Computer and Network Security, Vol. (), pp.57-62, October 2. RECENT SCIENCE PUBLICATIONS ARCHIVES October 23 $