Key Words: AES Algorithm, Genetic Algorithms, Ciphering, Key Expansion.

Transcription

1 Using Moifie Genetic Algorithm to Replace AES Key Expansion Algorithms Abullah Abali Rashe Saba university Research, Stuies an Training Center Sana, Yemen. Abstract The main criterion of the ciphering key is that it will be expane to scheule key in ciphering phase. In aition, the scheule key is use to encrypt the plain text block. However it is preferre to have an inverse that will be use to ecrypt the ciphere ata block. This paper presents a new simple approach to carry out the key expansion process; it first takes the cipher key an expans it to construct the scheule key. The propose approach is simple an fasts as it is base on Moifie Genetic Algorithm (MGA). Key Wors: AES Algorithm, Genetic Algorithms, Ciphering, Key Expansion. 1. Introuction Key scheule algorithm process is expaning short cipher key (128 bits) into large set of keys (1408 bits), calle roun keys (10). Scheule key is very important phase in ciphering algorithms, as a strong scheule key means a strong cipher that woul be more resistant to various forms of attacks, such as ifferential an linear cryptanalysis (5). Carter, Dawsony an Nielseny (5) classifie AES caniates accoring to key scheules as the authors thought that key expansion is very important as strong scheule key means stronger algorithm against both linear an ifferential cryptanalysis. They recommene that the scheule key of AES caniates shoul be upgrae. Genetic Algorithms (Gas) have playe a strong role in ata security systems, Yaseen et.al. (15) use genetic algorithm for the cryptanalysis, Spillman an et al. use GA to cryptanalysis a simple substitution (14), Mathews use GA in transposition ciphers (9) an Spillman use GA in knapsack base systems (13), Bagnall use GA to crack ifficult systems such as block cipher (Data Encryption Stanar DES) (3), Grunlingh et. al. use GA to attack mono-alphabetic substitution but their approach not seeme effective against transposition (8). Bagnall et al. use Genetic Algorithm as cryptanalysis of a three rotor machine using genetic algorithm an their results showe that an unknown three rotor machine can be cryptanalyse with about 4000 letters of ciphertext (4), Dimovski et al. (7) presente an automate attack on the polyalphabetic substitution cipher whereas Rashe (12) use Limite Genetic Algorithm (LGA) to generate a pool of cipher keys an scheule keys that will be use in ciphering an eciphering AES processes. However it was suggeste having a pool of AES keys an a scheule key woul be taken from this pool then the ciphere block an inex of the start location (1).

2 It is useful to avoi the normal key scheuling process, an specify the cipher keys (which shoul be ranom an inepenent) irectly (2). In this research the genetic algorithm process will be moifie to assist in the process of generating ciphering an scheuling keys. 2. Basic Iea of GAs (12) Genetic algorithms consist of three phases as following: (I) Reprouction Operation: The ol string is carrie through into a new population epening on the performance inex values. The fitness values are calculate for each caniate string using a fitness function, which epens on a goal for optimization problems. Accoring to the fitness values, string with larger fitness values give rise to a larger number of copies in the next generation. (II) Crossover operation: The strings are ranomly mate using the crossover operation. Each pair of caniate strings will unergo crossover with the probability cross. This operation provies ranomize information exchange among the strings. (III) Mutation operation: Mutation is simply an occasional ranom alteration of the value of a string position. In a binary coe, this involves changing a 1 to 0 an vice versa. The sequence of successive stages of genetic algorithms is shown in figure (1). OLD POPULATION NEW POPULATION Evaluation SELECTION MUTATION MATING Crossover Figure (1) sequence of genetic algorithm 3. Key Expansion in AES (6 an 11) The Expane Key is a linear array of cipher key (4-byte wors) an is enote by W[Nb*(Nr+1)]. The first Nk wors contain the Cipher Key. The key expansion function epens on the value of Nk: there are two versions of Nk as Nk may be equal to or below 6 (Nk4 or 6), or Nk above 6 (Nk8) for Nk 6, we have the following algorithm: Function keyexpansion(byte Key[4*Nk] wor W[Nb*(Nr+1)]) For i 0 to Nk step by 1 W[i] (Key[4*i],Key[4*i+1],Key[4*i+2],Key[4*i+3]) En for

3 For ink to Nb (Nr + 1) step by 1 temp W[i - 1]; if i mo Nk 0 temp subbytes(rotbytes(temp)) ^ rcon[i / Nk] W[i] W[i - Nk] ^ temp En if En for En keyexpansion subbytes(state) is a metho that substitutes each byte of applying the AES (Rijnael) S-box to the byte at the corresponing position in the input wor returns a 4-byte wor. The function rotbytes(w) returns a wor in which the bytes are a cyclic permutation of those in its input such that the input wor (a,b,c,) prouces the output wor (b,c,,a). The first Nk wors are fille with the cipher key. Every following wor W[i] is equal to the EXOR of the previous wor W[i-1] an the wor Nk positions earlier W[i-Nk]. For wors in positions that are a multiple of Nk, a transformation is applie to W[i-1] prior to the EXOR an a roun constant is EXORe. This transformation consists of a cyclic shift of the bytes in a wor (rotbyte), followe by the application of a table lookup to all four bytes of the wor (subbytes). For Nk > 6, we have: Function keyexpansion(byte Key[4*Nk] wor W[Nb*(Nr+1)]) For i 0 to Nk step by 1 W[i] (key[4*i],key[4*i+1],key[4*i+2],key[4*i+3]) En for For i Nk to Nb (Nr + 1) step by 1 temp W[i - 1] if i mo Nk 0 temp subbytes(rotbyte(temp)) ^ rcon[i / Nk] en if else if (i mo Nk 4) temp SubBytes(temp) en else if W[i] W[i - Nk] ^ temp En for En keyexpansion The roun constants are inepenent of Nk an efine by:

4 rcon[i] (RC[i], 00, 00, 00 ) with RC[i] representing an element in GF(2 8 ) with a value of x( i - 1) so that: RC[1] 1 (i.e. 01 ) RC[i] x (i.e. 02 ) (RC[i-1]) x(i-1) Roun Key Selection Roun key (i) is given by the roun key buffer wors W[Nb*i] to W[Nb*(i+1)] The cipher The cipher AES consists of An initial Roun Key aition; Nr-1 Rouns; A final roun. The algorithm is: Input: State, CipherKey Output: ciphereblock Function AES keyexpansion(cipherkey,expanekey) ; arounkey(state,expanekey); for i1 to Nr-1 step by 1 Roun(State,ExpaneKey + Nb*i) ; ciphereblock finalroun(state,expanekey + Nb*Nr); en for en AES The key expansion can be one on in avance an AES can be specifie in terms of the Expane Key. Input: State, ExpaneKey Output: ciphereblock Function AES arounkey(state,expanekey) for i1 to Nr-1 step by 1 roun(state,expanekey + Nb*i) ciphereblock finalroun(state,expanekey + Nb*Nr) en for en AES Note: There are no restrictions on the selection of the Cipher Key. Whereas expane key must be expane from cipher key.

5 4. Propose Algorithm To ate there has been no reporte research using GAs in any form or shape within a key expansion. The work introuce in this paper will show the use of the first moifie GAs in key expansion algorithm. The moifie GAs will only use some of the conventional GAs process; this will inclue ranom initialization of the first population of cipher keys, an then apply the process of ranom cross over an mutation to prouce further sets of cipher keys. In this research all cipher keys will be consiere acceptable an hence, there will be no nee to search for a best cipher key, since all keys will be use to cipher ata in this system. The propose algorithm in this case will only be use to generate cipher keys an it will not involve any search or optimization techniques. 4.1 Algorithm MGA Key Expansion Input: Nk Output: scheule key with length (Nr+1)Nb Initialization: generate a cipher key (Nk wors) in hexaecimal format. Generate Chil 1 an Chil 2 by Calling MGA algorithm (cipher key) Generate Chil 3 an Chil 4 by Calling MGA algorithm (Chil 1) Generate Chil 5 an Chil 6 by Calling MGA algorithm (Chil 2) Generate Chil 7 an Chil 8 by Calling MGA algorithm (Chil 3) Generate Chil 9 an Chil 10 by Calling MGA algorithm (Chil 4) If Nk 6 then Generate Chil 11 an Chil 12 by Calling MGA algorithm (Chil 5) En if If Nk 8 then Generate Chil 13 an Chil 14 by Calling MGA algorithm (Chil6) En if The crossover point woul be in the range [2...6] an shoul not be uplicate as the crossover point of the chil shoul be ifferent to the parents. En 4.2 Function MGA Input: cipher key with 16 bytes Output: two chilren consiere as roun keys Convert all elements of the cipher key into binary String Generate ranom crossover point using equation 1 Recombine iniviuals Mate iniviuals as follows: Generate two ranom points, r1 an r2 Key1 leftkey r2 with rightkey r1 Key2 rightkey r1 with leftkey r2 A the new population to the ol ones

6 En GACipherkey For the secon roun: The crossover point shoul not be the same as the previous roun as it might prouce the parent element again. To prevent repeating the parent value (at gran chil level), the algorithm have to follow up the following equation (1). If ol Crossover point new Crossover point then New crossover point i+i mo 5 equation (1) 5. Avantages of the Propose Scheme The use of moifie Genetic algorithm can introuce number of avantages to the whole process of crypto inustry. These avantages will inclue the following: This approach is very fast with comparison to all other conventional methos use to ate. In this approach only the cipher key an the crossover point for each roun will be sent to the receiver. 6. Illustrative Example Key Expansion Assuming that we have the cipher key 41 c c 41 c the scheule key shoul be as shown in figure 2 an figure 3. Parent ٧ c 6c c chil1 chil c c c6 54 c4 26 6c 4c chil 3 chil 4 chil 5 chil 6 24 c6 26 c6 c c6 c 6c 62 c4 c6 26 c c6 c c 4c 48 c6 c c6 c6 c c c c c chil 7 chil 8 chil 9 chil 10 c4 c4 c c c6 c4 c6 c c c

7 c6 c Figure 2: MGA for Nk4 7. Conclusion This paper showe how moifie genetic algorithms can be use to prouce a ciphering or scheule key. However the Moifie Genetic algorithm can be use to expan the cipher key to scheule key in any ciphering algorithm. The results obtaine using this metho has showe a highly secure an efficient algorithm an it ecrease the complexity of the original AES algorithm by more than 50%. As future work the algorithm can be enhance to have an inverse algorithm. References 1. Ajlouni N. A. El-Sheikh an A.Abali Rashe, New Approach in Key Generation an Expansion in Rijnael Algorithm, International Arab Journal of Information Technology, vol. 3, no. 1, January 2006, 2. Symmetric Ciphers, 3. Bagnall A., The Application of Genetic Algorithm Cryptanalysis, Mater Degree Thesis, 1996, School of Information Systems, University of East Anglia, 4. Bagnall A., McKeon G. an Raywar-Smith V., The Cryptanalysis of a Three Rotor Machine Using Genetic Algorithm, available at 5. Carter G., Dawsony E. an Nielseny L., Key Scheule Classification of the AES Caniates, Proceeings of Secon AES Caniate Conference (AES2), Rome, Italy, March Daemen J. an Rijmen V., AES Proposal: Rijnael, AES Algorithm Submission (version 2), September 3, 1999, available at AES page available via an at 7. Dimovski A., Gligoroski D., Attack On The Polyalphabetic Substitution Cipher Using A Parallel Genetic Algorithm, Technical report, Swiss- Maceonian scientific cooperation trought SCOPES project, March 2003, Ohri, Maceonia 8. Grunlingh W. an Vuuren J., Using Genetic Algorithm to Break a Simple Cryptographic Cipher, Available via 9. Mathews R., The use of Genetic Algorithm in Cryptanalysis, Cryptologia, Vol. 17 No. 4, Nakaraha J., Scheule key analysis of AES Caniates, July 1999, available at NIST 2001a. Feeral Information Processing Stanars Publication (FIPS PUB) 197. NIST, AES page available via Rashe A., Intelligent Encryption Decryption System Using Partial Genetic Algorithm an Rijnael Algorithm, Ph.D. Thesis, Arab Acaemy for Banking an Financial Sciences, Computer Information System Department, Spillman R., Cryptanalysis of Knapsack using Genetic Algorithms, Cryptologia, Volume 17 No. 1, ٧

8 14. Spillman R. et al, The Use a Genetic Algorithm in the Cryptanalysis of Simple Substitution Ciphers, Cryptologia, Vol. 17, No. 1, Yaseen I. an Sahasrabuhe H., A Genetic Algorithm for the Cryptanalysis of Chor-Rivest Knapsack Public Key Crypro System (PKC), Thir International Conference on Computational Intelligence an Multimeia Application, September 23-26, 1999, New Delhi, Inia.

9 Appenix All vectors are represente in hexaecimal format as a hexaecimal number can be represente as one byte as it consists of two igits (4 bits four one hexaecimal igit) These tests have been generate by RANA system; we use the same phrases that AES has been use. Date: Friay June 25 21:15:54 IDT 2004 Legen for cipher (roun number r 0 to 10, 12 or 14): Input: cipher input start: state at start of roun[r] s_box: state after SubBytes.subBytes(state) s_col: state after Shif.shiftCols(state) m_row: state after MixRow. mixrow (state) k_sch: key scheule value for roun[r] output: cipher output Cipher Example: 128-bit cipher key: Example Vectors Input String c b 68 Cipher Key 41 6c c 41 6c An scheule key is as following: parent chil1 chil 2 chil 3 ٧ 64 6c c6 46 c 6c c6 54 c4 26 6c 4c c 6c 62 c c 4c 48 chil 4 chil5 chil6 chil7 24 c6 26 c c6 c4 c6 26 c c6 c c6 c c6 c6 c Chil 8 Chil 9 Chil 10 c c c c c c c4 c4 c c c6 c4 c6 c c c6 c

10 Figure 2: scheule key generate by MGA

11 r[0].input r[0].k_sch r[0].input r[1].s_box r[1].s_row r[1].m_col r[1].start r[1].s_sch r[2].s_box r[2].s_row r[2].m_col r[2].start r[2].s_sch r[3].s_box r[3].s_row r[3].m_col r[3].start r[3].s_sch r[4].s_box r[4].s_row r[4].m_col r[4].start r[4].s_sch r[5].s_box r[5].s_row r[5].m_col r[5].start r[5].s_sch r[6].s_box r[6].s_row r[6].m_col r[6].start r[6].s_sch r[7].s_box r[7].s_row r[7].m_col r[7].start r[7].s_sch c b68 416c c416c f490c c f3a Roun 1 63c03bfe2c8efa53029c77cca7c c7802c2976fe307c3ba5cac0ef7c f21ab5a1ab1af0cc7a20ce b c5c75fbcae1e01e f c646c454c Roun 2 90bc35a6c6cf65e4727c8e26265a40 90cf8e0c67c4a6725a35e426bc6526 f2914ff061fff8aeb7752a0cc3aff b45709b647abeaba1b9f70f96ea6ce9 46c c6c Roun 3 85b014ea06287f4a e ea056504ea48701f4905b8776 1ef1babfb c2449b 94839bf6c ace05a c6c64656c4c Roun b9c142e b6b24f c126f7b b5e88b 32a173eb36c2e00ffa b f289b acf7b2703f c4c64656c6c Roun ff73b c0c c14914c343b7575f751176f37 c207b765f8c41896bb9a6b8c3f9c1e5 e e9b17af4ffb47e053f c454c c6c6c6c6c6 Roun 6 8ef8fc7b214f079e3168f36b75c526 8e14826b216c5c7e3758f796bff0f3 900cf15c470678bb4fa1836c eb192b6802e969e395aa51e0f c456c c6c6c6c6c Roun 7 b59f7a4f145771ef60b12be067276f b54512ff10b764f6727a1e069f77be 51f4c87246a971c f04ae85 13b081007e15a461e030503b68efe c4161 Figure 3: Ciphering Phase (continue)

12 Roun 8 r[8].s_box 7e75cac efe10453e245f69 r[8].s_row c5e1fcaef45549e2e75953 r[8].m_col 68b29b04bcacc4e51ecbcba0e78f4225 r[8].start 4cf6cf22a8e882c358eef6a r[8].s_sch c61416 Roun 9 r[9].s_box 29428a93c29b132e6a a3bb1c3 r[9].s_row 299b55c3c255b1936a3b8a2e0a r[9].m_col b72c5383f9a8cb r[9].start 50fc606ac4b70242f9710a0547b8e8 r[9].s_sch 22c c6c4c62656c Roun 10 r[10].s_box 53b00021ca9772c99a3676ba0b9195 r[10].s_box 53a96751ca b902ca0b0776b r[10].s_sch 416c c416c r[10].output 71e eb36e55b249ec92150f Figure 3: Ciphering Phase Cipher Example: 128-bit cipher key: roun number The following iagrams shows the hexaecimal values in the state array as the cipher progresses for a input block with length 16 bytes an a cipher key with 4 wors too. Input String c b 68 Cipher Key 41 6c c 41 6c start of roun after subbyte after shiftrows after mixrowss roun key values input c c 6c b c c 30 ca f2 ab 7a 47 c 30 ca 64 6c f 2 4c 01 c c c c0 a 1a f c7 76 3b ef b5 f0 ce 4b ef c7 76 6c 4c b 0c a fe a5 7c a1 cc fe a5 7c Figure 4: Ciphering Phase(continue) 2 c7 1e 23 c c f2 61 b 0 c6 46 ٧ f bc cf 7c 5a cf 7c 5a bc ff 7 cc c6 54 c bc e6 19 e 4 e f f8 75 3a c5 ae 23 f3 a6 e a6 e4 26 f0 ae 2a ff 3 b a0 a4 90 a0 a bf ab b9 ea ef b2 46 c2 ٧ b ٧ b ea f7 6c ٧ ٧ b6 ba 0f e9 e f4 76 1e e 4e f4 76 ba b c 6c 62 c 4c c1 53 6b c1 53 6b b 0f 52 f6 23 a a1 36 fa 79

13 c8 4a 26 e8 6 f7 6 f7 12 e8 ٧ c2 31 7b c4 c6 26 b 0 ce 3 b9 7 8b 66 b9 7 8b e e c6 c b ٧ ac 3f ٧ ٧ f 06 f7 5 ٧ b c2 f8 6b c3 b b 24 c6 26 c6 ٧ ٧ c b9 f9 ٧ ٧ c6 f 68 4c c 75 6f b7 41 a6 c1 c c6 f7 37 0c c 34 f7 37 b8 e c6 c6 6 e6 3e 4 05 e b2 e3 6b e b2 e3 6b b4 c9 ٧ ff 3f f ٧ f c 0 fa 72 b ٧ b4 07 f f0 8 c5 c5 8f f0 f c ٧ af 7e 23 c7 79 f3 26 c7 79 f3 c 8b 36 4 c c c c c c 7 2 2b 6 a5 b5 f1 f6 06 b5 f1 f6 06 f ٧ e 68 9e 1e f 45 0b f f4 a b b f a٧ ٧ a٧ 77 c ae e9 5a e be f f 4 1e be ٧ c c 8 ٧ c5 ef e2 ٧ ٧ b b0 e e0 68 e7 55 e ef f a4 50 e4 ca c5 ef e2 bc 1e e7 e1 45 e7 b2 ac cb 8f f 5 59 c4 cb 42 b ca e5 a0 25 c6 Figure 4: Ciphering Phase 9 c a8 58 a3 c2 6a 0a f6 e8 e b b b cf 82 e 56 a b1 c3 f6 33 c2 6a 0a ٧ 55 3b 42 b1 8a 13 e 42 c3 c3 93 2e b7 f9 c4 c a8 cb c6 c4 c6 c4 10 c4 f9 47 c 99 a0 c 99 a0 fc b7 71 b b0 a9 a3 b9 a9 a3 b9 b0 c a 8e ٧ a c 6b c 6b c c c c output ٧ ٧ 5 ec e5 eb 5 92 ٧ b2 15 e 49 0f