(Daemen and Rijmen (1999); National Institute of Standards and Technology (NIST) (2001). Matrix operations utilize different methods of multiplication in the finite field (Chen and Huang (2020); Stepanov and Rose (2015); Wang et al. (1983); Mahboob and Ikram (2006); Reed and Chen (1999)). Thus, the methods are used in the encryption and decryption, such as the Rijndael method and the Twofish method (Schneier et al. (1998). In addition, due to attacks (Biryukov Khovratovich (2009) is a computation complexity 2 method by a known-key distinguishing attack in AES-128. Therefore, that can use the diversty of the matrix to enhance security (Wang et al. (2020). In this paper, the idea is using the diversity 8´8 circulant matrix, it has large branch number for diffusion more than 4´4 involutory matrix. Therefore, we propose an enhancement security method for AES encryption/decryption transformations with the Elliptic Curve Diffie–Hellman key exchange (ECDH) using elliptic curve in ANSI X9.62. Therefore, the AES key and first rows of the matrix can use ECDH method for exchanging both. The method will be more difficult for attacking which is to avoid the key by pre-computing the possible output to attacks. We propose method can be designed for a circuit (Selimis et al. (2006); Jing et al. (2007); Wang et al. (2016); Maximov (2019); Langenberg et al. (2020); Yang and Chien (2020), the circuit can decrease logic gates to use. Finally, using 8´8 circulant matrix is running for AES key of 128 bits on Intel(R) Core(TM) i7-8700 CPU. The reducing encryption time is above 79% faster than the 8´8 involutory matrix multiplication. Finally, the paper is in combining diversity AES and ECDH methods for security enhancement approaches to protect against new threats. The flowchart is as shown in Figure 1.
2. PRELIMINARIES 2.1. FINITE FIELD MULTIPLICATION: Let
Where
unsigned char a, b, c; c=a ^ b; In this
paper, the symbol of
Where
an irreducible polynomial is
In (2), using Horner rule,
the multiplication is writing a programming in the C language as follows:
2.2. MATRIX
MULTIPLICATION Let
Where the polynomial c(x) is
remainder. Its degree is m-1 in GF(2m) as follows:
The di for It can be
rewritten as from as follows:
Where the di
for
The 2´2 circulant matrix is
defined as 2.3. CIRCULANT MATRIX MULTIPLICATION BY 4´4 In Scheme 1, it computes 4´4 circulant
matrix method, there are
three items
3. MATRIX MULTIPLICATION IN AES MIXCOLUMNS OVER GF(28) The polynomial product
it needs running four times
in AES MixColumns steps. The
In this
paper, we use the polynomial product The circulant matrix A multiply matrix B is
from as follows: 3.1. DECREASING MULTIPLICATIONS FOR 8´8 CIRCULANT MATRIX The 8´8 matrix
multiplication is defined as follows:
where
Using the two-points convolution method instead of
8´8 matrix multiplication, it
can be shown a
3.2. REDUCING MULTIPLICATIONS BY MULTIPLY 2 According to (8),
Where Let…. and Both the
matrix G and the matrix H have
circulant matrix property, so it uses Scheme 1 to compute 4´4 matrix multiplication. However, the 4´4 matrix F,
there is not circulant matrix property, then we can use other method to solve
this problem. Now, the matrix product F can be written for the properties
of addition over GF(2m).
Where Adding two entries of
In (11), the matrix product Where
The matrix f0, matrix f1, and the
matrix f2 are
into equation (11). Where
Finally, the matrix D can be from as follows: Therefore, Scheme 2, (i.e., MF()), for matrix F is 9M & 19A, Scheme 1, (i.e.,
M4()) for the matrix G is 5M &
15A, Scheme 1 for the matrix H is 5M
& 15A. Finally, the entries of the matrix D is given by calling MF() and M4(), and then there are four value returned from function MF() and M4() to addition, respectively, where the
symbol of
That meaning require 8 additions, the total number
of the matrix D operation is 19M and
57A. 3.3. THE INVERSE OF 8´8 MATRIX FOR AES INVMIXCOLUMNS The others method, the inversion matrix
is given by mathematics,
Gaussian elimination is a method
for finding inverse of the matrix A.
It consists of a sequence of operations performed on the corresponding
coefficients of the matrix A. However, the speed is slower
than using the adjoint of the matrix A
because Gaussian elimination method, there are many divisors for computing the
matrix A and the matrix I, that’s why we choose to adjoint
method in finding the inverse of the matrix. The matrix
The transpose of the matrix A of cofactors, it is the same an adjugate matrix, can be an efficient
method to compute the inverse matrix. The inverse matrix is divided det(A) equal to Therefore,
if the matrix A is circulant matrix,
the matrix Therefore, the first rows of matrix The sum of the
coefficients of the polynomial
4.
RESULT
AND DISCUSSIONS Using the multiplication based on several
algorithms in GF(2m) and
the new matrix multiplication method are for evaluating encryption and
decryption procedure running 1,000,000 times state with different AES key
lengths, where the state is 4´4 bytes for encryption and
decryption. The keys with lengths 128, 192, 256 bits run cipher and InvCipher
average execution time as shown in Table 2 and Figure 2. Using 8´8
circulant matrix (19M, 57A) in AES MixColumns
steps, the key of sizes 128, 192, 256 bits can be faster than using 4´4 involutory matrix operation ~33.5%, ~33.7%, and ~33.9%, respectively. In MixColumns steps, using 8´8
circulant matrix (19M, 57A)´2 operation faster than 4´4
involutory matrix (16M, 12A)´4 in AES MixColumns steps. In the AES key 128bits with the circulant matrix (19M, 57A)´2 is above 79% faster than 8´8 involutory
matrix (64M, 56A)´2. Finally, the Figure 2, the
symbol “M” represents the multiplications and the symbol “A” represents the
additions.
In the
paper, using Elliptic-curve Diffie–Hellman
(ECDH) method exchanges both AES key and first row elements of the MixColumns
matrix to allows two parties, as shown in Figure 3. This security is
elliptic curve points using addition to derive the same a point x and
y as AES key and first row elements of the MixColumns matrix,
respectively. The values x and y of the point can be used to encrypt consecutive communications using a symmetric key.
However, the value of y is the first
row of elements in MixColumns matrix that
must be computed first row element into inverse circulant matrix for the MixColumns steps, and then decryption. ECDH is a key exchanging protocol that admits two parties.
For example,
how to share key got it. If Alice wants to establish a shared key with Bob, the
only channel available for them may be eavesdropped on by a hacker. Publicly,
the parameters; that is, the binary case in GF(2m)
is (he value of a, b is the parameter of the elliptic-cure, G is the point
of the elliptic-curve. The only information is about the Alice public key. So,
no person can include Alice to determine Alice's private key, unless that party
can solve the elliptic curve discrete logarithm problem. Bob's private key is
also secure. No person can compute Alice or Bob the shared secret unless that
person can solve the elliptic curve Diffie–Hellman problem. How to choose ECC
the size of m in GF(2m) for exchanging AES key and first row elements of
the MixColumns matrix, if we use AES key size of 128 bits length, ECDH method
using in elliptic curve of the points in
GF(2163) is meaning x
and y of the coordinate with 163
bits. In other words, The elliptic curve of the points is in GF(2233) that can be used for
AES key size of 163 bits and 192 bits. The AES key size is 256 bits that need
the elliptic curve of the points in GF(2283).
So, GF(2283) can be used in AES key sizes of 128 bits, 192bits,
and 256 bits. The elements at first row of the MixColumns matrix (i.e., first
row elements of the matrix A) are 4 bytes or 32 bits that the meaningful y in
the point P = (x, y) is enough bits to
store first row elements of the MixColumns matrix as shown in Figure 4.
5. CONCLUSIONS AND RECOMMENDATIONS In
summary, it is demonstrated herein that the computational complexity matrix
multiplication over GF(28)
can be minimized by 2-point cyclic convolution property. In comparison for the 8 ACKNOWLEDGEMENTS This study was supported in part by Taiwan’s Ministry
of Science and Technology MOST
110-2813-C-214-019-E and
MOST 110-2221-E-214-007. REFERENCES A. Biryukov, D. Khovratovich (2009), “Related-Key cryptanalysis of the full AES-192 and AES-256,” In: Matsui, M. (ed.) ASIACRYPT 2009 LNCS, 5912, pp. 1-18 https://eprint.iacr.org/2009/317.pdf. Retrieved from https://doi.org/10.1007/978-3-642-10366-7_1 A. Mahboob, N. Ikram (2006), “Lookup table based multiplication technique for GF(2m) with cryptographic significance,” IEE Proc. Commun, vol. 52, no. 6, pp. 965-974. Retrieved from https://doi.org/10.1049/ip-com:20050022 A. Maximov (2019), “AES MixColumn with 92 XOR gates,” Cryptology ePrint Archive, Report 2019/833, Retrieved from https://eprint.iacr.org/2019/833 , Jul. A. Stepanov, D. Rose (2015), From mathematics to generic programming. Pearson Education, New York, 3st edn, pp. 9. B. Langenberg, H. Pham, and R. Steinwandt (2020), "Reducing the Cost of Implementing the Advanced Encryption Standard as a Quantum Circuit," in IEEE Trans. on Quantum Engineering, vol. 1, no. 2500112, pp. 1-12. Retrieved from https://doi.org/10.1109/TQE.2020.2965697 B. Schneier, J. Kelsey, D. Whiting, D. Wagner, and C. Hall (1998), “Twofish: a 128-Bit block cipher,” Available NIST's AES homepage, Retrieved from https://www.schneier.com/academic/paperfiles/paper-twofish-paper.pdf. C. C. Wang, T. K. Truong, H. M. Shao, L. J. Deutsch, J. K. Omura, and I. S. Reed (1983), “VLSI architectures for computing multiplications and inverses in GF(2m),” TDA Progress Report, pp. 42-75. Retrieved from https://doi.org/10.1109/tc.1985.1676616 C. H. Yang and Y. S. Chien (2020), “FPGA Implementation and Design of a Hybrid Chaos-AES Color Image Encryption Algorithm,” Symmetry, vol. 12, no. 2, 187, pp. 1-17. Retrieved from https://doi.org/10.3390/sym12020189 D. Augot, M. Finiasz (2013), “Exhaustive search for small dimension recursive MDS diffusion layers for block ciphers and hash functions,” IEEE Int. Conf. on Information Theory, Turkey, pp 1551-1555, Jul. Retrieved from https://doi.org/10.1109/ISIT.2013.6620487 D. Yin, Y. Gao (2017), “A new construction of lightweight MDS matrices,” IEEE Int. Conf. on Computer and Communication, pp. 2560-2563. Retrieved from https://doi.org/10.1109/CompComm.2017.8322997 F. J. MacWilliams, N. J. Sloane (1978), The theory of error-correcting codes: North-Holland, 1nd edn. G. N. Selimis, A. P. Fournaris, and O. Koufopavlou (2006), “Applying low power techniques in AES MixColumn/InvMixColumn transformations,” IEEE Int. Conf, Electronics, Circuits and Systems ICECS’06, France, pp. 10-13, Dec. Retrieved from https://doi.org/10.1109/ICECS.2006.379628 I. S. Reed, T. K. Truong (1978), “A fast computation of complex convolution using a hybrid transform,” DNS Progress Report, pp. 42-46. Retrieved from https://doi.org/10.1109/TASSP.1978.1163150 I. S. Reed, X. Chen (1999), Error-control coding for data networks, Kluwer Academic Publishers, Boston. Retrieved from https://doi.org/10.1007/978-1-4615-5005-1 J. Daemen, V. Rijmen (1999), AES proposal: Rijndael, document version 2. Retrieved from https://doi.org/10.1109/LCOMM.2004.833807 J. Lacan and J.
Fimes (2004), “Systematic MDS erasure codes based on
vandermonde matrices,” IEEE Trans. Commun. Lett., vol. 8, no. 9, pp. 570-572.
Retrieved from https://doi.org/10.1109/LCOMM.2004.833807
J. Nakahara Jr, E. Abrahao (2009), “A New involutory MDS matrix for the AES,” International Journal of Network Security, vol.9, no.2, pp.109–116. Retrieved from https://d1wqtxts1xzle7.cloudfront.net/30902835/ijns-2009-v9-n2-p109-116.pdf?1362934357=&response-content-disposition=inline%3B+filename%3DA_New_Involutory_MDS_Matrix_for_the_AES.pdf&Expires=1632550400&Signature=fMBdhnUJNMZwPR2Vty-P-3dLJ9EKIaeLeFVGoFXz4oo1fFu1Y71GuCtdiYnzUBL4Byh63sc~Y0LUYFXShECE5c6~s3m8zYWmZVwepIX1czUfQbIK~2Ei5crxbZqRxxISHNMAeCcLEh0Y0yQvA5iXVEb0D9-wphLT46rurVt3MDtgxtx-YKWzVAiP1bSzpBtaFa84OZJc8dRsE60uontP90CwrfMmeqmLaqrvkB1GSie45RPP5x398x6RVy73Y~B4TSlu2mCUmXq1fOdwIue~ykBbjjopEa1iH9PdFgV6TCRYdFSaeIZaHF1-o-9J817X4LJERCSUTUY8MGALlWTYKw__&Key-Pair-Id=APKAJLOHF5GGSLRBV4ZA Jeng-Jung Wang, Yan-Haw Chen, Guan-Hsiung Liaw, Jack Chang, Cheng-Chih Lee (2020), "Efficient schemes with diverse of a pair of circulant matrices for AES MixColumns-InvMixcolumns transformation," Communications_of_the_CCISA, vol. 26, no. 2, pp. 1-20. Retrieved from https://cccisa.ccisa.org.tw/article/view/2314 M. H. Jing, Z. H. Chen, J. H. Chen, and Y. H. Chen (2007), “System for high-speed and diversified AES using FPGA,” Microprocessors and Microsystems, vol. 31, pp. 94–102, Mar. Retrieved from https://doi.org/10.1016/j.micpro.2006.02.018 National Institute of Standards and Technology (NIST) (2001) “Advanced Encryption Standard (AES),” PUBS FIPS 197, Nov. P. Junod, S. Vaudenay (2004), Perfect diffusion primitives for block ciphers. building efficient MDS Matrices. Federalede Lausanne, Switzerland. Retrieved from https://doi.org/10.1007/978-3-540-30564-4_6 S. Winograd (1978), “On computing the discrete Fourier transform,” Mathematics of computation, vol. 32, no.141, pp. 175-199. Retrieved from https://doi.org/10.1090/S0025-5718-1978-0468306-4 T. Luong (2016), “Constructing effectively MDS and recursive MDS matrices by Reed-Solomon codes,” Journal of Science and Technology on Information security, pp. 10-15. Retrieved from http://tailieu.antoanthongtin.vn/Files/files/site-2/files/MDS%20matric.pdf Y. H. Chen, C. H. Huang (2020), "Efficient operations in large finite field for elliptic curve cryptographic,” International Journal of Engineering Technologies and Management Research, vol. 7, no. 6, pp. 141-151. Retrieved from https://doi.org/10.29121/ijetmr.v7.i6.2020.712 Y. Wang, L. Ni, C. H. Chang, and H. Yu (2016), “DW-AES: A Domain-Wall Nanowire-Based AES for high throughput and energy-efficient data encryption in Non-Volatile memory,” IEEE T INF FOREN SEC, vol. 11, no. 11, pp. 2426-2440. Retrieved from https://doi.org/10.1109/TIFS.2016.2576903
© IJETMR 2014-2021. All Rights Reserved. |