76 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Modified LOKI97 Algorithm Based on DNA Technique and Permutation

Assist. Prof. Dr. Alaa Kadhim

M.Sc. Shahad Husham

University of Technology / Computer science department

E-mail: [email protected]

ABSTRACT

As is common, in the cryptography, that any encryption algorithm may be vulnerable to breakage, but that conflicts with the most significant goal of any encryption algorithm, which is to conserve sensitive information that will be transmitted via an unsafe channel, therefore the algorithms must be designed to be resistant against the attacks and adversaries, by increasing the complexity of some internal functions, raised the number of rounds or using some techniques such as artificial intelligence to develop this algorithm. In this paper, has been proposed an approach to develop the classical LOKI97 algorithm by enhancement some of its internal functions for increasing the confusion and diffusion to possess resistance against the attacker. 77 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

المستخلص كما هو شائع في التشفير ان خوارزميه التشفير قد تكون عرضه للكسر ولكن هذا يتعارض

مع الهدف االكثر اهميه في خوارزميه التشفير والتهيئه لحمايه المعلومات الحساسه في

الرساله تنتقل ضمن قناه غير امنه ولذلك يجب ان تكون الخوارزميه مصممه لتكون مقاومه

ضد محاوالت الكسر من خالل زياده التعقيد ببعض الوضائف الداخليه وزياده عدد الدورات

واستخدام بعض التقنيات الذكاء االصطناعي لتطويرهذه الخوارزمية. في هذا البحث , تم

اقتراح تطوير خوارزمية LOKI97 , من خالل تطوير بعض دوالها لزيادة درجة تعقيدها مما

يجعلها تمتلك أرتباك وانتشار عالي , لتكون أكثر قوة ضد االخت ارق .

Keywords: Block Cipher, LOKI97, Permutation, DNA Technique

1. Introduction Maintaining and protecting information security has been and still which is the main objective of information security programs such the large organizations and companies spend thousands of dollars and working hours to maintain their information systems. Since attacks are a daily occurrence on their sources of information and systems as well as the evolution of these attacks, the need for information security development goes hand in hand with the evolution of these attacks [1].

In the current era, it became clear that a most important means of protecting sensitive information and accurate data is using cryptography. The cryptography is considered a powerful and effective way to protect information as well as send it quickly and 78 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018 to check the process of sending and receiving it correctly. Where the cryptography can now be regarded as the cornerstone of his peace of the computers and telecommunications because it provides the secure services needed by any party wishing to secure its digital data [2].

2. LOKI97 Overview [3]

The family of a block cipher of (Loki89, Loki91) is designed to be as replacing of data encryption standard (DES) algorithm, and it is very similar to DES in its structure. LOKI97 is one member of the LOKI family, designing by Lawrie Brown. This algorithm, is a new Feistel cipher of 16 round and using a data of 128 bits by employ a complex non-linear function (F). It is using 128, 192, or 256-bit keys. The LOKI97 is designing as a development of Loki 91, by increasing the number of rounds up to 16 and increase the data input from 64-bits to 128-bits, and made the function (F-function) more complicated that is using also in the key schedule. The following figure showed the main F-function of LOKI97.

79 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

3. The Proposed Work In LOKI89,91 some weaknesses appeared such as key scheduling that have been handled in LOKI97, it has also been increasing the length of the block in addition to the complexity of the F-function and use this nonlinear complex function in its key scheduler. In LOKI97 algorithm, there are some fragility in internal functions component. In this paper, the proposal has 80 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018 improved some functions which are keyed-permutation, permutation function and S-box.

The proposal of developing the LOKI97 algorithms is consisting of five internal functions which were included two layers of S- boxes (AES S-box). The first and second phases were a dynamic shifting function and a dynamic DNA addition function. The dynamic shift function that used in this proposal, is featured by awarding a high diffusion. As for the DNA technique, has been used because it is characterized by many advantages such as its privilege of huge capacity in the data storage, in addition to its speed, where the conventional computers can perform nearly (millions of instructions per second), while, as clarified by Adelman, DNA strands has made the computations at a speed of about 10 ^ 9 or better, which can be said to be about 100 times faster than quickest computers.

The last phase in the proposed algorithm is the LOKI- permutation function, which is the same permutation function, has been used in the classical LOKI97 algorithm. The following presented figure (2) illustrated the proposed work. 81 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

3.1 Dynamic Shift Function

The keyed permutation function which located in the main function of the LOKI97 algorithm has been replaced by the dynamic shift function. The dynamic circular left shift function is granted a high diffusion to the input bits, it receives 64 bits of input block and 32 bits of a key block then producing a cipher text of 64 bits as an output. It begins by dividing the input block to eight blocks of the length (8 bits), and this division is also done on the key block to gain eight blocks of length 4 bits. Then, every key block will convert from binary code to the equivalent 82 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018 decimal number, and setting every number as a switch key to the input blocks, this means, the shift will apply on every block of the input to the left direction according to the number of the equivalent key block.

83 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

For example, if the input block was (10010110), the key block is (1001), convert the key block to decimal to be (9), this means performs the left shifting process on the block (9th times). 84 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

So, the block will be (00101101). When applied the inverse algorithm to retrieve the original block, the shifting process performs in the right direction so the block (00101101) will shift as the key block (1001), (9th times to the right) to be (10010110).

3.2 Dynamic DNA Addition Function:

In this proposal has been dispensed with the idea of the compression, by deleting the expansion function in the LOKI97 standard algorithm that gives a 96 bits as an input to this S-box. So the expansion function will have replaced by the dynamic DNA addition function.

The dynamic DNA addition function is a proposed function designed to be depend on the dynamic key. This function will have received a key of 32 bits, this key will be subjected to several processing to suit the several stages of this function. The function works according to several steps, in every step will use a key of different length, firstly, the input block is a 64 bits is divided into 32 blocks of (2 bits), then these blocks will be transformed to the equivalent decimal number. These numbers are compensated according to the proposed specific table by using the key.

As for the key, as mentioned above, the key will be processing many times. At the beginning, the 32 bits of the key will be expanded to 64 bits by performing the Xor operation between all two adjacent bits (the last bit will be Xor with 0) to 85 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018 get an additional 32 bits, then will be concatenated them with the bits of the original key to form the 64 bits at the end. Then, the second process is splitting the 64 bits of the key into two arrays (odd and even arrays of the 32 bits to each array) and perform the Xor operation between them in gaining the 32 bits and concatenating them with the key of 64 bits to getting 96 bits.

In the first stage, the key of 96 bits will be used in the first step of the enciphering, which is dividing the 96 bits into 32 blocks of (3 bits) and transforming these blocks to equivalent decimal number to construct the decimal key blocks. Now, matching the decimal input blocks with the rows of the proposed DNA table (1), while the decimal key blocks will be matched with column of the same table and compensation the resulting code to getting a new sequence of 32 DNA codes.

While in the second stage, the key of (64 bits) was used here. It will perform the division of the key into 32 blocks of the length 2 bits, then, coded the 32 blocks by DNA classic codes, which that the 00 is coded to the (A) and 01,10,11 will coded in C, G, T respectively, then will be getting a sequence of DNA code of the key.

In the third stage, the DNA-addition operation the table (2) was performed on the two DNA sequences of the input and the key. 86 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

87 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Algorithm (3): Dynamic DNA addition Algorithm

Input: 64 bits as input block.

32 bits as key block.

Output: One block of 64 bits with high diffusion.

Begin

Step 1: Perform the splitting on the input block into 32 blocks of length

2 bits.

Step 2: Transform the 32 blocks from the binary code to decimal numbers put in

Inp [32].

Step 3: Assign the 32 bits of the key in K1 [32].

Step 4: Expand the 32 bits of the key to 64 bits and assign the result in K2 [32] as: Step 4.1: For i = 1 to 32

Step 4.2: K2 [i] = K1 [i] Xor K1 [i+1]

Step 4.3: Next i

Step 5: Concatenating the K2 [32] with the original key, assign in K3

[64] as:

Step 5.1: K3 [64] = K1[32] + K2 [32].

Step 6: Cut the bits of the odd position of the key and assign in K_odd

[32], while the the bits of the even position, cutting and put in K_even

[32], then perform the Xor operation between put the result in K_result

[32] them as: 88 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Step 6.1: For i = 1 to 32

Step 6.2: K_result [i] = K_odd [i] Xor K_even [i]

Step 6.3: Next i

Step 7: Concatenating the K_result [32] with the K3 [64] as:

Step 7.1: K [96] = K 3 [64] + K_result [32]

Step 8: Splitting the 96 bits of the last key into 32 blocks of 3 bits, put in Key [32]

Step 9: Matching the input blocks with the row of the proposed DNA code, while the key block will be matched with columns, set the DNA table as:

DNA_Table (Inp [32], Key [32]) and set the row to R [32], column to C

[32], and put the result in the Result [32] as:

Step 9.1: For i = 1 to 32

Step 9.2: If R [i] = Inp [i] & C [i] = Key [i]

Step 9.3: Result [i] = R [i] & C [i].

Step 9.4: Next i

Step 9.5: Construct the input sequence of DNA code.

Step 10: Splitting the 64 bits of the key K3 [64] into 32 blocks of 2 bits, then coded as a classic DNA code as: DNA_Code = {"00", "A"},

{"01", "C"}, {"10", "G"}, {"11", "T"}.

Step 11: Perform the addition operation between the key sequence and the input sequence. 89 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Step 12: Construct the result one block after re-coded the DNA

sequence to binary code as: DNA_Decode = {"A", "00"}, {"C", "01"}, {"G",

"10"}, {"T", "11"}.

End.

3.3. The Substitution Box (S-Box)

In the proposed work, it has been replaced the S-box of the LOKI97 standard algorithm, by borrowing the S-box of

Advanced Encryption Standard (AES).The basic and important difference between these two S-boxes were that the S-box of

LOKI97 algorithm was received (96 bits) as an input and produced (64 bits) as an output, this means this S-box adopting the principle of compression. On the other hand, the S-box on the (AES) will receive and produced 64 bits as input and output.

The intent of the replacement of the S-box on the (AES), is to reduce the number of processes and stages for a very important thing which is to win the time, while remaining the same degree of complexity in both S-boxes.

The first step was split the input block of the S-box of

(AES) into eight blocks of (8 bits), then transform these blocks of 90 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018 binary code to blocks of hexadecimal code. Then every new block of the hexadecimal code will be split into two chunks (the chunk is two hexadecimal code). The next step will be setting the most significant code of the chunk to the row and set the least significant code of the chunk to the column of the lookup table

(AES-table). After that, replacing the intersection of the columns with rows by the code of the S-box of the AES figure (3).

Figure (3): The S-Box of Advanced Encryption Standard [4]

91 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Figure (4): The S-Box Inverse of Advanced Encryption Standard [4]

Algorithm(4): Substitution Box of AES Algorithm

Input: 64 bits as input block

Output: 64 bits as new block with high confusion

Begin

Step 1: Splitting the input block of 64 bits into 8 blocks of length 8 bits.

Step 2: Every block divided into 2 sub blocks of (4 bits) and transform them to hexadecimal code to construct eight chunks from all input block

(the chunk are two hexadecimal code).

Step 3: Assigning the 1st code of every chunk to A [8], while assigning the 2nd code of every chunk to B [8]. 92 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Step 4: Using the AES's table (AES_table (8,8)) assigns the row of the table to R [8], while the column assigning it to C [8].

(every number in the AES's table will represent the address of row and column)

Step 5:Apply the process of intersection of each row with the column as:

Step 5.1: For i = 1 to 8

Step 5.2: For j = 1 to 8

Step 5.3: If A [i] = R [i] & B [j] = C [j]

Step 5.4: The new chunk = AES_table [i] [j]

Step 5.5: Next i

Step 5.6: Next j

Step 6: Construct the new sequence of 8 chunks of hexadecimal code.

Step 7: Convert the hexadecimal sequence to binary code of 64 bits.

End.

Algorithm(5): Inverse Substitution Box of AES Algorithm

Input:Cipher text of 64 bits

Output: 64 bits of original block.

Begin 93 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Step 1: Splitting the 64 bits of the input block into 8 blocks of length 8 bits.

Step 2: Every block divided into 2 sub blocks of (4 bits) and transform them to hexadecimal code to construct eight chunks from all input block

(the chunk are two hexadecimal code).

Step 3: Assigning the 1st code of every chunk to A [8], while assigning the 2nd code of every chunk to B [8].

Step 4: Using the inverse AES's table (AES_table_inverse (8,8)) assigns the row of the table to R [8], while the column assigning it to C [8].

(every number in the AES's table will represent the address of row and column)

Step 5:Apply the process of intersection of each row with the column as:

Step 5.1: For i = 1 to 8

Step 5.2: For j = 1 to 8

Step 5.3: If A [i] = R [i] & B [j] = C [j]

Step 5.4: The new chunk = AES_table_inverse [i] [j]

Step 5.5: Next i

Step 5.6: Next j

Step 6: Construct the new sequence of 8 chunks of hexadecimal code.

Step 7: Convert the hexadecimal sequence to binary code of 64 bits to retrieving the original block.

End. 94 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

In the inverse algorithm (5), to retrieve the original block, must use the inverse of AES's S-box as figure (4). The first step was that, the input block is split into 8 blocks of length 8 bits and apply the conversion process from the binary to hexadecimal code on the blocks. Taking each block and split it into two chunks and set the most significant code of the chunk to row and least significant code of the chunk in the column of the S-box inverse of AES. Then making the corresponding process between the row and column to construct new chunks.

For example, one block is 11010010, convert it to the hexadecimal code to become (D2), set the code (D) to the row of the S-box table as figure (3), and set (2) to the column. Search for an intersection the row and column in the figure (3)and produced (B5). Then, re-transform the (B5) into binary code to become (11010101). This process will have applied to each block to construct the cipher text. And when retrieving the original block, the block 11010101 will also be converted into hexadecimal code to be (B5), and set the code (B) to the row while the code (5) setting to the column of the S-box inverse of AES as the figure (4), so will produced the code (D2), then by converting it to binary code the original block itself will be obtained (11010010). 95 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

3.4. LOKI97-Permutation Function [3]

To diffuse the output of the S-box, the proposed work has been using the standard permutation function of the LOKI97 standard algorithm. It is using the Latin square regular pattern as a table of 64 bit. This Latin pattern table is similar to that in the LOKI91 algorithm, but with a little difference which that the analog output will not go to the corresponding input.

Algorithm(6): Permutation Function Algorithm

Input: One input block of 64 bits.

Square regular pattern as table of 64 bits.

Output: High diffusion new block of 64 bits.

Begin

Step 1: Convert the input block of 64 bits from string to array of string

of 64 bits, put in B [64].

Step 2: Convert the square regular pattern from string to array of string

of 64 bits, put it in P [64]. As:

P [64] = [56,48,40,32,24,16,8,00,57,49,41,33,25,17,09,01,

58,50,42,34,26,18,10,02,59,51,43,35,27,19,11,03,

60,52,44,36,28,20,12,04,61,53,45,37,29,21,13,05,

62,54,46,38,30,22,14,06,63,55,47,39,31,23,15,07]

Step 3: Using a third array to store the result of also 64 bits, set it Z

[64]. 96 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Step 4: For i = 1 to 64 do:

Step 4.1: Z [i] = B [P[i]]

Step 5: Convert the result of Z[i] to string.

End.

4. Evaluation and Experimental Results In this paper, the proposed work has been testing by the evaluation scales such as: speed of time, complexity.

4.1 Time

The proposed work will be run on a text message of various length sizes of (128 bytes, 256 bytes, 512 bytes). The encryption process will have measured on the time scale. Table (4) will show the encryption and decryption run time, while the figure (5) and figure (6) will show the encryption and decryption run time respectively.

97 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

As indicated in the upper tables and charts, the encryption and decryption run time of the new proposed algorithm and the classical LOKI97 by using a different size of messages, and it was observed that the new proposed algorithm is faster than the LOKI97 algorithm in both encryption and decryption run time. 98 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

4.2 Complexity

As an evaluation of the proposed algorithm in compared with the LOKI97 standard, in this paper, has been using the same number of the rounds as the LOKI97 algorithm which is a 16 rounds and used the same input of (128-bits) of input block as plaintext and the cipher text, and also the key length of 265 bits. The main difference between the proposed work and the classical LOKI97 algorithm, that the proposed use a 64 bits along the F-function. This is contrary to the LOKI97 standard, because it used the (expansion function), where it produces a 96 bits as entrance to the first layer of S-box, but this expansion function is absent in this proposal, and it is replaced by (Dynamic DNA Addition Function), that receive and produce 64-bits only.

In addition to that, the S-box in the LOKI97 is used two S-boxes S1 and S2, consisting of two layers. In every layer used the S1 and S2 four times, but, in this proposal that used the same S-box eight times in two layers, this is in the encryption computation, whereas in the decryption computation, has been used the inverse of S-box also eight times in each layer of the two layers. The proposed S-box function has received 64 bits as an input and produced 64 bits as an output. This means that the proposed S-box doesn't apply the compression principle in its work. 99 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Regarding to the brute force attack, the LOKI97 standard used in F-function, one key of the size of 64 bits, so the brute force ퟔퟒ attack required (ퟐ ) possible key. The proposed algorithm have ퟔퟒ the same complexity for the brute force attack which is (ퟐ ) , because it has the same key length.

4.3 Proposal Encryption Evaluation

There are two tests have been selected in the evaluation of the proposed work and the LOKI97 standard algorithm, these tests were (The Basic Five Statistical Tests and The NIST Tests Suite) using in examining the cipher text output of the proposed algorithm beside examine the output of the classical LOKI97 standard algorithm, then do a comparison between the results to evaluate the performance.

4.3.1. Basic Five Statistical Tests

In this paper, was used the inputs itself for the proposed algorithm and also using this input to the classical LOKI97 algorithm, (the input block size of 128 and the key length of size 265 bits), the results will be shown in the table (5) and figure (7).

100 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

101 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

4.3.2. The NIST (National Institute of Standards and Technology) Test Suite

The NIST Test Suite is a statistical package consisting of 16 tests and running on a binary sequence. The NIST Test has been developed for the randomization test, testing the encrypted output text of the encryption algorithms. These tests are based on a variety of different randomizations that can be found in sequence [4]. The output cipher text of the proposed algorithm has been tested by the 16 NIST Test Suite and the result will be shown in the following table (6).

102 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018

Conclusion The most important different between the new proposal and the classical LOKI97 algorithm was the abandonment of pressure technique and dealing with the block which enter to the main F- function as a same length is 64-bit, where the important thing is that this abandonment of the expansion function did not affect the strength of the proposed algorithm because it was being 103 المجلة العراقية لتكنولوجيا المعلومات.. المجلد. 8 - العدد. 2 - 2018 replaced by the complex function which the (dynamic DNA addition function). As well as that the DNA function provides high permutations despite the time it consumes.

References 1. Michael E. Whitman, Herbert J. Mattord, "Principles of Information

Security". Four Edition, 2011.

2. Ayushi.,"A Symmetric Key Cryptographic Algorithm". International

Journal of Computer Applications (0975 - 8887), Volume 1 – No. 15,

2010.

3. Lawrie Brown, Josef Pieprzyk, “Introducing the new LOKI97 Block

Cipher", 1997.

4. Yasser Ali Yasser, "Improve E-Services Security Level by Modifying

AES Algorithm". 2016.