ELSEVIER

7th International Conference on Communication, Computing and Visualization 2016

Next Generation Encryption using Security Enhancement Algorithms for End to End Data Transmission in 3G/4G Networks

Vikas Kaula*, Bhushan Nemadeb, Dr. Vinayak Bharadic, Dr. S. K. Narayan khedkard,

_abc Information Technology Department, Thakur College of Engineering and Technology and dMGMCOET India,_

Abstract

This paper presents design, implementation, evaluation and comparison of security enhancements in data transmission for next generation encryption highlighting the possible weaknesses within the current AES encryption algorithm. An enhanced encryption method with AES algorithm is used here within TLS. Enhancement is done in AES by first using chaos and then modifying the S-box .The use of chaos sequence makes the key space infinite and the static S-box is made dynamic using cipher key. To increase the complexity of the system, AES is integrated in Round structure. The evaluation focuses on: Encryption- Decryption time, Throughput-speed and Avalanche effect. Results show that speed of around 2Mbps is achieved which is compatible with LTE networks. Also performance evaluation of traditional AES and enhanced AES do not show much deviation and hence enhanced version can be a good alternative. More attack resistance and complexity is achieved by integrating AES in a Round structure which gives non linearity to the system .The number of rounds in the enhanced system can be made variable as shown in the results and can be application specific to achieve the desired throughput and speed making the system more compatible current and next generation networks.

© 2016 The Authors.PublishedbyElsevierB.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.Org/licenses/by-nc-nd/4.0/).

Peer-review under responsibility of the Organizing Committee of ICCCV 2016 Keywords: 3G; 4G; AES;Chaos,S-box; Round structure

CrossMark

Available online at www.sciencedirect.com

ScienceDirect

Procedía Computer Science 79 (2016) 1051 - 1059

1. Introduction

In next generation networks, technologies like LTE (Long Term Evolution) provide speeds that allow carriers to offer a number of business-specific applications and services, such as videoconferencing, in-office connectivity, uploading and downloading large files etc. Also, gaming, downloading movies, music and other wireless applications that bring desktop experience to users' wireless devices. These new technologies demands that security functions should be optimally and efficiently embedded into the overall system.

4G, the next-generation mobile telecommunication system, is modelled for increased security and reliable communication. 4G networks operate entirely on the TCP/IP . This makes 4G technologies different from 3G and other preceding versions [1]. The 4G systems support both the next generation of mobile service as well as the fixed wireless networks [24].

The 128-bit AES algorithm is the preferred option in the 4G LTE network. It is preferred because it has undergone more public scrutiny than other encryption options and it has undergone closed observation than other encryption algorithms [4]. EEA2 or EIA2 is used in LTE-SAE security. They are based on the Advanced Encryption Standard

1877-0509 © 2016 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.Org/licenses/by-nc-nd/4.0/).

Peer-review under responsibility of the Organizing Committee of ICCCV 2016 doi:10.1016/j.procs.2016.03.133

[7]. The 168-bit Digital Encryption Standard or the newest Advanced Encryption Standard is used in WiMAX standards because it specifies that, over-the-air transmissions should be encrypted [9]. Many researchers have taken an interest in the field of combining other encryption algorithms with AES. So, it can be considered as a motivational factor for further enhancement of AES.Currently there are three cipher suites in 3GPP UMTS systems; including a block cipher Kasumi and two stream ciphers SNOW 3G and ZUC. These cipher suites are also used in the 4G-LTE standard. But Kasumi is replaced by AES in 4G-LTE [2]. AES represents the current recommended standard by NIST for encryption.

Transport Layer Security (TLS) is used for data transmission here. Within TLS Advanced Encryption Standard (AES) is used for encryption. The goal is to develop an advanced encryption method which includes encryption of data, key exchange and message authentication. RSA is used for key exchange and SHA-256 for message authentication. The first implementation uses two chaos systems, to enhance the AES algorithm, which generate two keys. One is used as the encryption key, the other one as the controller key which controls the times of row-shift. The characteristics of chaos sequence make the space of key infinite. Then enhanced AES is used in Round structure The second implementation uses a dynamic S - box to enhance the AES algorithm. Then enhanced AES is used in Round structure where AES, S-box, changes in every round. So for n rounds S-box is generated n times for each block of data. The cipher key is used to convert the static S-box into the dynamic. The inverse S-box is also changed Analysis of the enhanced algorithms and overall system is done on the basis of : Encryption- Decryption time, Throughput-speed and Avalanche Effect.

A. Transport Layer Security

TLS is a protocol created to provide authentication, confidentiality and data integrity between two communicating applications. TLS is an IETF (Internet Engineering Task Force) standard for communicating e-mail securely. Many web browsers and server applications rely on secure SSL and TLS communications. SSL and TLS are frameworks that include cryptographic protocols which are intended to provide secure communications on the Internet.

B. Advance Encryption Standard

The Advanced Encryption Standard, acts on 128-bit blocks and can use a key of 128, 192 or 256 bits in length. For encryption, each round consists of four steps: Substitute bytes, Shift rows, Mix columns, and Add round key. For decryption, each round consists of : Inverse sub bytes, inverse shift rows, inverse mix columns and Add round key.

C. AES S-box

The Rijndael S-box is a matrix used in the Advanced Encryption Standard (AES) cryptographic algorithm which is a substitution box and acts as a lookup table. The S-box is generated by determining the multiplicative inverse for a given number in GF (28).

D. Binary Phase Shift Keying

Phase-shift keying is a digital modulation scheme that modulates the phase of a reference signal and BPSK is the simplest form of phase shift keying (PSK). It uses two phases which are separated by 180°.

E. AWGN Channel

AWGN is an Additive White Gaussian Noise channel and it adds Gaussian noise to the input signal. 2. Related work

In Paper [15], S-box is made key dependent without changing its value and without changing the inverse S-box. The algorithm ensures that no trapdoor was present in the cipher and expands the keyspace to slow down attacks. Paper [18] reviewed possible attacks on AES algorithm. The hybrid structure of AES-DES was proposed to overcome the weaknesses of the AES algorithm. This paper presented the design and implementation of a symmetrical hybrid based 128 bit key AES-DES algorithm as a security enhancement for live motion image transmission. The Feistel structure of AES and DES is used for the same. An Improved AES algorithm based on chaos by Yuan Kun, Zhang Han Li Zhaohui was published in 2009 International Conference on Multimedia Information Networking and Security. Razi Hosseinkhani and H. Haj Seyyed Javadi generated Dynamic S-Box uses cipher key in AES Cipher System in 2012. They changed static S-box into dynamic to increase the cryptographic strength of the AES cipher system. In paper [14] S-Box is generated dynamically from cipher key. In the paper [21], AES S-box is made key dependent to make AES stronger. Here, only the S-box is made key-dependent without changing the value.

proposed system increases complexity of the AES algorithm by using Round structure as well as enhancing AES algorithm by use of chaos and making S-box and inverse S-box dynamic.

3 Proposed system

To overcome drawbacks of other 3G/4G cipher algorithms, AES cipher algorithm is used. The shift row no in each round is made key dependant by the use of chaos and S-box and an inverse S - box of AES algorithm is improved by making it dynamic. The traditional AES algorithm uses 128 bit input data. There are certain attacks on the AES algorithm like linear, algebraic attacks and the objective is to increase the complexity. Hence, to increase the complexity, AES is integrated in Round structure which uses 256 bit input data. RSA is used for key exchange and SHA-256 for message authentication. To create a 4G simulation scenario, AWGN channel is used with BPSK for modulation and demodulation. A. Model development

256 bits key length and 256 bit input data is given to the enhanced AES system. The proposed system's encryption and decryption are the same as the traditional AES algorithm. The round function of the encryption process is also similar as the traditional Fiestal structure. The 256 bits key is divided into two parts 128 bits each. First part of 128 bits are given in the round structure and second part of 128 bits is given to AES algorithm. The various models for developing enhanced system are -

Figure 1: System Architectute

1) Generation of Control Key and Encryption key

There is an additional step of generating two keys shown in Fig 2. The control key is used to control controls the times of row-shift Encryption key is used as add round key.

2) Round structure with Control Key and Encryption key

The Round structure of AES is used as shown in Fig 3 Here the Input Data is split into two blocks of 128 bits each. One Block is given as Input to the AES section of the System. The other Block is given as Input to the AES section of system in the next round as per the Round structure. This is done for all ten rounds respectively. Outputs are combined together to form 256 bit block of encrypted data. Control Key and Encryption keyis applied to the Round structure of AES as shown in Fig. 3.

Fig 2 Generation of Control Key and Encryption key and Fig 3:Round structure with Control Key and Encryption key

3 Dynamic S-box Generation

Here S-box is made dynamic as shown in Fig 4. The hexadecimal digits of the key are XORed with each other and obtained number is used as the shift value. S-box is rotated by that shift value. The inverse S-box is also modified after S-box to obtain correct inverse values.

1) Fig 4 Dynamic S-box Generation Fig 5 Round structure with Dynamic S-box

4. Round structure with Dynamic S-box

The Round structure of AES is used as shown in Fig. 5. Here the Input Data is split into two blocks of 128 bits each. One Block is given as Input to the AES section of the System. The other Block is given as Input to the AES section of the System in the next round as per the Round structure. This is done for all ten rounds respectively. These outputs are then combined together to form 256 bit block of encrypted data. The dynamic S - box is applied to the Round structure of AES as shown in Fig. 5. In the round structure, AES is applied n times to the block of data, hence total n different S-boxes are created hence it is called dynamic S-box.

| Key fartj

Fig 6 Round structure with Dynamic S-box

4. Experimental Results - The performance evaluation of proposed algorithms has been done based on parameters: 1 Encryption and Decryption Time 2 Throughput 3 Avalanche Effect.

The algorithms used here are: 1 AES 2 AES in round structure (1 / 5 /10 rounds) 3 AES using chaos keys and dynamic S-Box 4 AES in round structure using chaos keys and and dynamic S-Box (1 /5 /10 rounds). Computer Configurations: Microsoft Windows 7, Intel i5 CPU M480 @ 2.50 GHz, 4 GB RAM, Matlab 2013a.

4.1 Results Based on Run Time(using chaos) -

Encryption and Decryption Time: The time required by the algorithm for processing completely a particular length of data is called the simulation time. It depends on the processor speed, complexity of the algorithm etc. The smallest value of simulation time is desired. It is calculated using a MATLAB function tic-toc. 4.1.1.For text file:"file1.txt" (2 KB), number of bits: 2048, key = helloworld2013.

Table 1 Comparison of AES algorithm and its variants based on run time using text file as input_

Sr Algorithm Block Size No of Blocks Encryption Time (sec) Decryption Time(sec) Throughput (kb/sec)

Encryption Decryption

1 AES 128 16 0.0280 0.0234 71.4286 85.4701

2 AES with Chaos key 128 16 0.0213 0.0345 93.8967 57.971

3 Round Structure (1 round) 256 8 0.0235 0.0228 53.3333 50.2513

4 Round structure Chaos key (1 round) 256 8 0.0345 0.0386 57.971 51.8135

5 Round structure (5 rounds) 256 8 0.1585 0.1982 12.6183 10.0908

6 Round structure chaos key (5 rounds) 256 8 0.2432 0.2654 8.22368 7.5358

7 Round structure (10 rounds) 256 8 0.5023 0.6401 3.98168 3.12451

8 Round structure (10 rounds ) 256 8 0.6721 0.5672 2.97575 3.52609

Following graph shows results from table1.The x-axis is the serial number of the algorithm and y-axis is time(sec)

Chart Title

Encryption Timet sec} ■ Decryption Timetsec) ■ Throughput (kb/sec) Encryption ■ Throughput (kb/sec) Decryption

Fig 7 Graph for the comparison of AES algorithm and its variants based on encryption time for text file

4.1.2. For Image file: "Tulips.jpg" (607 KB ): Number of bits: 621568,key = helloworld2013 In this algorithm, an image file is first converted into bits and then it is grouped in blocks each of 128 bits for AES and AES using chaos. For rest of the modules the block size is 256 bits.The comparison based on various modules on this image file on the basis of encryption and decryption time is shown in the following Table 2 Table 2

S no. Algorithm Block Size No of Blocks Encryption Time(sec) Decryption Time(sec) Throughput (kb/sec)

Encryption Decryption

1 AES 128 4856 0.5481 0.4739 1107.46 1280.86

2 AES with Chaos key 128 4856 0.4356 0.3452 1393.48 1758.4

3 Round Structure (1 round) 256 2428 0.5542 0.6902 927.851 879.455

4 Round structure with Chaos key (1 round) 256 4856 0.5289 0.4876 1147.66 1244.87

5 Round structure (5 rounds) 256 2428 0.8657 0.8765 701.167 692.527

6 Round structure with Chaos key (5 rounds) 256 4856 0.7612 0.7921 797.425 766.317

7 Round structure (10 rounds) 256 2428 0.9213 0.8934 658.852 1433.63

8 Round structure with Chaos key (10 rounds) 256 4856 0.8521 0.8325 712.358 729.129

2000 1800 1600 1400 1ZOO

II II II I il II

■ Encryption Time( sec)

■ Decryption Tim e{sec)

■ Throughput (kb/sec) Encryption

■Throughput (kb/sec) Decryption

Fig 8 Graph for the comparison of AES algorithm and its variants based on encryption time for image file

4.1.3 Avalanche Effect: A desirable property of any encryption algorithm is that a small change in either the plaintext or the key should produce a significant change in the cipher text. In, particular a change in one bit of the plaintext or one bit of the key should produce a change in many bits of the cipher texts [6].Avalanche Effect = number of flipped bits in cipher text / number of bits in cipher text.The following table contains result for all variants of AES. Size of input data: 256 bits

Table 3 Comparison of AES algorithm and its variants based on Avalanche effect for 256 bits

S.no Algorithm (for 25 <5 bite Avatancte Effect

input) lhit chanse in PT 1 bit dunge Ln ley

1 AES 102 10:

2 AES with Chaos key 113 1J:

3 Round Structure (1 rouud) 115 115

Round structure with 1«8 172

Chaos fey (1 round)

5 Round structure (5 rounds) 130 11:

Round structure with 177

Chaos key {5 rounds)

- Round structure (10 rounds) Round structure with 14J ISC L2S 190

Chaos tey (10 rounds)

zoo tao 1» L4Ù LIU LOO HI) M

■w 10 It

J 2 i ' h I t X

■Jiva anihe zttiect ( Dit^ 1 brcharigs in Jl ■ Avalancfe bttec: ,tjrta I bit change ir k^j

Figure 9: Graph shows results based on table 3 where x-axis is the serial number of the algorithm and the y-axis Avalanche Effect in bits. Results Based on Run Time (using Dynamic S-box).

4.2 Results Based on Run Time(using chaos) -

4.2.1 Encryption time on input text file, image, for text file, "plaintext.txt" of 82 bytes, and the number of bits is 656 and key is "feistel as key enhanced aes key". The results are tabulated as shown below.

Table 4 Comparison of AES algorithm and its variants based on run time and throughput using text file as input

Sr Algorithm Block size No of blocks encryption time decryption time Throughput

encryption decryption

1 AES 128 6 0.0024116 0.0029766 272.018 220.385

2 AES dynamic S-box 128 6 0.002466 0.0021623 266.017 303.38

3 Round struct (1 R) 256 3 0.0025691 0.004497 255.342 145.875

4 Round struct - dyn S-box-lR 256 3 0.0033981 0.005759 193.049 113.908

5 Round struct (5 R) 256 3 0.0058878 0.00677 111.416 97.113

6 Round struct - dyn S-box-5 R 256 3 0.007983 0.009715 82.174 67.524

7 Round struct (10 R) 256 3 0.0077133 0.009856 85.047 66.558

8 Round struct - dyn S-box-10R 256 3 0.0136177 0.014793 48.172 44.345

In the graphical representation of the result, x-axis is the serial number of the algorithm. The y-axis is runtime in sec

for 10 (a) and throughput in kb/sec for 10 (b).

0.01« 0.011 0.012 0.01

0.008 0.006 0.004 0.002

1 1

■ 1

■ 1 T

J. J J

1 1 1 1 1 1 1 1 1 1

decryption tinte

350 300 250

11 ■

encryption time ■ decryption time

Fig 10: Graph for comparison of AES algorithm and its variants based on (a) runtime and (b) throughput for text file 4.2.2. For Image file

File: "smiley.jpg",Size: 2.35 KB(19328 bits), Key: "feistel aes key enhanced aes key" Table 5 Comparison of AES algorithm and its variants based on run time using image file as input_

Algorithm

No of blocks

encryption time

decryption time

Throughput

encryption decryption

0.1318886

0.1427818

146.547

135.367

AES dynamic S-box

0.1358462

0.134691

142.278

143.498

Round struct (1 R)

0.1042963

0.1074271

185.318

179.917

Round struct with dyn S-box (1 R)

0.1479454

0.15862

130.642

121.85

Round struct (5 R)

0.3759754

0.3968638

51.407

48.701

Round struct with dyn S-box (5R )

0.7553122

0.73604

25.589

26.259

Round struct (10 R)

1.265548

1.292126

15.272

14.958

Round struct with dyn S-box (10 R)

1.327422

1.338974

14.434

■ encryption time

■ decryption time

■ encryption time

■ decryption time

(a)_ _ _ (b)

Fig 11 Comparison of AES algorithm and its variants based on (a) runtime and (b) throughput for image file 4.2.3 Avalanche Effect

The following table contains result for all variants of AES. Size of input data: 256 bits , Size of key for AES: 128 bits and size of key for Round structured AES: 256 bits Table 6 Comparison of AES algorithm and its variants based on Avalanche effect for 256 bits.

Avalanche Effect (bis) l&Q

Sr. Algorithm (fcr 25Ö bis input) 1 bit chao.ee in PT 1 bit change in kev 140

1 AES 66 135 120

1 AES T»ilh dynamic S-box 63 135

S AES in Round structure ( 1 Round) 134 135 100

in Round structure with 63 60 SO

d>namic S-box(l round)

5 AES in Round structure (5 Rounds) 122 120 oo

AES in Round structure with 142 40

dynamic S-box (5 roundel

7 AES in Round structure (10 Rounds) AES in Round structure with 132 104 129 142 70 <0

dynamic S-box (10 rounds)

■ Avalanche Effect (bit^ 1 bit change in FT ■ Avalanche Effect (bits) 1 bit change In key

Figure 12: Results based on Table 6 for Avalanche Effect in bits.

Conclusion:

This work presents a performance evaluation of selected symmetric encryption algorithms. Performance evaluation shows that time taken by enhanced AES with chaos and dynamic S-box is nearly same as traditional AES hence the enhanced AES is a good alternative to the traditional AES with more confusion. Integrating AES in round structure increases runtime for more no of rounds but complexity of encryption is also increased. Increasing complexity will make the system more attack resistant and the no of rounds in the round structure can be application specific where time may or may not be a constraint.

Thus the round structure gives a better non linearity to the traditional AES. A good encryption system must be extremely sensitive to the key of encryption, a small change of the key leads to great changes of the results. Here in the enhanced system one bit change in plaintext or key produces a change in significant bits of the cipher text. The next generation networks require high data transmission rate and the results show that data is encrypted in inacceptable time. The comparison of two techniques shows that result obtained for AES with dynamic S-BOX are more optimal and round structure with Dynamic S box seems to be faster than round structure with chaos where speed of around 2 Mbps is achieved which is compatible with the LTE network.

Future Scope:

The research work can be extended with the use of further enhancements on it. One enhancement is that it can make use of chaos and dynamic generation of S-boxes simultaneously. Another possibility of enhancement is that the combination AES can also be done with other existing algorithms like ECC etc. Also the system can be modified and run on high end configurations to obtain more speed and security in next generation 4G, 5G networks.

References

[1] Qing Xiuhua, Cheng Chuanhui, Wang Li, "A Study of Some Key Technologies of 4G System*", Industrial Electronics and Applications, 2008. ICIEA 2008. 3rd IEEE Conference.

[2] Xinxin Fan, Gaung Gong, "Specification of the stream cipher WG-16 based confidentiality and integrity algorithm", http://cacr.uwaterloo.ca/techreports/2013/cacr2013 -06.pdf

[3] Sasan Adibi, Amin Mobasher, Fourth-Generation Wireless Networks: Applications and Innovations, IGI Global, December 31, 2009

[4] The Verizon Wireless 4G LTE Network: Transforming Business with Next-Generation Technology, Verizon Wireless, http://business.verizonwireless.com/content /dam/b2b/resources/LTE_FutureMobileTech_WP.pdf

[5] Yu Zheng, Dake He, "AKA and Authorization Scheme For 4G Mobile Networks Based on Trusted Mobile Platform", ICICS 2005

[6] Anirudh Ramaswamy Ganesh, Naveen Manikandan P, Sethu S Pl, Sundararajan R, Pargunarajan K.," An Improved AES-ECC Hybrid Encryption Scheme for Secure Communication in Cooperative Diversity based Wireless Sensor networks", IEEE conference on Recent Trends in Information Technology (ICRTIT), 2011

[7] Anastasios N. Bikos, Nicolas Sklavos, "LTE/SAE Security Issues on 4G Wireless Networks", IEEE Security & Privacy, 2013

[8] Ghada Zaibi, Abdennaceur Kachouri, Fabrice Peyrard, Daniele Foumier-Prunaret, "On Dynamic chaotic S-BOX", IEEE 2009

[9] Mobile 4G: The Revolution Is Here Now., http://m2m.sprint.com/media/78386/4g_the_revolution_is_now.pdf

[10] Mahdi Aiash, Glenford Mapp and Aboubaker Lasebae, "Providing Security in 4G Systems: Unveiling the Challenges", IEEE 2010

[11]N. Seddigh, B. Nandy, R. Makkar, J.F. Beaumont, "Security Advances and Challenges in 4G Wireless Networks", IEEE 2010

[12] Yu Zheng, Dake He, Weichi Yu and Xiaohu Tang,"Trusted Computing-Based Security Architecture For 4G Mobile Networks", IEEE 2005

[13] Saif Al-alak, Zuriati Ahmed, Azizol Abdullah and Shamala Subramiam "AES and ECC Mixed for ZigBee Wireless Sensor Security", World Academy of Science, Engineering and Technology 2011

[14] Razi Hosseinkhani, H. Haj Seyyed Javadi, "Using Cipher Key to Generate Dynamic S-Box in AES Cipher System", International Journal of Computer Science and Security (IJCSS), Volume (6) : Issue (1) : 2012

[15] Krishnamurthy G N, V Ramaswamy," Making AES Stronger: AES with Key Dependent S-Box", IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.9, September 2008

[16] Kazys KAZLAUSKAS, Jaunius KAZLAUSKAS, "Key-Dependent S-Box Generation in AES Block Cipher System", INFORMATICA, 2009, Vol. 20, No. 1, 23-34, 2009

[17] Shirbhate D.D. , Kale A.R., "Providing Security Challenges In 4g Systems", Bioinfo Security Informatics Volume 2, Issue 1, 2012

[18] M.B. Vishnu, S.K. Tiong, M. Zaini, S.P. Koh, "Security Enhancement of Digital Motion Image Transmission Using Hybrid AES-DES Algorithm", APCC 2008

[19] M.Kaleem Iqbal, M.Bilal Iqbal, Iftikhar Rasheed, Abdullah Sandhu, "4G Evolution and Multiplexing Techniques with solution to implementation challenges", International Conference on Cyber-Enabled Distributed Computing and Knowledge Discover, 2012

[20] Shabaan Sahmoud, Wisam Elmasry and Shadi Abdulfa, "Enhancement the security of AES against modern attacks by using variable key block cipher", International Arab Journel of e-technology, Vol 3,No. 1, January 2013

[21] Julia Juremi, Ramlan Mahmod, Salasiah Sulaiman, "A Proposal for Improving AES S-box with Rotation and Key-dependent", Cyber Warfare and Digital Forensic (CyberSec) international conference, 2012

[22] What are 1G, 2G, 3G and 4G networks ? http://www.speedguide.net/faq_in_q.php?qid=365

[23] Manuel Mogollon, Cryptography and Security Services: Mechanisms and applications, IGI Global, January 31, 2008

[24] Jivesh Govil, Jivika Govil "4G : Functionalities Development And An Analysis Of Mobile Wireless Grid" First International Conference on Emerging Trends in Engineering and Technology, ICETET.2008 IEEE 2008