BLOCK CIPHER PERFORMANCE AND RISK ANALYSIS

Abstract


I. INTRODUCTION
Today, we live in the era of information technology and the wide widespread of network and Internet applications, where the process of exchanging information has become easy to use for everyone. As a result, it is necessary to implement an effective and efficient method to protect our data transmitted over the network, and thus prevent unauthorized persons from accessing them [1].
Several cipher systems had been invented and developed to enhance the security level of networks and applications. Block ciphers as important encryption systems were implemented to achieve data security. Many algorithms had been developed based on the main principles of Block Ciphers. In those algorithms, many thoughts and modifications had been presented and improved to reach higher performance and robustness [2]. Thus, the performance analysis most be performed to evaluate their performances. The analysis allows the researcher to develop the weakness of the previous algorithms against the attacks and to build new robust algorithms [3]. Among these algorithms is the block ciphers which have the most important role in many network applications. Many algorithms of block ciphers had been presented to increase their performance level and to strengthen their potentials against any attack.

Al-Rafidain Journal of Computer Sciences and Mathematics (RJCM) www.csmj.mosuljournals.com
Data encryption as a security solution converts plain data into encrypted data in the encryption or ciphering phase. On the other hand, the reverse process is called decryption or deciphering which converts the encrypted data into plain ones. The ciphering algorithms usually aim to retrieve the original data after decryption phase without loss. Other important issue is the robustness of these algorithms against deferent types of attacks. This would secure transmitted data via any communication method [4].
The encryption system consists of three main categories: Symmetric Keys which contain a single Secret Key, and Asymmetric keys which contain two keys, Public Key that is used to encrypt plain data and Private Key that is used to decrypt encrypted data. The third category is protocols that secure data transmission. The Symmetric Keys algorithms are divided into two categories: Stream cipher which encrypts/decrypts the whole data and Block Cipher which encrypts/decrypts blocks of the data in each step [5]. Fig.1 illustrates the classification of encryption system.

II. CONCEPTS OF BLOCK CIPHER
There are common concepts that had been recognized in all Block Ciphers. These concepts are implemented in the design to perform encryption and decryption processes. They are:

a. Iteration
One of the most common concepts is the iteration of the block cipher. The steps of the algorithms are repeated for a number of iterations. The block of the plan-text is encrypted via several invertible transformations. The iterations are known as Rounds. The Round Function R produces a key that usually would be used in the next round [6].

b. Substitution box (S-box)
The S-box substitutes a block of the plain bits with a block of encrypted bits. The substitution process has to be one-to-one in order to invert the process (Decryption). In a given secure S-box, changing one bit of the input would change 50% of the output. This property is called The Avalanche Effect. This means that the output bit depends on all the input block. The design of algorithm may use one or more S. boxes; either in the same or on nested rounds. They also may be used in parallel [7].

c. Permutation box (P-box)
The P-box permutates all the bits. The bits of the plain data would be permutated to form the encrypted data. In modern block cipher, the output's bits of S-boxes for a round would be permuted and would be fed to the next S-boxes at the next round. As P-box can manipulate with output of S-boxes, it is a good property to cover all the output, then permutated them and fed them again [8].

d. Substitution-Permutation Network (SPN)
SPN is a network of S-boxes and P-boxes which were arranged to perform an encryption in a block cipher. SPN ciphers are important type of iterated block cipher. SPN cipher encrypts a block of the plain data by the key and several rounds. Each round consists of a substitution stage followed by a permutation stage. At the final round, the encrypted data would be produced [9].

III. IMPROVEMENT OF BLOCK CIPHER ALGORITHMS
In this section, the most important block cipher algorithms would be illustrated that the researchers had proposed their studies to improve their performance.

a) The Data Encryption Standard (DES)
The DES had been presented since 1975 and   [10]. DES Algorithm has a number of steps that are called (Round Algorithm) as shown in Fig.2. The following are the steps of this algorithm: 1. In the beginning step, 64-bit block of plain text initially went through Initial Permutation. 2. The initial permutation is performed for the given plain text. 3. Permutation yield permuted blocks consist of 2 parts: Left and Right plain texts. 4. Then, the right part is shifted and left part goes through encryption steps in 16 rounds. Each round has its own key:  Key transformation used different 48-bit sub-key is generated from the 56-bit key.
 Expansion permutation is implemented, the 32-bit right part is enlarged to 48-bits.
 The 32-bits are permuted by P-box permutation.
 The output of 32-bits P-box is XORed with the 32bits left part.
 The XORed output of 32-bits turns out to be the new Right part and the older Right part turns to be Left part. This processing is known as swapping.
 Again, Right plain text applied to next round and more than 15 rounds are performed.
 At the end of the 16 rounds, the final permutation is performed [11].

a. DES Structure
Several works had been recently presented as a modification of DES. The following are some of those works. In [13], the authors presented a new model of DES based on higher entropy in image encryption. The implementation of entropy increased the strength of the standard DES and reduced the risk of system broken. It also supposed to override the shortcomings of high complexity of the standard DES. SHA-256 algorithm and Logistic map had been used to generate a 256-bit key. The results showed that the proposed algorithm had been enhanced; its security was verified by the analysation of the information entropy, image correlation. The proposed algorithm passed both noise attack and occlusion attack tests. As a result, it may resist common attacks.

b. DES Rounds
In [14], the authors proposed an enhanced DES used ffunction and incorporating striding technique in addition to the XOR operation between sub keys and the plaintext. The results showed that the enhanced DES gain 55% of average of avalanche effect comparing with standard DES. It is resistant to known exhaustive and cryptanalysis attacks.
In [15], the authors presented an enhanced key DES. The enhancement is based on premutation of the odd and even bits of the key to generate more complex keys during the 16 rounds. It supposed to be more robust against attacks especially short key attack because it enhanced key generation.
In [16], the authors presented an improved DES based on increasing Key length to 128-bit. It consists of two parallel implementations of the standard DES with permutations. The 128-bit key is divided into two subkeys to be used on each DES 16 rounds. The result showed that the improved DES is faster more efficient than 3DES.

b) Blowfish
Schneier invented Blowfish algorithm in 1993. It was implemented in several encryption domains and ciphers. Blowfish encrypts 64-bits as a block size and 32-448 bits key length. It was a promising alternative to DES. It suits to be used in hardware applications [11]. Fig.3 illustrates this algorithm.
In [18], the authors presented a hybrid encryption system based on Blowfish algorithm with 3D Henon and Chen chaotic maps. This system was implemented to encrypt and decrypt transmitted satellite images and other images transmission. The results showed that the proposed system is efficient with large images. It also showed that it has a good robustness according to performance analysis.
In [19], the author presented a modified Blowfish encryption algorithm to secure the user's data in the cloud. It is based on clustering the user's data that are stored in the cloud into groups of similar measures. A 448-bit key is generated by the Blowfish key generator with Xor operations in 16 rounds. The clustered data are encrypted by Blowfish in a modified procedure to gain encrypted text. Indeed, S-boxes had been effectively implemented in this algorithm. The results showed that the proposed algorithm has better performance than the standard Blowfish, RSA and AES. In [20], the authors presented a modified blowfish algorithm that based on increasing both block size and key length. The block size was increased to 128bit and the key length was increased to 128bit too. The structure of the standard Blowfish was re-designed to maintain the new block size and key length. The algorithm implements a F function to generate key. The results showed that the modified Blowfish has better security than standard Blowfish but it is slower.
In [21], the authors presented a modified Blowfish based on Quadratic map in image encryption. The modification allows to implement the Blowfish in image encryption by overriding the big size problems. The plain image is divided into 8 areas. Then, Quadratic map is performed for each area. The input key of Blowfish (64bit) would be selected from the 8 areas. The results showed that the modified Blowfish is better in security and in performance than traditional Blowfish.

c) Triple DES (3DES) or (TDES)
DES Algorithm had been derived from standard DES in 1995. It is three times DES ciphering for each block of plain data. It has 64 bits block sizes and 56, 112 or 168bits as a key size. The encryption process (Fig.4) can be performed according to the following major steps: 1. DES algorithm encrypts the plain data primary key K1. 2. Next, DES decrypts the output of step1 by secondary key K2. 3. Finally, DES algorithm encrypts the output of secondary key by third key [11]. In [23], the authors presented a modified 3DES based on chaotic maps. This implementation had been performed by using three all-pole IIR filters to 16 characters (128-bit) to generate the key sequence of 3DES in 16 rounds. The results showed that using all-pole IIR filters can increase the performance speed with the small complexity algorithm.
In [24], the authors developed 3DES algorithm. They redesigned the structure of the three nested DESs to be parallels. Thus, three keys were used in the same time to produce the ciphered text. A generation key kernel is used to generate three (16-bits) subkeys in 16 rounds that results a (48-bits) key. The results showed that the proposed algorithm is faster three times than the traditional 3DES.
In [25], the authors implemented the genetic algorithm in key generation process in 3DES algorithm. The proposed algorithm is supposed to have more complex key by the property of genetic algorithm. The result showed that the proposed algorithm is more robust than the traditional 3DES.
In [26], the authors proposed a system to secure network by encrypting messages then to apply a fuzzy model to the encrypted messages. 3DES as an encryption algorithm is used to encrypt the plain message. The output (encrypted message) is an input to the Takagi-Sugeno (T-S) Fuzzy Model. The results showed that the fuzzy model applied more complexity to the encrypted messages.

d) PRESENT
In 2007, Orange Labs had developed PRESENT algorithm at technical university of Denmark and Ruhr University Bochum. This algorithm has a 64-bit block size, light-weight type and a varied key length (80 and 128) bits. This algorithm is used in high efficiency chip and low power consumption [11]. Fig.5 illustrates the steps of this algorithm. In [28], the authors proposed a modified S.box structure for the PRESENT block cipher. The proposed cipher had the same block size of 64-bytes, and the same key length. In fact, the structure of the S.boxes had been modified to reduce the number of rounds. The proposed cipher divided the block into 4x2 and this would decrease the number of S.boxes to 8 and the required rounds to 16 rounds.
In [29], the authors proposed a dynamic key PRESENT cipher in which the key had been rotated in varied sequence and permutate the values of the key bits. So, the generated key had been rotated for 61times till be used. Only, one of the keys in the array of keys would be used in each round. S.box had been used with the selected key during each round too. The results showed that the proposed cipher had better performance than the original cipher.
In [30], the authors presented an optimal quantum circuit based on symmetric key cryptography by an optimized PRESENT and GIFT block ciphers. The proposed design aimed to minimize qubits, quantum gates, and circuit depth. The results showed that the proposed optimization of those two ciphers had been compared with other ciphers. The results showed that the implementation of both ciphers together minimized the number qubits, quantum gates, and circuit depth. It also strengthens the proposed cipher against Brut force attack and Quantum attack.

e) KLEIN
Klein is a block cipher that is used in compact hardware to achieve a high performance based on software. It was presented by Gong et al, in 2011 [31]. It has 64-bit block of plain data and 64,80, and 96-bit keys. The key length variation may increase the randomness of the KLEIN cipher. In fact, the KLEIN cipher is based on SPN structure to perform both substitution and permutation as known in other block ciphers. A KLEIN encryption process can be described as follows [31]: The structure of KLEIN algorithm is shown in Fig.7.
In [32], the authors proposed an optimized KLEIN cipher. Their proposal is based on the original KLEIN SPN structure but it implemented 3 layers of S-box after performing original algorithm. In those three layers of S-box, a 4-bit permutation is applied to 16 nibbles steps after Rotate Nibble Algorithm. The initial state is XOR 'd with key once before each of the three layers of S-boxes. 3-layer S-box enhanced the software capabilities that perform in high quality level.
In [33], the author proposed an enhanced algorithm of KLEIN block cipher. This algorithm is similar to the original algorithm with one modified step. The (MixNibble) step had been replaced with 3-stage S-box of four bytes. The optimized algorithm showed higher performance than the original one, with low time and memory usage. The optimized algorithm is suitable to be used in low hardware devices.

f) Twofish
Twofish is an improved block cipher. It has 128-bits as block size combined with a key. It has three variable keys of 128, 192, and 256-bits. Twofish is based on the Feistel network with 16 rounds. Plaintext is broken into four blocks (W0, W1, W2, and W3) of 32-bit. Each word is Xored with four words (K0, K1, K2, and K3) of 32 bits as an input in whitening process. The outputs of whitening passes into the F directive function which consists of five operations based on four dependent keys and four S-boxes with an 8-bit input. The output followed by a mathematical code called a fixed maximum distance separable (MDS) matrix. The pseudo-Hadamard transform is a straight forward 32-bit mixing operation with an addition mode of 232. After the 16 th round, Twofish performs output whitening. Fig.8 shows the structure of Twofish algorithm [34]. In [35], the authors presented a modified Twofish algorithm in image encryption. The modification was to replace the XOR operation of each round with a ( # ) operation by dynamic block sizes and multi-state tables. This modification allows more complexity and fast retrieving of plain text.
In [36], the authors presented a modified TWOFISH algorithm in image encryption. They add more mathematical complexity via S-boxes drawn from a multiplicative group of units of chain ring ∑ 2 7 =0 .Those S-Boxes add more algebraic complexity to the Twofish.

g) International Data Encryption Algorithm (IDEA)
IDEA is a block cipher with 64-bit block size and 128-bit key. The 64-bit block is divided into four 16-bit sub-blocks. Those sub-blocks go through 8 rounds with repeated sequences of operations. Each round output is an input for the next round. Indeed, the system needs six unique keys, that are generated from the 128-bit original key. The output of the 8 th round is an input to output transformation phase that consists of arithmetic operations with four keys. The output transformation phase produces the final cipher key. The entire encryption requires 52 keys. Fig.9 illustrates that [37].

h) AES
Advanced Encryption Standard (AES) is a block cipher that had been adopted in October 2000 by the National Standards and Technology (NIST) as a substitution for DES. The structure of AES is based on the round transformation that consisted of three distinct invertible uniform transformations, known as layers that simulate the Wide Trail Strategy. This structure strengthens the AES against linear and differential cryptanalysis. Three functions are represented in the three layers: The linear mixing layer provides high diffusion during rounds; The nonlinear layer consisted of Sboxes that have optimum worst-case nonlinearity properties. Finally, there the key addition layer. Although this algorithm has not broken yet but there are some studies that try to enhance its performance. AES has 128, 192 or 256 key length and 10 to 14 rounds. It has 128-bit block size distributed on its four arrays [40].  In [41], the authors presented an enhancement to the original AES by adding 3 rounds of randomization to the initial key before encryption process. This modification has been implemented to secure data in cloud computing.
In [42], the authors presented an enhancement to encrypt images as a heavy load by AES in parallel encryption mode. This enhancement allows to implement the GPU to generate four tables known as T-table for image data that stored in shared memory. Thus, the memory access time has been reduced.

IV Comparison and Discussion
The block cipher algorithm had several properties and features that can be compared in addition to their performance. Table.1 showed some of these features that allow to determine which of these algorithms is better to be implemented or it may enhance.
It is obvious that AES algorithm still unbroken, but other algorithms with long key are difficult to be broken too. Some of researchers had modified weak algorithm to be strong as shown in Table 1.  Most of the reviewed ciphers have 64-bit block size except Twofish and AES. Both ciphers have 128-bit of block size. The larger block gives more robustness for the cipher against cryptanalysis and attacks. The rest have smaller size but some of them had been modified to reduce the vulnerabilities of the probable attacks.
The length of the secret key is varied among the studied ciphers between 48 to 384 bits. This variation is associated to the modification of most of the studied ciphers. Increasing length of the key overrides the short key problem. Thus, the authors increased the length of their proposed cipher for this reason. Thus, the robust ciphers are enhanced by increasing the key length because it adds more complexity in cryptanalysis and increases its time.
Most of the studied ciphers had been modified by adding either chaotic maps, Entropy, SHA256, clustering, or other functions and mathematical operations. Other strategies like modified SPN must be increase key length. It is obvious that the authors had discussed several matters related with robustness of their presented attacks.
The number of rounds is an important feature of the design of block ciphers. Most of the studied ciphers had 16 rounds. But some of the ciphers had less than 16 rounds as a try to reduce the required rounds in high performance condition such as Blowfish and IDEA ciphers. Thus, in some other ciphers, the number of rounds had been increased as an enhancement strategy of the cipher robustness such as KLEIN. While in the proposed cipher 3DES, the number of rounds was variable that can be selected according to condition of the ciphered text.
For most of the studied ciphers, execution time that is required for encryption or decryption was not mentioned. Thus, time measure was excluded from comparison in this study.

V. Conclusion
The block ciphers are a type of symmetric key encryption that has several types of algorithms. They have deferent performance, complexity and randomness. AES is one of the robust algorithms that had not broken yet. Some others are robust but may be broken either for its short keys or by applying some types of attacks.
The recently proposed block ciphers showed the capability of improving the known algorithms to add more complexity and robustness via increasing the length of keys or modifying the structure of the cipher. More function and operations can be used and other additional techniques. Some of the proposed ciphers implemented chaotic map as solution for the randomness of the secret key.
In the future, the time must be considered for the proposed ciphers. It is important to determine the performance of the block ciphers and to define the faster one specially for communications.