An Enhancement Method Based on Modifying CFB Mode for Key Generation in AES Algorithm

There are two very important characteristics in the block cipher, the amount of time for encryption process and key complexity which caused increasing the complexity of encryption process. This research aims to enhance the key generation of Advanced Encryption Standard (AES) algorithm with high efficiency. The proposed enhancement method architecture based on modifying cipher feedback (MCFB) mode which produce key block from each key generation step in addition to represent current output that is repeated lyre used as input to produce next key block. In the block cipher encryption step, two processes are implemented: Substitution bytes process and Shift rows process. This proposed method improves the performance, efficiency, and speed of the encryption algorithm.


INTRODUCTION
he AES algorithm is an advanced model of DES. AES algorithm supports block size fixed for 128 bits (16 bytes) and supports key sizes of 128 bits (16 bytes), 192 bits(24 bytes), and 256 bits (32 bytes). The block sizes can mirror those of the keys, see Table (1), presents the variable number of rounds (number of rounds depending on key length and block size) [1]. AES operates on which called state that is represented by a 4x4 matrix of bytes. The main functions that comprise the AES are Substitute bytes, Shift Rows, Mix Columns, and Add Round Key [2]. In ciphering algorithms, schedule key is very important phase. A strong cipher dependent on the strong schedule key that would be more resistant to different types of attacks, such as linear and differential cryptanalysis [3].

Related Work
There are many achievements occurred in the field of encryption by AES, each suggests new method for developed AES. The most useful ones are mentioned in the following: Deguang Le. et. al., "Parallel AES Algorithm for Fast Data Encryption on GPU", 2010 [4] The researchers proposed a new algorithm for AES parallel encryption based on technologies of GPU parallel computing that designed and implemented a fast data encryption system. The test proves that proposed approach can accelerate the speed of AES encryption significantly. P Penchala Reddy, et. al., "Implementation of Multi-Mode AES Algorithm Using Verilog", 2014 [5] The researchers present implementation of three modes ECB, CBC, and CTR modes AES algorithm that implemented with 128-bit plaintext, 192, and 256 bits key lengths. Each program results are verified with Model Sim PE and are synthesized in Xilinx ISE 9.2i. These results are useful for important hardware. The researcher proposed a technique intended to make AES safer and secure which the generation of random key and permutation key sites in each round. Also, the researcher proposed permutation the plaintext before entering the encryption and inverse permutation for resulting cipher text.

Confusion and Diffusion [7]
The encryption process of block cipher depends on integrated confusion and diffusion. Confusion is a measure of the statistical properties of the input with relation to the output. While diffusion attempts to extend the influence of the input symbols in order to disguise the tendencies of the input. A successful diffusion can be applied using a shift rows which exchanges individual bytes locations. A well diffused cipher will satisfy the strict avalanche criteria. Confusion can be achieved by substitution to each value in the block by a new value from S-box table. Figure (

Modes of Operation [8]
A mode of operation explains the application of cipher's single-block operation repeatedly (fixedlength group of bits called a block) to transform amounts of data securely larger than a block to achieve important services such as confidentiality or authenticity. In different modes of operations, to randomize encryption and produce distinct cipher text, we can use starting variable (SV) or initialization vector (IV) that is represented as a block of bits even if multiple times encrypted the same plaintext, without needing to the re-keying process. Messages come in a variety of lengths then block cipher applies on block that has a fixed size. Padded process is required for ECB and CBC modes before encryption by several padding schemes. The simplest way is adding null bytes to the plaintext to obtain its length up to a multiple of the block size. There are many types of operation modes that explain in the following:

ECB mode
Electronic Codebook (ECB) mode is the most simple of the encryption modes. The message is divided into blocks and each block is encrypted separately.

CBC mode
Cipher Block Chaining (CBC) mode in vented by IBM in 1976.In this mode, each block of plaintext is treated by XORed process with the previous block of cipher text before being encrypted. Each cipher text block depends on all plaintext blocks processed up to that point. When using an initialization vector in the first block to make each message unique.

OFB mode
The Output Feedback (OFB) mode makes a block cipher into a synchronous stream cipher. It generates key stream blocks, and cipher text obtained by XORed process between plain text blocks and key stream blocks. Flipping a bit in the cipher text produces a flipped bit in the plaintext at the same location such as other stream ciphers,. This property allows many error correcting codes to function normally even when applied before encryption.

CFB mode
The Cipher Feedback (CFB) is a mode of operation for a block cipher. Block cipher means encrypts a set of bits of plaintext at a time, it is at times desirable to encrypt and transfer some plaintext values instantly one at a time, for which cipher text feedback is a method. In this mode used an initialization vector (IV) like cipher block chaining (CBC).
Where, C 0 =IV (initialization vector) CFB uses a block cipher as a component of a random number generator. In CFB mode, the previous block of cipher text is encrypted and the output is XORed process with current plain text block to create the current cipher text block. The XORed operation conceals plaintext patterns, the diagram of CFB mode shown in Figure (2).

Figure (2) Diagram of CFB Mode
Where, IV represents initialization vector, EK0 represents encryption process by key 0, P)1(XOR implemented XOR operation between plaintext 1 and the result from EK0, and C)1( represented cipher text. In common cryptographic applications, feedback modes are much interest and much faster since dedicated stream ciphers, Cipher Feedback (CFB) mode encryption process and decryption process shown in Figure (3).

Figure (3) CFB Mode Encryption Process and Decryption Process [9]
Description of Key Scheduling Algorithm [1] In AES algorithm a critical process is called key expansion process that uses a Cipher Key K to generate a key schedule. Where key scheduling generates (Nr+1) round keys based on original single key, see Figure (4). Key generated steps explain in below: 1. Taken the last column of master key (16-byte represented original key) and move the top byte to the bottom.

A substitution runs for each byte.
3. Apply the XOR to the column with a "round constant"(RCj, 0, 0, 0) that is different for each round. 4. Apply the XOR between results of step 3 with the first column of the previous round key.
In this work the enhancement method will be performed to assist in scheduling process of the key ciphering.

Description of an Enhancement Method of Key Generation
This section explains enhancement method of key generation in AES and describes each stage of it in details. Enhancement method of key generation is generated a block of encryption key and the same method used to generate decryption key by keeping only master key (16-byte represented original key that used for expansion). This method is based on modified CFB mode where master key represented as the initialization vector (IV). The initialization vector (IV) forwarded to a block cipher encryption (BCE). BCE consist of two processes: substitution process and shift rows process. Then, the output of the BCE treated as XORed with IV (input key block) to produce the one key block, as shown in Figure (5). This process was repeated to (Nr+1) times to produce a complete key blocks, as shown in Figure (6). The following algorithm describes An Enhancement Method of Key Generation.
Algorithm: An enhancement method of key generation Input: master key (16-byte original key) Output: encryption key (complete key blocks) Begin Step1: for i=1 to 11 do Begin Step1.1: copy master key to key1.
Step1.2: substitution process for each byte in the key1. Step1.2: shift rows process for each row in the key1. Step1.3: XOR process between key1 and master key and save result at key2.
End Step2: return blocks of encryption key. End.

Figure (6) MCFB Mode to Produce a Complete Key Blocks
Block cipher encryption (BCE) consist of two operations: Substitution bytes process and Shift rows process, as shown in Figure (7), the following sections describes each process in details.

Figure (7) Block Diagram of the BCE Substitution Bytes Process
In this process used S-box matrix that defined by AES algorithm which contains a permutation of all possible 256 8-bit values. Each byte in the key block is mapped into a new byte in the following way: by division byte in to two parts each part consists of four bits: The left part (4 bits of a byte) is represented as a row value and the right part (4 bits of a byte) is represented as a column value. Row value and column value represent as indexes into the S-box to select a unique 8-bitoutput value, as shown in Figure (

Shift Rows Process
In this process used a matrix of 4x4 byte represented key block and circular left shift for each row by different times. The first row of key block is circular left shift by zero times, second row is circular left shift by one times, the third row is circular left shift by two times, and the fourth row is circular left shift by three times, as shown in Figure (9).

Discussion and Experimental Results
This section displayed an evaluation speed and complexity in both key expansion (standard method) and enhancement method for key generation. Complexity calculated the run time of two previous methods for testing the running time measure by counting the number of "basic operations". The XOR operation is considered as a runtime complexity measurement that used between two methods and founded the number of operations in enhancement method equal to (160) operations and in the standard method equal to (200) operations and a primitive operation executed in the class O (n 3 )time as the same class for the standard method thus the consuming run time is reduced in acceptable amount, the following Table (2) shows a comparison of encryption time between the standard method and enhanced method.

Figure (10) Time Encryption of Standard Method and Enhancement Method (char per ms).
From the results above, the run time is reduced in an enhancement method than in the standard method. When using plaintext of length 20 characters that is represented as two blocks, the time of encryption in enhancement method is (115 ms) and in the standard method is (250 ms).When using plaintext of length 40 characters that represented as three blocks the time of encryption in enhancement method is (131 ms) and in the standard method is (266 ms), and when usingplaintext of length 200 characters that represented as thirteen blocks the time of encryption is (223 ms) and in the standard method is (592ms).The average run time of the encryption process through the above assumption examples in the enhancement method is equal to 28 bpms (block per millisecond) and the average of standard method is equal to 66 bpms. Enhancement method reduced time consuming to %57.6.
An enhancement method has less complexity than the standard method, and a short time for key generation, therefore this method can be used in many applications that require higher speed and enough complexity such as real time communication which can perform the required security for sending received in formation through secret plat form.
In the decryption process the same steps of the AES algorithm will be done but with the suggested enhanced key generation method in an inverse manner so to reproduce the plaintext again from the obtained cipher text without needing any further descriptions.
The proposed method focus on the key generation process not on the AES internal functions, thus we are not mentioned about the deciphering processes because the enhancement method deals with the key generation steps only.

CONCLUSIONS
This paper showed an enhancement method for key generation of Advanced Encryption Standard (AES) algorithm with high efficiency. The proposed enhancement method architecture is based on modifying cipher feedback (MCFB) mode. In the block cipher encryption step, two processes are implemented: Substitution bytes process and Shift rows process. The obtained results from using this method has explained more efficient algorithm and a highly secured. Also, it decreased the complexity of the original AES algorithm by more than 20%because data structure related to schedule key are changed (also many operations are changed). Data structure for data input is changed from vector to block 4x4 bytes. The enhancement method can be used in different AES