Comparison of Performance of AES Standards Based Upon Encryption /Decryption Time and Throughput

Comparison of Performance of AES Standards Based Upon Encryption /Decryption Time and Throughput

Miss Navraj Khatri	Mr Jagtar Singh	Mr Rajeev dhanda
NCCE,Israna,K.U	Senior lecturer,NCCE,Israna,K.U	Assistant Professor,RVIT,U.P

Abstract

The introduction of wireless data communication at the beginning of 20th century resulted in an increasing interest in cryptography due to insecure nature of Wireless medium. The selective application of technological and related procedural safeguards is an important responsibility of every organization in providing adequate security to its electronic data systems.In the present work, a new model is proposed and implemented, which is very similar to the conventional AES. The fundamental difference in the AES and proposed model is in block size which has been increased from 128 bits in conventional AES to to 200 bits in proposed algorithm.The proposed algorithm is giving very good randomness and hence enhances the security in comparison to conventional AES.The performance is measured based upon encryption and decryption time of algorithms per block and throughput at encryption and decryption side.In this paper,we showed the effect in security increment through AES methodology.

Keywords- Block cipher,plain text,cipher text,stream cipher,Symmetric Encryption,Computer Security

1. Introduction

   In this paper,symmetric block cipher algorithm is proposed likewise Advance Encryption Standard (AES).The proposed algorithm differs from AES as it has 200 bits block size and key size both.Number of rounds is constant and equal to ten in this algorithm. The key expansion and substitution box generation are done in the same way as in conventional AES block cipher.AES has 10 rounds for 128-bit keys, 12 rounds for 192-bit keys, and 14 rounds for 256-bit keys[4].Section 2 describes the our proposed algorithm properly.Section 3 gives the time comparison of different AES standards and throughput on encryption and decryption side.Section 4 gives advantages and disadvantages of AES.

2. PROPOSED ALGORITHMS

   1. The General Definitions

      Block size and key size are the important parameters of any encryption algorithm because the level of security provided by a cipher completely depends upon these two parameters.In our proposed encryption algorithm,we are using 200 bits block and key size instead of 128 bit used in conventional Rijndaelsalgorithm.This increased block and key size will improve the security level of the cipher with a negligible loss in efficiency.

      The original data which needs to be encrypted will be termed as plaintext. Our encryption algorithm is a symmetric block cipher algorithm.This algorithm will operate on fixed size blocks of plaintext to generate ciphertext.In the process of encryption, the first step is formation of data blocks from the original plaintext.Our basic block length is 200 bits which can be shown by a 5 by 5 matrix of byte. The data bytes are filled first in the column then in the rows. Once the data block is formed, different rounds take place to modify data to the cipher text.

      Figure 1. Making of data block from stream

   2. The Round Transformation

      The round transformation is composed of four different transformations.It is similar to that of Rijndael.There are ten rounds, and in each of the round there are series of transformations takes place except the final round.A pseudo algorithm for each of the common round is given below and later the final round transformation algorithm is given.The state is referred as the output of the previous transformation. Each function in the round is explained later. The final round is equal to others when mix-column transformation is removed from general one.

      Algorithm 1: (For Common Rounds) Round(state, Round Key)

      {

      ByteSub(state); ShiftRow(state); MixColumn(state);

      AddRoundKey(state, Round Key);

      }

      Algorithm 2: (For Final Round) FinalRound(state, Round Key)

      {

      ByteSub(state); ShiftRow(state);

      AddRoundKey(state, Round Key);

      }

   3. The ByteSub Transform

      The ByteSub transformation is a non linear byte substitution that acts on every byte of the state in isolation to produce a new byte value using an S-box substitution table.In this transformation, each of the byte in the state matrix is replaced with another byte as per the S-box (Substitution Box).The S-box is generated by calculating the respective reciprocal of that byte in GF (28) and then affine transform is applied.Similarly,Inverse S-Matrix can be formed during the decryption of the cipher text.For increasing the efficiency,we use Rijndael S-box.The substitution taken in SubByte transform is invertible.

      Table 1. S-box

   4. The ShiftRow Transform

      For encryption, the 1st row remain unchanged, 2nd row is shifted 1 byte to the left, 3rd is 2 byte to the left, 4th is 3 byte to the left and 5th row is shifted 4 byte to the left. For decryption the operation is similar to that for encryption but in reverse direction.

   5. The MixColumn Transform

      This is a complex procedure as it involves severely the byte multiplication under GF (28). The whole state is to be multiplied with pre-defined matrix called polynomial matrix. It completely changes the scenario of the cipher even if the all bytes look very similar. The Inverse Polynomial Matrix does exist in order to reverse the mix column transformation. Here, both of the matrixes are drawn and explained with the help of one column from the input state.

      Figure 2. Polynomial Matrix for mix column transformation

      Figure 3. Inverse Polynomial Matrix for mix column transformation

      Each Column is replaced by the multiplicative value such as b(x)=c(x)*a(x),Where, * refers to multiplication under GF (28).

      b(x)=02.a[0,0]+04.a[1,0]+03.a[2,0]+01.a[3,0]+ 01.a[4,0];

      Similarly, Inverse Mix Column transformation takes place under the same condition and the final column may be represented by d(x) like:

      d(x)=E0.b[0,0]+7D.b[1,0]+09.b[2,0]+8A.b[3,0]+ 4C.b[4,0];

   6. The AddRoundKey Transform

      During this, the round key is simply bitwise XORed with the state came from above. The round keys are generated similarly as in the Rijndael Algorithm of 128 bits. To inverse this state, one need to again XOR the Round Key in the state.

   7. Key Schedule

The Round Keys are derived from the Cipher Key by means of the key schedule.This consists of two components: the Key Expansion and the Round Key Selection.The basic principle is the following

• The total number of Round Key bits is equal to the block length multiplied by the number of rounds plus 1.

• The Cipher Key is expanded into an Expanded Key.

3.1 Comparison

3.1 Encryption/Decryption time

The amount of time required to encrypt a packet is proportional to the number of bytes in the packet.If the packet size is 200 bits long,then our proposed algorithm has to execute once to encrypt the whole data but conventional AES has to run 2 times to encrypt the whole data.The encryption and decryption time is one of the very important parameter while observing performance of any kind cipher. Fig. 4.1 shows the time to encrypt one block of the cipher.while the Fig

4.2 shows time to decrypt one block of the message.

Figure 4. Comparison of encryption time of algorithms per block

Figure 5. Comparson of decryption time of algorithms per block

From the graph, it can be deduced that time to encrypt one block is higher in AES-200, but since block size is increased, encryption time per bit is reduced up to 20%.

And, decryption time per bit is increased up to 25% while decryption time per block is approximately double than conventional AES.

3.2 Throughput

The throughput may be defined as number of bits can be encrypted or decrypted during one unit of time. As it was mentioned earlier that all AES variant has equal block size of 128 bits and the proposed algorithm has block size of 200 bits. Thus, in form of equation the throughput may be defined as.

Where, is representation of throughput for conventional algorithms, is representation of throughput for proposed algorithm, denotes the time

taken to encrypt the 128 bit block message, represents time taken to encrypt the 200 bit block

message of conventional algorithm

Figure 6. Comparison of throughput at encryption side

Figure 7. Comparison of throughput at decryption side

From the plots, it is observed that the throughput at encryption end of AES-200 15% more than AES-128, 20% more than AES-192 and 30% more than AES-256. The decryption process of AES-200 is slower than conventional AES. It can be seen from the graph that the proposed algorithm is 50% slower from AES-128, 40% from AES-192, and 25% from AES-256.

1. Advantages and Limitations

   Advantages

   Resistance against all known attacks.

   Speed and code compactness on a wide range of platforms.

   Design simplicity.

   Our proposed algorithm can be implemented to run at speeds unusually fast for a block cipher on a Pentium (Pro).There is a trade-off between table size / performance.

   The round transformation is parallel by design, an important advantage in future processors and dedicated hardware.

   Limitations

   The inverse cipher is less suited to be implemented on a smart card than the cipher itself: it takes more code and cycles.

   In software, the cipher and its inverse make use of different code and/or tables.

   In hardware, the inverse cipher can only partially re-use the circuitry that implements the cipher.

2. Conclusion

The announcement of AES attracted concentration of cryptanalysts to measure its level of security. As mentioned earlier, there is always a trade-off between the security and performance of wireless network. AES provides a very high level of security in an efficient way, but it also has some flaws in terms of security and the performance.Regarding the performance of the mentioned system, a new similar model is proposed in the present work, which provides a higher throughput with same strength of security.The proposed model has bigger block size which is 200 bits rather than conventional 128 bits. Also, the block is made by 5 rows and 5 columns unlike the AESs 4 rows and 4 columns. As the size of the matrix has increased, all the transformations of the AES dont need to change except the mixcolumn transformation.During mixcolumn transformation, the diffusion takes place in form of matrix multiplication under finite field. Having a bigger block, hence, requires a new matrix of size 5 X 5, to enable matrix multiplication.Hence, it can be said that the proposed model is secure and can be considered for communication where high data rate is required.

References

[1]http://www.theitlibrary.com/networktutorials/encryption.ht ml.

[2]The Design of Rijndael:AES,Joan Daemen,Vincent Rijmen,Springer,2002.ISBN 3-540-42580-2.

[3]NIST reports measurable success of AES,Westlund,Harold B.Journal of Research of the National Institute of Standards and Technology,2002.

[4]Federal Information Processing Standards Publications (FIPS 197), Advanced Encryption Standard (AES) ,26 Nov. 2001.

[5]National Policy on the Use of the AES to Protect National Security Systems and National Security Information,Lynn Hathnway(June 2003),Retrieved 2011-02-15. [6]Performance Comparison of the AES submissions,1999-02-01.Retrieved 2010-12-28. [7]http://en.wikipedia.org/wiki/AES_implementations

[8]An Efficient Approach For Increasing Security to Symmetric Data Encryption,International Journal of Computer Science and Network Security,Vol.8 No.4,April,2008.

International Journal of Engineering Research & Technology (IJERT)

ISSN: 2278-0181

Vol. 1 Issue 5, July – 2012

.