Ain Shams Engineering Journal (2014) xxx, xxx–xxx Ain Shams University Ain Shams Engineering Journal www.elsevier.com/locate/asej www.sciencedirect.com ELECTRICAL ENGINEERING LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm Hadia M.S. El Hennawy a, Alaa E.A. Omar b, Salah M.A. Kholaif c,* a Electronics and Communications Department, Faculty of Engineering, Ain Shams University, Cairo, Egypt b Head of Research Development Division, Research Development Center, Cairo, Egypt c Research Development Center, Cairo, Egypt Received 20 June 2013; revised 19 December 2013; accepted 9 August 2014 KEYWORDS Abstract Cryptographic algorithms for confidentiality and authentication play a major important Link Encryption Algorithm; role in nowadays information security Sen (2012) [1]. Encryption algorithms are becoming more Stream cipher; necessary to ensure the securely transmitted data over insecure communication channels. A new Linear Feedback Shift stream cipher is proposed. The design is very simple and based on 16 shift registers, nonlinear Register; and an output function. The proposed algorithm is characterized by a high performance in software Bit organization; with measured encryption/decryption on Pentium IV processor. We have performed detailed secu- Non Linear Function rity analysis, in particular, and standard statistical randomness test of the produced ciphertext. Experimental results in terms of performance and resources are presented. Ó 2014 Production and hosting by Elsevier B.V. on behalf of Ain Shams University. 1. Introduction ciphers have been becoming the best choice for several commu- nication protocols especially that used in wireless field [2]. Nowadays there are many stream cipher algorithms proposed Block ciphers are memory less algorithms that permute N-bit in both academic and industrial research. Stream cipher is an blocks of plain text data under the influence of the secret key important category of symmetric encryption algorithms [1]; and generate N-bit blocks of encrypted data, whereas stream what’s more, synchronous stream ciphers do not suffer from ciphers contain internal states and typically operate serially error propagation, because each bit is independently by generating a stream of pseudo random key bits, namely encrypted/decrypted from any other. Compared with block the keystream (stream ciphers are also called keystream gener- ciphers, most stream ciphers are generally much faster and ators). The keystream is then bitwise XORed with the data to have greater software efficiency. Due to these features, stream encrypt/decrypt. LEA is a word-oriented stream cipher; it takes a 128-bit ini- tial key and a 128-bit initial vector as input, and outputs a key- * Corresponding author. Tel.: +20 1227337460. stream of 32-bit words (where each 32-bit word is henceforth E-mail address: [email protected] (S.M.A. Kholaif). called a key word). This keystream is used to encrypt the plain Peer review under responsibility of Ain Shams University. text. To ensure the security of LEA, it is evaluated through a software implementation. Since the Linear Feedback Shift Registers (LFSRs) are pretty efficient in hardware and are Production and hosting by Elsevier http://dx.doi.org/10.1016/j.asej.2014.08.001 2090-4479 Ó 2014 Production and hosting by Elsevier B.V. on behalf of Ain Shams University. Please cite this article in press as: El Hennawy HMS et al., LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm, Ain Shams Eng J (2014), http:// dx.doi.org/10.1016/j.asej.2014.08.001 2 H.M.S. El Hennawy et al. the main building blocks of this cipher, it is possible to imple- where (&&) is bitwise AND, || is concatenation operator, and ment LEA in hardware and achieve higher throughput. LRot8 (x, y) = cyclic rotation of 8 bits sequence x by y posi- This paper is structured as follows. In Section 2 the LEA tion left. stream cipher algorithm specifications are briefly described. The Key Loading part use four keys groups SK (SK0 || SK1 In Section 3, we explain the security analysis of the LEA algo- ||...|| SK15), MK (MK0 || MK1 ||...|| MK15), IV (IV0 || IV1 rithm. In Section 4, we discuss the algorithm performance ||...|| IV15), and BK (BK0 || BK1 ||...|| BK15), respectively, results. Finally, Section 5 concludes the paper. to produce sixteen substrings of 32-bit according to the follow- ing rule Ri =Ski || MKi || IVi || BKi, where (0 6 i 6 15). The 2. Proposed Stream Cipher Algorithm generated value Ri is used as the initial state of the LFSR layer, and the BKi will be the rightmost bit with value equal to 1 for each register for register balancing requirement. The Proposed Link Encryption Algorithm, LEA, is a stream cipher algorithm. It is cryptological concept which was devel- oped for encipher/decipher 8-bit ASCII character. For each 2.3. The Linear Feedback Shift Register (LFSR), layer step, cipher or decipher, the algorithm is performed once deliv- ering an 8-bit key character. This character is combined with The Linear Feedback Shift Register (LFSR), illustrated in the plain (or cipher) character by bitwise addition to give the Fig. 2, has sixteen Registers of 32-bit (R0 to R15), each register 32 cipher (or plain) character. Thus there is no difference between is restricted to take values from the (1 to 2 – 1). The LFSR encipher/decipher and this meaningful to explain only the pro- layer has two stages of operations: the initialization stage of cess of encipherment. The algorithm is offering highest security sixteen register and the working stage. level achieved through the high nonlinear complexity and the In the initialization mode, each register LFSR receives a 32- complete re-initialization before every encryption process. bit input, which is obtained from key loading process. In the The idea of this algorithm is building up the key character working mode, the LFSR receives two 32-bit word inputs, sequence of combination of two different sequences, where the one word N, which is obtained from the 32-bit output M of first one has probable long period and the second one is high the nonlinear function F, and the other word R, from output complexity by using nonlinear functions. Moreover, both of feedback operation of LFSR. The output of the LFSR layer these sequences are statistically flat. The good statistical prop- stage supplies four 32-bit (128-bit) as input to the bit compres- erties of the first sequence are in principle that of Liner Feed- sion layer, and the last register R15 are used in producing key back Shift Registers (LFSRs) with primitive characteristic stream. polynomials to achieve maximal-length period. Also, those of Informative note: Since the multiplication of a 32-bit string i 32 the second part are achieved by using well distributed gener- R by 2 over GF (2 – 1) can be implemented by a cyclic shift 32 ated substitution boxes, confusion, and diffusion. The LEA of R to the left by i bits, only addition modulo 2 –1is encryption algorithm can be divided into a driving part and needed. a combining part. The driving part consists of a set of maxi- mum length Linear Feedback Shift Registers. It mainly gov- 2.4. The bit-compression layer erns the state sequence of the generator and is responsible for providing sequences of large periods and good statistics. The middle layer of the LEA algorithm is the bit-compression The combining part is essentially nonlinear. It has the task (BC). It receives four 32 bits (128-bit) from the four distinct to make the cipher stream generation to be mathematically registers of the LFSR layer and combine them using addition complex [3]. modulo 232, and bitwise XOR operations, as shown in Fig. 3. Finally it produces 32-bit word, which will be used as the input 2.1. General structure of algorithm of the nonlinear function F in the bottom layer. LEA is a word-oriented stream cipher that takes a 128-bit Key 2.5. The Nonlinear Function F layer and a 128-bit Initial Vector (IV) as input, and outputs a key stream of 32-bit words, see Fig. 1. LEA has three logical layers. The Non Linear Function or Finite state machine (FSM) func- The top layer is a Linear Feedback Shift Register (LFSR) of tion, as shown in Fig. 4, used as a non linear core, needs to sat- sixteen Registers, each cell of 32-bit, the middle layer is for isfy various cryptographic criteria. They must be balanced [4], bit compression (BC), and the bottom layer is a nonlinear possess high nonlinearity to resist fast correlation attacks [5], function (F). and must possess high algebraic degree: 2.2. Key loading To resist the Ronjom–Helleseth attack [6]. To resist the Berlekamp–Massey attack [5]. The Initialization key procedure has four main parts, a 128-bit As a necessary but not sufficient condition to resist fast secret key (SK), 128-bit initialization value (IV), 240-bit Mas- algebraic attacks [7]. ter Key (MK), and 16-bit balance Key (BK). MK is combina- tion of SK and IV. In the case of FSM functions, a high order of correlation immunity is also necessary [8]. The nonlinear function F has 32-bit input comes from bit-compression stage. The construc- MK ¼ðLRot ðSK;2Þ&&ð0xFFFFFFFÞÞk 8 tion of nonlinear function sequences was designed for crypto- ðLRot8ðIV;5Þ&&ð0xFFFFFFFÞÞ: graphic robustness, efficiency when implemented in software. Please cite this article in press as: El Hennawy HMS et al., LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm, Ain Shams Eng J (2014), http:// dx.doi.org/10.1016/j.asej.2014.08.001 LEA: Link Encryption Algorithm New Proposed Stream Cipher Algorithm 3 Figure 1 General structure of Link Encryption Algorithm (LEA). Fig. 1, describes the general structure of LEA encryption algorithm, which is a word-oriented stream cipher that takes a 128-bit Key and a 128-bit Initial Vector (IV) as input, and outputs a key stream of 32- bit words.