Professional Documents
Culture Documents
6 ISSN: 1837-7823
Generalized Hill Cipher Involving Multiple Keys, Mixing and Key Dependent Substitution
V. U. K. Sastry1 and Ch. Samson2 1 Dept. of Computer Science & Engineering., SNIST, Hyderabad, India, vuksastry@rediffmail.com
2
In this paper we have developed a block cipher, called generalized Hill cipher, basing upon the classical Hill cipher. In this analysis, we have used several key matrices and a set functions called Mix( ), Substitute( ). The function substitute( ) depends upon the key matrices. Here each one of the key matrices is having a modular arithmetic inverse. The cryptanalysis carried out in this investigation shows that this cipher is a strong one on account of the multiple keys and the key dependent substitution function. Keywords: Encryption, Decryption, Generalized Hill cipher, Mixing, Key Dependent Substitution, Cryptanalysis, Avalanche effect
1. Introduction
In the literature of cryptography, it is well known that the classical Hill cipher [1], which had its origin several decades back, can be broken by the known plaintext attack. In order to overcome this drawback many other block ciphers such as DES [2] and AES [3] were developed in cryptography. However, in the last one decade several researchers [4-18] have modified the Hill cipher in various ways and found mechanisms to strengthen the cipher. In a recent investigation [19], we have generalized the Hill cipher by introducing several powers of a single key matrix and including a couple of functions named Mix( ) and Substitute( ) in order to strengthen the cipher by modifying plain text at various stages of the iteration process involved in the cipher. The cryptanalysis of this cipher has clearly indicated that this cipher cannot be broken by all possible conventional attacks. In the present paper our objective is to develop generalized Hill cipher by including several keys and by supporting the analysis with the help mixing and key dependent substitution. Here our interest is to see how the different keys would influence the cipher in strengthening the cipher. In what follows we present the plan of the paper. In section 2, we deal with the development of the cipher and provide the necessary flowcharts and algorithms for encryption and decryption. In section 3, we discuss an illustration of the cipher and mention about the avalanche effect. We analyze the cryptanalysis in section 4. Finally, we deal with the computations carried out in this analysis and draw conclusions in section 5.
Let us decompose this into a set of square matrices wherein each matrix is of size m. This is possible only when n is divisible by m. Let n = mq. Then we can write
11
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 P1 Pq+1 P= Pq2-q+1 P2 Pq+2 . Pq2-q+2 Pq2 is a square matrix of size m. For convenience let us write q2=s. In view of the Pq P2q (2.2)
i= 1 to q2,
relation (2.2), we can write Pi = Decompose (P), where i takes the values 1 to s. The reverse process of the function Decompose ( ) can be denoted as Compose ( ). This implies that all the Pis arranged in row wise order, as indicated in (2.2), will lead to the matrix P. Consider a set of s key matrices K1, K2Ks wherein each one is a square matrix of size m. It may be noted here that we can get a square matrix of size s by arranging all the afore mentioned keys (K1 to Ks) in a row wise manner. Let us call this as K. In this analysis, we choose all the key matrices K1 to Ks such that each one has modular arithmetic inverse. The various steps involved in the block cipher under consideration can be summarized as follows. Pi = Decompose (P), i= 1 to s, (2.3)
On following the basic idea of the Hill cipher, we write Pi = (Ki Pi) mod N, i= 1 to s. (2.4)
Thus we can get s matrices of the modified plaintext. On using the function Compose ( ), we get P = Compose (Pi), Then on using the function Mix ( ), we have P = Mix (P). (2.6) (2.5)
Finally on making use of the function Substitute ( ), we get P=Substitute (P). (2.7)
On carrying out the iteration process wherein the relations (2.3) (2.7) are included, we get the final form of P. This will lead to the ciphertext C. In this analysis, we take N=256 as we confine our attention to EBCDIC code. It may be noted here that the details of the functions Mix( ) and Substitute( ) will be explained in section 3. The decryption process is governed by the relations C=Isubstitute (C), C= Imix (C), Ci=Decompose(C) , Ci= (Ki * Ci) mod N, i= 1 to s, C = Compose (Ci).
-1
Here the functions Isubstitute( ) and Imix( ) denote the reverse processes of Substitute( ) and Mix( ) respectively. In (2.11), Ki-1 is the modular arithmetic inverse of the Ki which satisfies the relation Ki Ki-1 mod N = I, where I is the unit matrix. On carrying out the process of iteration by including the above set of relations (2.8) (2.12), we get the final form of C which will result in the plaintext P. The flowcharts and the algorithms depicting the encryption and the 12
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 decryption processes are presented below.
Read C, n, m, r, N s = n2/m2
ST
for i= 1 to r
end
Pi =Decompose
Construct NT and ST
for i= 1 to r C=Isubstitute(C,NT,ST)
C= P
Write C
P=C
Write P
13
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 Here NT and ST are tables of size 16x16. These are required in the development of the function Substitute ( ), explained in section 3. Algorithm for Encryption 1. Read P, n, m, r, N 2. s= n2/m2 3. for i = 1 to s Read Ki end 4. Construct NT and ST 5. for i = 1 to r Pi =Decompose (P) for i = 1 to s Pi= (Ki* Pi) mod N end P = Compose (Pi) P= Mix(P) P=Substitute (P,NT,ST) end 6. C = P 7. Write C Algorithm for Decryption 1. 2. Read P,n, m, r, N s= n2/m2
3. for i = 1 to s Read Ki end 4. for i = 1 to s Compute Ki-1 end 5. Construct NT and ST 6. for i = 1 to r C=Isubstitute (C, NT, ST) C= Imix (C) Ci=Decompose(C) for i = 1 to s Ci= (Ki-1* Ci) mod N end C = Compose (Ci) 14
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 end 7. P = C 8. Write P
We now have the sixteen key matrices Ki, i=1 to 16. Here we use a single matrix K for writing all the 16 matrices. Hence
15
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823
Here we have written the first four matrices K1 to K4 (each one of size 4x4) in the first four rows, one after another. We have placed K5 to K8 in the next four rows. Similarly we have written K9 to K12 and K13 to K16 in the subsequent set of rows (Considering 4 rows at a time). We have represented the 16 matrices in the above form for convenience. On adopting the afore mentioned approach, the corresponding modular arithmetic inverses of the 16 key matrices are given by the following single matrix.
In this matrix also the first four rows contain K1-1 to K4-1, the next four rows contain K5-1 to K8-1 and so on. Here it is to be noted that all these modular arithmetic inverses [21] are obtained separately. 16
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823
Let us now discuss how the functions Mix ( ) and Substitute ( ) are developed. In the process of encryption, on carrying out the operation of the function Compose ( ), we get the plaintext P in the form P = [Pij], i=1 to 16 and j= 1 to 16. (3.3)
The matrix in (3.3) can be readily brought to the form of another matrix of size 8x32, by placing the bottom 8 rows of P on the right side of the top 8 rows. Then P can be written in the form P = [Pij], i=1 to 8 and j= 1 to 32. (3.4)
On representing each element of this matrix in terms of binary bits, we get a matrix of size 8x256. This is given by P111 P112 ... P118 P211 P212 ... P= P218 . . P811 P812 P818
. . .
The binary bits P111 P212 ... P811, lying in the first column can be written in the form of a decimal number. Similarly the binary bits in the subsequent columns can also be written in terms of decimal numbers. Thus we get 256 decimal numbers which can be written in the form of a 16x16 matrix given by P = [Pij], i=1 to 16 and j= 1 to 16. (3.6)
The Pij in (3.6) are obtained due to mixing process. Let us now develop the process involved in the function Substitute ( ). In this analysis, as we are dealing with the plaintext matrix of size 16x16, wherein each number can be represented in terms of 8 binary bits, let us construct a table, denoted as NT, which includes the numbers 0 to 255 in a sequential manner. This can be written in the form NT (u, v) =16(u-1) + (v-1), u=1 to 16 and v=1 to 16. (3.7) Let us form a square matrix of size 16, called ST, by including all the elements which are occurring in the keys K1 to K16, one after another, in a row wise manner excluding elements which are getting repeated if any. After placing all these elements in ST, we fill up the remaining places in ST with the missing numbers in the set 0 to 255. Thus we form ST which is given in Table 1, called substitution table. Let us now see the process of substitution. This can be achieved by using the relation given below. If P (i,j) = NT(u,v), then S (i, j) =ST (u, v), where S (i, j) is the result of substitution. This is valid for all i and j. In other words, the above relation can be mentioned as follows. If the ith row jth column element of P is equal to the uth row vth column element of the matrix NT, then the ith row jth column element of S(i,j),obtained as a result of substitution, is equal to the uth row vth column element of the ST.
17
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823
196 63 65 24 170 66 148 255 115 217 182 27 84 129 188 214
224 167 205 135 181 123 203 222 252 221 174 30 86 130 190 223
77 219 101 183 95 19 207 91 256 165 186 32 88 132 191 226
140 146 121 171 142 156 53 106 225 193 103 37 90 136 194 227
204 15 143 97 213 26 43 147 236 137 6 54 104 158 200 238
5 134 79 243 85 117 175 233 239 51 7 57 108 160 202 240
87 232 235 248 189 78 49 127 64 241 10 70 110 176 208 244
69 102 126 168 13 138 161 151 14 173 18 74 116 179 210 247
184 61 162 215 114 111 98 254 231 107 20 82 118 180 211 251
Table 1: Key Dependent Substitution Now on using the encryption algorithm given in section 2, we get the ciphertext C in the form
18
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823
By taking the ciphertext C given by (3.8) as input and executing the decryption algorithm, we get back the original plaintext. In order to have an insight into the strength of the cipher; let us examine the avalanche effect. On changing the first row tenth column element of (3.2) from 149 to 148, we have a one binary bit change in the plaintext. On using the modified plaintext, the keys K1 to K16, and applying the encryption algorithm, given in section 2, we get the corresponding ciphertext given by
On comparing (3.8) and (3.9), after converting them into their binary form, we notice that they differ by 1064 binary bits out of 2048 bits. From this we notice that the avalanche effect is quite good. Let us now examine the effect of one bit change in the key. Here we have a set of keys (K1 to K16). On changing the first row third column element of K1 from 77 to 76, we have a one bit change, as a whole, in the bunch of the keys. On using the modified bunch of keys and the original plaintext given by (3.2), and applying 19
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 the encryption algorithm given in section 2, we get the ciphertext C in the form
On comparing the ciphertexts (3.8) and (3.10) in their binary form, we find that they differ by 1059 bits out of 2048 bits. This also indicates that the avalanche effect is quite significant. In view of the above results, we conclude that this cipher is expected to have very good strength.
4. Cryptanalysis
The different types of cryptanalytic attacks which are available in the literature of cryptography are 1. Cipertext only attack (Brute force attack), 2. Known plaintext attack, 3. Chosen plaintext attack and 4. Chosen ciphertext attack. Generally every cipher is to be developed so that it withstands the first two attacks at least [1]. However, one has to visualize intuitively that the cipher cannot be broken by the last two attacks (3 and 4). Let us examine the brute force attack. In this analysis, the size of the key bunch (16 keys) is 256 decimal numbers (2048 binary bits). In view of this fact, the size of the key space is 22048 = (210)20.48 (103)20.48 =1061.44. If we assume that the time required for the computation of the cipher with one value of the key is 10-7 seconds, then the time required for the execution of the cipher with all the possible keys in the key space is approximately equal to
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 we confine our attention to only to one round of iteration process, i.e., if we take r =1, we have the following relations occurring in the encryption process. Pi = KiPi mod N, P = Compose (Pi) P = Mix (P) P=Substitute(P,NT,ST) C= P. i=1, 2 16, (3.11) (3.12) (3.13) (3.14) (3.15)
As we know C, we get P occurring on the right hand side of (3.15). Thus the P on the left hand side of (3.14) is known to us. As the substitution table ST is a key dependent one, we cannot form this table and determine P occurring on the right hand side of (3.14). Thus we cannot move in the upward direction and determine the set of keys Ki occurring in the equation (3.11). Hence the cipher cannot be broken by the known plaintext attack. Here the key dependent substitution table is playing a prominent role in strengthening the cipher. In view of the several functions such as Mix( ) and Substitute( ) used in this analysis, it is not intuitively possible to choose either the plaintext or the ciphertext and break this cipher by chosen plaintext attack or chosen ciphertext attack. In the light of the above analysis, we conclude that this cipher cannot be broken by any attack.
21
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823
74
241 212 190 254 231 51 174 210 55 241 195 73 108 1 99 91 29 14 147 160 150 167 157 107 46 163 68
81 189 85
15 169 185
90 225
29 226 250
59 129 72 218
47 247
86 198 197
244 188 208 190 207 151 106 237 151 30 105 201 110 79 85 21 14
3 193 78 83 51 12 32
28 103 219 127 221 137 192 146 67 222 54 172 72 248 15 1 86 95 228 196 65 201 80 111 1 23 121 50 167 15 213 109 66 23 19 59 206 1 29
132 205 222 234 157 95 192 209 85 151 126 121
255 120 232 247 118 160 125 140 57 233 193 2 51
24 134 211
96 172 133 75 43
9 179
56 182
77 235
63 204 9
30 165 203 57
52 139 242
29 164 119 14
126 199 202 200 138 245 200 175 167 235 218 208 225 210 121 211 149 204 15 121 220 199 115 86 28 73 175 74 101 238 184 56 23 8 17 47
38 130 126
55 113 54
53 201
60 199 147 73 31
3 127
24 116
78 138 249
41 138 50 101 84
143 139
2 252 130
81 197 27 11
61 185
91 225 155 235 118 146 217 173 20 126 218 187 57 177 65 120 63 19 8
94 110 111
71 165 22
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 97 42 10 169 99 137 199 59 62 50 11 86 211 10 4 70 34 86 34 23 112 172 216 157 215 22 199 30 53 8 228 155 45 97 173
12 119
83 138
33 232
53 124 194 193 244 161 181 202 25 119 117 139 223 79 11 8 37 188
50 140 42 205 26 3 20
96 159 203 243 203 235 44 111 36 141 142 167 66 21 228 19
57 67 224
168 223 253 200 115 134 149 185 190 219 196 12 141 149 32 34 177
85 206
79 256
3 161
The strength of the cipher is quite significant as we have several keys involved in the cipher, and the substitution table that we have utilized in this analysis is key dependent. The cryptanalysis in this investigation clearly indicates that this cipher is a strong one and it cannot be broken by any attack.
References
[1] William Stallings, Cryptography and Network Security, Principles and Practice, Third edition, Pearson, 2003. [2] Miles E. Smid, Dennis K. Branstad, The Data Encryption Standard: Past and Future, Proceedings of the IEEE, Vol. 76, No. 5, May 1988. [3] National Institute of Standards and Technolgy Requests for Candidate Algorithm Nominations for the Advanced Encryption Standard, Federal Register, September12, 1997. [4] S. Udaya Kumar, V.U.K. Sastry, and A. Vinaya babu, A Block Cipher Basing Upon Permutation, Substitution, and Iteration, Journal of Information Privacy and Security,3(1), 2007, Publishing, P.O. Box 680392, Marietta, GA 30068 USA. [5] S. Udaya Kumar, V.U.K. Sastry, and A. Vinaya babu, A Block Cipher using an Iterative Method and the Modular Arithmetic Inverse of a Key Matrix, International Journal of Scientific Computing 1 (1) January June 2007, pp. 69-78,. Serial Publications, New Delhi, India. [6] V.U.K. Sastry and V. Janaki, Modified Hill Cipher with key dependent permutation and circular Ivy League
Rotation, Journal of Computer Science, 3(9):736 739, 2007 ISSN 1549 3636. [5] V.U.K. Sastry and V. Janaki, Modified Hill Cipher with Multiple Keys, International journal of Computational Science, 2008, 2(6), pp. 815-826. [7] V.U.K. Sastry, N.Ravi Shankar, Modified Hill Cipher with Interlacing and Iteration, Journal of Computer Science, Science Publications, 3(11):854-859, 2007. [8] V.U.K. Sastry, N.Ravi Shankar, Modified Hill Cipher for a large block of plaintext with Interlacing and Iteration, Journal of Computer Science, Science Publications, 4(1):15-20, 2008
23
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823 [9] V.U.K.Sastry, N.Ravi Shankar, S.Durga Bhavani, A Modified Hill Cipher involving Interweaving and Iteration, International Journal of Network Security, 11(2): 51-56, September 2010. [10] V.U.K. Sastry, N.Ravi Shankar, Modified Hill Cipher with Interlacing and Iteration, Journal of Computer Science, Science Publications, 3(11):854-859, 2007 [11] V.U.K.Sastry, Aruna Varanasi, A Modified Hill Cipher Involving Permutation, Iteration and the Key in a Specified Position(IJCNS) International Journal of Computer and 10, pp. 157-162, October 2010. [12] V.U.K.Sastry, Aruna Varanasi, S.Udaya Kumar, A Modified Hill Cipher Involving a Pair of Keys and a Permutation,(IJCNS) International Journal of Computer and Network Security, Vol. 2, No. 9, pp. 105108, September 2010. [13] Dr. V. U. K. Sastry, Prof. D. S. R. Murthy, Dr. S. Durga Bhavani, A Block Cipher Having a Key on One Side of the Plain Text Matrix and its Inverse on the Other Side, International Journal of Computer Theory and Engineering (IJCTE), Vol. 2, No.5, pp. , Oct 2010. [14] V.U.K.Sastry, Aruna Varanasi, S.Udaya Kumar, A Modern Hill Cipher Involving a Permuted Key and Modular Arithmetic Addition Operation, International Journal of Advanced Research in Computer Science Vol.2 No.1,pp.162-165, Jan-Feb 2011 [15] V.U.K.Sastry, Aruna Varanasi, S.Udaya Kumar, A Modern Hill Cipher Involving XOR operation and Network Security, Vol. 2, No.
a Permuted Key, International Journal of Advanced Research in Computer Science, Vol.2 No.1, pp.153155, Jan-Feb 2011. [16] Aruna Varanasi, V.U.K.Sastry, S.Udaya Kumar, A Modern Hill Cipher Involving a Pair of Keys, Modular Arithmetic Addition and Substitution, International Journal of Advanced Research in Computer Science, Vol.2 No.3, pp. 460-464, May-June 2011. [17] V. U. K. Sastry, D. S. R. Murthy, S. Durga Bhavani, A Block Cipher Involving a Key Applied on Both the Sides of the Plain Text, International Journal of Computer and Network Security (IJCNS), Vol. 1, No.1, pp. 27 30, Oct 2009. [18] Aruna Varanasi, V.U.K.Sastry, S.Udaya Kumar, A Modern Hill Cipher Involving a Pair of Keys, XOR operation and Substitution, International Journal of Advanced Research in Computer Science, Vol.2 No.3, pp. 496-500, May-June 2011. [19] V. U. K. Sastry, Ch.Samson, A Generalized Hill Cipher Involving Different Powers of a Key, Mixing and Substitution, International Journal of Advanced Research in Computer Science, May-June 2012(Sent for publication). [20] http://www.mathworks.com/products/matlab [21] William H. Press, Brian P. Flannery, Saul A. Teukolsky, William T. Vetterling, Numerical Recipes in C: The Art of Scientific Computing, Second Edition, 1992, Cambridge University Press, pp. 36-39.
24
International Journal of Computational Intelligence and Information Security, July 2012 Vol. 3, No. 6 ISSN: 1837-7823
Dr. V. U. K. Sastry is presently working as Professor in the Dept. of Computer Science and Engineering (CSE), Director (SCSI), Dean (R & D), SreeNidhi Institute of Science and Technology (SNIST), Hyderabad, India. He was Formerly Professor in IIT, Kharagpur, India and worked in IIT, Kharagpur during 1963 1998. He guided 12 PhDs, and published more than 70 research papers in various international journals. He received the best Engineering College Faculty Award in Computer Science and Engineering for the year 2008 from the Indian Society for Technical Education (AP Chapter), and Cognizant- Sreenidhi Best faculty award for the year 2012. His research interests are Network Security & Cryptography, Image Processing, Data Mining and Genetic Algorithms.
Mr. Ch. Samson obtained his Diploma from Govt. Polytechnic, Hyderabad in 1994, B. E. from Osmania University in 1998 and M. E from SRTM University in 2000. Presently he is pursuing Ph.D. from JNTUH, Hyderabad since 2009. He published 9 research papers in international journals and two papers in conferences. He is currently working as Associate Professor and Associate Head in the Dept. of Information Technology (IT), SNIST since June 2005. His research interests are Image Processing, Image Cryptography and Network Security.
25