An Improved Genetic Algorithm for Developing Deterministic OTP Key Generator

Recently, a genetic-based random key generator (GRKG) for the one-time pad (OTP) cryptosystem has been proposed in the literature which has certain limitations. In this paper, two main characteristics (speed and randomness) of the GRKG method are significantly improved by presenting the IGRKG method (improved genetic-based random key generator method). The proposed IGRKG method generates an initial pad by using linear congruential generator (LCG) and improves the randomness of the initial pad using genetic algorithm. There are three reasons behind the use of LCG: it is easy to implement, it can run efficiently on computer hardware, and it has good statistical properties. The experimental results show the superiority of the IGRKG over GRKG in terms of speed and randomness. Hereby we would like to mention that no prior experimental work has been presented in the literature which is directly related to the OTP key generation using evolutionary algorithms.Therefore, this work can be considered as a guideline for future research.


Introduction
Recent years have witnessed use of information in many areas including financial accounts, military and political.Security of this information in both storage and transit is crucial as it may be compromised resulting in financial loss, disclosure of military or commercial secrets, and even the loss of life.Cryptography is one set of techniques for providing information security.Historically, cryptography is commonly connected with surveillance, warfare, and the similar applications.However, with the advent of information civilization and digital revolution, cryptography is also useful in the peaceful lives of common people, for example, when buying something over the Internet through credit card, withdrawing money from the ATM machines using smartcards, and locking and unlocking luxury cars.
Cryptography is related to the design of cryptosystems.Cryptosystems have two divisions: symmetric key and asymmetric key.In the case of symmetric-key cryptosystem, encryption function takes a text message (plaintext) as input and transforms it into an unreadable text (ciphertext) with the use of a secret key [1].The decryption function converts the ciphertext back to the plaintext using the same secret key.If any flaws or oversights exist in the cryptosystem, it can be exploited by the attacker [1].The attacker can recover the plaintext from the ciphertext without knowing the secret key because of openness of cryptographic algorithms and the encrypted data transfers via the insecure public communication channel.For this reason, sensitive applications, for example, financial domain, demand perfect security that can only be achieved by one-time pad (OTP) symmetric-key cryptosystems in which the key used for encryption once is never used anymore at any time [1].For achieving perfect security, an obvious choice is random generation of the key via truly random sources.However, this choice is inefficient (generation of truly random numbers from hardware-based physical phenomena, for example, elapsed time between emissions of particles during radioactive decay; thermal noise from a semiconductor diode or resistors; sound from a microphone or video input from a camera, and so on; and generation of truly random numbers from software-based process, for example, the system clock; elapsed time between keystrokes or mouse movement; and operating system values such as system load and network statistics are impractical choices for practical cryptographic applications, i.e., large sized keys for each encryption [1]).Therefore, for sensitive applications pseudorandom generation of the key is the only option to make the scheme practical.Recent years have witnessed large use of computationally secure OTP all over the world, typically during financial transactions.Hereinafter OTP key means computationally secure pseudorandom key and original OTP key means truly random key.In this work, we present a genetic-based scheme for automatically generating OTP keys.

Related Work and Our Contributions
Several things in the world are naturally encoded, for example, genomes of animals [2].This motivates us to utilize (genotype) genetic algorithms in development of deterministic scheme that can generate the OTP keys rapidly.In 2013, Sokouti et al. [3] have demonstrated a significant use of genetic algorithm for automatically generating OTP keys.They have proposed and compared two genetic-based OTP key generators, namely, 10P-GRKG and the GRKG.The comparison results in [3] show that the GRKG method is much better than the 10P-GRKG method in terms of speed and randomness.However, it is observed that the GRKG method has certain limitations which needs improvements.In this paper, we propose an improved genetic-based random key generator (IGRKG).As compared to GRKG, the proposed IGRKG generator generates the OTP key rapidly and the degree of randomness of the generated keys is better.In the literature, a prior attempt in OTP key generation using evolutionary technique has been addressed only in [3].Therefore, this paper can present a detailed comparison between GRKG and IGRKG generators.We also compare the Diehard scores of GRKG and IGRKG with some existing pseudorandom number generators.It is important to note that, except GRKG and IGRKG generators, the other pseudorandom generators have not been developed to generate OTP key.
It should be noted that speed and randomness are the main objectives of a designer behind the design of a pseudorandom key generator.For achieving these objectives the following novelties and modifications are introduced which are our major contributions: (1) Unlike GRKG we use a comparatively short secret key.
(2) Unlike  parameter employed in GRKG, a new  variable is proposed, where the essence of the parameter is the minimum generations in which the initial pad is obscured almost entirely.
(3) For determination of the crossover point, rather than using modular arithmetic over addition, we introduce a new approach of modular arithmetic over subtraction.The advantage of this approach is that it improves the randomness of the pad and makes the scheme faster.
(4) For evolving existing generation, a new and efficient approach is introduced that updates two variables  1 and  2 .These variables are employed in Algorithm 1, Steps ( 6)-( 14), to decide crossover and mutation points.This idea increases the randomness of the existing pad and evolves the obscure final pad rapidly.
(5) For increasing the speed of encryption and decryption, a more efficient encryption and decryption function is suggested.
Figure 1 shows the block diagram of the proposed work.
Figure 1 shows that four integer values are taken as input corresponding to the short secret key:  −1 , , , and .It should be noted that the values of these parameters are taken only once in the presence of both the sender and receiver.Also, all the values must be "truly random" which is referred to as seed.This seed must be generated from the truly random sources, because it is utilized by GA techniques in order to generate larger sized keys.As shown in Figure 1, the seed is first processed by one of the existing statistical sound generators, namely, LCG.Through feedback mechanisms, the initial pad equal to the size of the plaintext is generated.That is,  −1 is used to generate  0 ,  0 is used to generate  1 , and so on, where for each computation the remaining secret key parameters, that is, the multiplier , the increment , and the modulus , remain unchanged.The initial pad  = ( 0 ,  1 , . . .,   ) is then converted into a population of individuals  = ( 0 ,  1 , . . .,   ), where Popu 0 is a binary equivalent of integer  0 ,  1 is a binary equivalent of integer  1 , and so on.Afterward, the population is evolved by three evolutionary operators: selection, crossover, and mutation (all these operators have been discussed in detail  (19) Set , where  point denotes the starting bit position of the chosen chromosomes to be reproduced.Here   = 8, since a maximum integer value equivalent to its binary representation could be 255 (i.e., 2 8 − 1).(24) Perform single point crossover between pairs of selected chromosomes.That is between Popu 1 ℎ and Popu 2 ℎ with probability   , where the starting point for mating is denoted by  point .(25) end for (26) Set  2 ←  1 Remark 5: Select an individual from the mated population and perform a single bit complement mutation for each of the following iteration, where the new population was generated in the previous steps ( 18)-( 25).( 27) for  from 1 to  do (28) Compute  2 ← ( 2 + ) mod () (29) Set ℎ ←  2 (mod)  (30) Set  point ←  ℎ (mod)   , where  point denotes the position of a bit of the selected chromosome, Popu ℎ .(31) Change a bit of Popu ℎ located at position  point .(32) end for (33) in Sections 5.1, 5.2, and 6).The probability of crossover and mutation is controlled by a common probability parameter  c .However, for each instance of the problem, the rate of mating and mutation may be different; we determine these rates by a deterministic mathematical procedure (for details, see Algorithm 1, Steps (6) to (14)).The selection of individuals for mating, crossover point  point , choice of genes for mutation, and mutation point  point are also controlled by a deterministic mathematical procedure (see Algorithm 1, Steps (19) to (23) and (28) to (30)).Finally, we get an obscure final pad  = ( 0 ,  1 , . . .,   ), where   is an integer equivalent of the corresponding binary individual.The number of generations is controlled by a parameter, namely,  (for details about this parameter, see Section 5.2, Step (2)).

Advantages of IGRKG over GRKG.
(1) IGRKG generator is much faster than the GRKG generator; for instance, in generating large sized secure pad (e.g.,  = 1000), the average time taken by the IGRKG generator is about 2.432 seconds, while the GRKG generator takes 9.747 seconds (for details, see Section 6.4).These results indicate that the IGRKG generator is four times faster than the GRKG generator.Consequently, in the case of exchange of a significant number of encrypted messages, the OTP-IGRKG system will outperform the OTP-GRKG system.(2) In terms of randomness, the quality of the IGRKG generator is significantly better than the GRKG generator (see statistical and randomness testing results in Section 6.5).
We organize the remainder of the paper as follows: in Section 3, we present some of the previous valuable research work in the field of cryptology where the genetic algorithm has been utilized.In Section 4, we present basics of the onetime pad and associated challenges.In Section 5, we propose the IGRKG method followed by comparison with previously proposed Sokouti et al.GRKG method.In Section 6, statistical testing and cryptanalysis results are discussed followed by conclusion in Section 7.

Genetic Algorithm
The origin of evolutionary algorithms (EAs) is an attempt to mimic some of the process taking place in natural evolution.Although the details of biological evolution are not completely understood (even nowadays), there exist some points supported by strong experimental evidence [5].Genetic algorithm (GA) is one of the most popular EA techniques that has emerged based on the concept of imitating the evolution of a species [6].In the case of GA, a population of individuals (or chromosomes) is generated using an intelligent method or a random method [6][7][8].Each of these individuals is encoded as a binary string that represents a possible candidate solution to the problem at hand.In each iteration, the survival strength of each candidate solution is measured by a fitness function [6][7][8][9].Afterward, the evolutionary process is constrained by three genetic operators: selection, crossover, and mutation.Through selection procedure, individuals are selected that enter into the crossover process.The crossover operator alters two or more parents to create offspring, where a probabilistic crossover rate is usually used to generate offspring [7,8,10].Mutation operator produces one child from one parent by flipping a bit (s) of the parent.A probabilistic mutation rate is usually used to determine whether a particular change occurred or not within an individual [7,8,10].
There are some important characteristics of crossover and mutation operators that are not captured by the other.Błażej et al. [11] mentioned that it has never been theoretically shown that mutation is in some sense less powerful than the crossover and vice versa.Mutation serves to create random diversity in the population while crossover serves as an accelerator that promotes emergent behavior from components [11,12].The metaissue, then, is the relative importance of diversity and construction.It is impossible for mutation to simultaneously achieve high levels of construction and survival [11,12].This would appear to be important since one without the other may not be extremely useful.High construction levels are accomplished at the expense of survival (e.g., mutation rate 0.5), while good survival is at the expense of construction (e.g., mutation rate 0.01) [11,12].In our study, we get the highly constructive results with 0.25 to 0.3 mutation rates.That is, 25% to 30% parents are affected in our study by mutation operation (see Section 5.1 for details).GA parameters can be controlled in three different ways: deterministic [13,14], adaptive [13][14][15], and self-adaptive [13,14,16].The deterministic parameter control technique takes place when the value of strategy parameters (e.g.,  and  in our study) is altered by some deterministic rule.This rule modifies the strategy parameters deterministically without using any feedback from the search [13,14,17].
Applications of GAs in Cryptographic Applications.GAs have been applied successfully to solve real-world optimization and search problems [9].These techniques have also shown good potential in the domain of cryptology.Here we mention some of the good works that have been carried out in the last decade.An interesting work in the domain of cryptographic protocol design has been carried out by Park and Hong [18] and Zarza et al. [19] in 2005 and 2006, respectively.Wang et al. (2012) [20] have proposed a novel method based on the genetic algorithm and chaotic map for designing substitution boxes (S-boxes).Jhajharia et al. (2013) [21] have utilized GAs for cryptographic key generation.Jain and Chaudhari (2014) [22] have proposed an improved GA method to attack the knapsack based cryptosystems.Faraoun (2014) [23] has proposed a block cipher design using GA and cellular automata.Recently, GA and CGP techniques have been utilized in [24] for determining strong cryptographic Boolean functions.Jain and Chaudhari (2015) [25] have proposed improved GA for automated cryptanalysis of the substitution ciphers.In [3] Sokouti et al. ( 2013) have proposed a GA technique for automatically generating OTP keys that we improve in this paper.

One-Time Pad Cryptosystems
One-time pad cryptosystems are based on the concept of stream cipher.In stream cipher, a short secret key is used to generate a keystream (i.e., a string of bits) [1].The keystream bits are XORed with the plaintext bits in the usual way to produce the ciphertext [1].At the receiver end, the ciphertext is XORed with keystream to get the original plaintext [1].However, in stream cipher, a keystream is generated from a short secret key [1].Therefore, these ciphers can be compromised if not used carefully.The advantage of stream ciphers is that they are much faster in hardware and therefore mostly employed in resource-constrained devices.However, the original OTP is used in those applications where the primary objective is perfect security rather than speed [1].The conventional OTP cryptosystem combines a plaintext sized key with the given plaintext code as modulo addition "26" and thereby generates the ciphertext.An example is shown in Table 1.The fact is that the plaintext message can consist of not only English alphabet, but also ASCII characters.Therefore, in this paper we consider that the encryption and decryption of plaintext will be done on "modulo 256" rather than "modulo 26."As a result, each plaintext character will

Genetic Algorithm for Generating OTP Keys
There are two main challenges for developing original OTP cryptosystem: (1) The OTP cryptosystem must generate a key of length equal to the length of the plaintext.(2) The key should be truly random for achieving perfect security.Plaintexts are variable sized and often their size is large.Therefore, it is impossible to generate a truly random key of the size of the plaintext.An efficient option for solving this kind of problem is the utilization of pseudorandom key [1].However, it is not trivial to generate pseudorandom key equal to the length of the plaintext.In this context, Sokouti et al. (2013) [3] have proposed the GRKG method.GRKG generator accepts a fixed size short secret key as an initial key and thereby generates the pseudorandom key .Here, we point out each time a different key  ( ∈ ) is generated.
We have two popular pseudorandom generator choices as a base generator: LCG and Mersenne Twister, because of the good statistical properties [26].However, for cryptographic security only the use of a statistical sound generator is not sufficient.Therefore, we can employ either LCG or Mersenne Twister for generating initial pad and then genetic algorithm is used to improve the randomness of the initial pad.As a result, an obscure and appropriate OTP key is generated.In this research, we have decided to use LCG method because it is easy to implement and runs efficiently on computer hardware [26].Most importantly, its use allows us to give a fair comparison between two methods, GRKG and IGRKG, since LCG has also been employed in the GRKG method.

IGRKG:
The Proposed Method.Consider initial key  = { −1 , , , ,   , } which consists of LCG and GA parameters, and the details are as follows.

Parameters Related to GA
: combine probability of crossover and mutation : number of selections of chromosome pairs for crossover : number of selections of chromosomes for mutation : minimum number of iterations to generate a sufficient secure OTP key ( Algorithm 1 (Description).Pseudocode for the proposed IGRKG method is shown in Algorithm 1. Input to the algorithm is , where  is a secret key decided by communicating parties once.Using first four  elements,  −1 , , , and , the initial pad  = { 0 ,  1 , . . .,   } is generated via LCG method, where  =  − 1 and  is the size of the plaintext.The initial pad is then converted into its equivalent binary representation (see Remark 1).
GA Operators.The binary initial pad which is generated by LCG method is modified by applying selection, crossover, and mutation that are deterministically [14] controlled.That is, crossover and mutation will be not performed at random positions of individuals; rather positions are determined Fine-Tuning of Crossover and Mutation.We have tested certain type of mutation and crossover operators, but the best results have been obtained using simple mutation (which flips a selected bit) and single point crossover.In the literature it has also been shown that, among all the crossover operators, the most successful one is single point crossover [27].A deterministic procedure is developed for deciding crossover and mutation points (see Steps (23) and (30), resp.).The number of chromosomes mutated is defined as fixed percentage of the total number of chromosomes (see Steps (10)-( 12)).
Finding best combination of crossover rate and mutation rate is an important step in GA.In [28,29], it is investigated that generally low mutation rates (0.01 to 0.1) and comparatively high crossover rates (0.5 to 0.7) perform very well.However, in [8], it is mentioned that the modern view of EAs admits that specific problem types require specific EA setups.Therefore, different crossover and mutation rates have been experimented to investigate their capability to find good solutions (the conditional optimal values of crossover and mutation rates are shown in Table 2).Note that there is no prior experimental work of this kind, so this work should be considered as a guideline for future research.
Use of  1 and  2 Variables.For the initialization of  1 , we use the last element   of the initial pad only once (see Step (15)).That is, in the evolutionary process, we will never use   again due to security reasons, but the GRKG method uses   more than once, which is one of the drawbacks of the GRKG method (see Table 3, Steps ( 6) and ( 7)).Steps (19) and (21) show that an integer variable  1 is used to select a chromosome pair for mating, where each time possibly a different chromosome pair is mated (see Steps (23) and ( 24)).
In each iteration the mating operation is performed "" times (see Remark 4 and Step (18)).
Step (29) shows that another integer variable  2 is used to select an individual for mutation, where each time possibly a different individual is mutated (see Steps (30) and (31)).For each iteration the mutation operation is performed "" times (see Step (27)).By repetitive applications of mating and mutation, a new population is generated.During evolution of the population through crossover, variable  1 is itself updated (see Steps (20) and ( 22)).Similarly, during evolution of the population through mutation, variable  2 is itself updated (see Steps (28) and (35)).In both cases, the LCG method is used.In each iteration, after crossover and mutation,  2 and  1 are assigned the updated value of  1 and  2 , respectively (see Steps (26) and (34)).This strategy has been introduced in this research for the purpose of generating robust and secure OTP key (for detailed information, see Section 5.2, Step (3)).
Use of  Variable.Until the termination condition is not satisfied, the new population is fed back in the evolutionary process. is an integer variable that indicates the minimum number of generations till the pad is entered in the evolutionary process (see Section 5.2, Step (2)).

Comparison between GRKG and IGRKG Generators.
In this section, we compare the proposed IGRKG method with Sokouti et al. 's GRKG method [3].A table of comparison based on the features of both the generators is shown in Table 3.In this table, we have underlined the values of IGRKG features that are different form their GRKG counterparts.A detailed list of proposed improvements is as follows: (1) Rather than the secret key of size "seven," IGRKG uses a short secret key of size "six."This is possible because the crossover and mutation probabilities have been combined in a single parameter   .However, the algorithm is designed in such a way that the same (3) For evolving the existing generation, a different approach is proposed which is based on the effective updates of  1 and  2 .In the GRKG method, the Complexity same initial value (i.e., PGU( 1 )) is used for evolving current generation (see Table 3: Column 2, Steps (10) and ( 11)).The limitation of this approach is that the  number of individuals that were improved by crossover is once again selected for mutation.Due to this reason, the GRKG method requires a large number of generations for evolving the remaining individuals.This limitation is resolved by assigning the updated value of  2 to  1 and by assigning updated value of  1 to  2 (i.e.,  1 ← PGU( 2 ) and  2 ← CGU( 1 ), see Table 3, Column 3, Steps (10) and (11), resp.).This phenomenon gives the chance to remaining individuals that were not improved by crossover, that is, improvement in the same current generation through mutation.The main benefit of this approach is that there is a high probability of selection of chromosomes for mating that were not selected in mutation and vice versa.This idea increases randomness of the pad with the increase in iteration.That is, due to this strategy the IGRKG method produces the more randomized pad in less number of iterations as compared to the GRKG method.
(4) In order to determine crossover points, GRKG method uses modular arithmetic over addition.This approach makes the GRKG scheme conceptually weak.The fact is that the sum of two chromosome values (i.e., sum of integers) before and after crossover will always be the same.That is, if two chromosomes  and  are mated and converted into   and   , respectively, whenever in the next generation   and   are selected for crossover, the result will be the original chromosomes, that is, again  and  (see Table 3, Step (13)).Clearly, this phenomenon is a big obstacle in increasing randomness of the input pad.
In this paper, we resolve this weakness by suggesting the use of modular arithmetic over subtraction rather than addition.Due to this strategy, even though the same pair will be selected in the next generation, the different crossover points will be selected because the subtraction of two chromosome values before and after crossover operation is different.This approach improves the practical efficiency of the generator.
(5) We have critically examined that the encryption and decryption functions suggested by Sokouti et al. [3] are not appropriate for use in cryptography.The design of encryption and decryption functions is not a part of the OTP key generator.However, as a complete OTP scheme, we advise simple encryption and decryption functions that are often used in stream ciphers (see Table 3, Steps ( 17) and ( 18)).

Results
For the purpose of comparison between GRKG and IGRKG generators in terms of speed, we have implemented both generators in Java 2.0 with Intel Quad-Core processor i7 (@3.40 Ghz).We present the results of both the generators on the text "cryptology."The size of plaintext "cryptology" is 10; that is,  = 10.Consider   =   =   = 0.2.That is, in each iteration "two pair ( ← ⌈0.2 * 10⌉ = 2)" of chromosomes and "two ( ← ⌈(0.2 * 10)⌉ = 2)" chromosomes will be affected by the crossover and mutation, respectively.Note that this example has been considered by Sokouti et al. [3] in their work.Therefore, for a fair comparison between GRKG and IGRKG generators, we demonstrate our work on the same example.4 also shows the recomputation (Re) phase which is one of the limitations of the GRKG method, where recomputation appeared due to the selection of the same chromosome again (i.e., 8th one).Similarly, during the mutation operation, if the same chromosome is selected again, then the GRKG method performs the recomputation.Here  (12,43,238,21,51,15,246,33,28,187)} Performance time: 1.918 msec.
we emphasize that this phenomenon needs improvement because, in the case of large sized plaintext, the efficiency of the scheme will degrade.This paper resolves this issue by removing recomputation phase and keeping updating the resulting pad through crossover, where the crossover is performed using modular subtraction rather than modular addition.

Results
Obtained Using the IGRKG Method.In this section, we determine the OTP key from the initial pad using the IGRKG generator, where the initial pad is equal to {52, 11, 62, 61, 56, 31, 162, 49, 252, 243}.Table 5 shows the working of the IGRKG method.Initially  1 = 243, that is, the last element of the initial pad.

Discussion on the Speed of GRKG and IGRKG Generators.
It is observed from Tables 4 and 5 that the OTP key is generated by GRKG and IGRKG in "nine" and "seven" iterations, respectively.That is, the IGRKG method obscures the initial pad in less number of generations than the GRKG method.In other words, if we run the IGRKG generator for two more generations, it will result in the enhancement of the randomness.As evident from the results, the relative time performance of the IGRKG method is significantly better than the GRKG method.The time taken by the GRKG method and the IGRKG method for the above-solved instance is 1.918 and 0.743 milliseconds, respectively.For an accurate comparison between the speeds, we have tested both the generators on the large data set.
We have taken  = 256 and   =   =   = 0.2 so that  =  = 2 and  =  = 1000.Afterward, both the generators have been run 100 times for the plaintext of length of 1000 characters along with various settings of ( −1 , , ).We have examined that the average time taken by the IGRKG method for 1000 generation is 2.432 seconds, while the GRKG method takes 9.747 seconds.This result indicates that the IGRKG generator is approximately four times faster than the GRKG generator.

Statistical Results
. This section presents some statistical tests to analyze the security of GRKG and IGRKG generators that are purported to be random bit generators.A random bit generator is a device or algorithm which outputs a sequence of statistically independent and unbiased binary digits.According to [1], it is impossible to give a mathematical proof that a generator is a random bit generator; the tests described here help to detect certain kinds of weaknesses the generators may have.From both the generators, we take a sample output binary sequence  of length  = 20000 bits and subject it to four statistical tests designated as  1 ,  2 ,  3 , and  4 .The conclusion of each test is not definite but rather probabilistic.If the sequence passes all of the statistical tests, the generator is "not rejected" [1].Here, we emphasize that normal and  2 distribution (goodness of fit test) tests can be used to compare the observed frequencies of a sequence to their expected frequencies under a hypothesized distribution.The  2 distribution with V degrees of freedom arises in practice when the squares of V independent random variables having standard normal distributions are summed.For detailed information on normal and  2 distributions, we refer readers to [1].In the following sections, we present the formal definition of each of the four statistical tests and the results of statistical testing on the output sequence .

Frequency Test.
The objective of this test is to examine whether the numbers of 0s and 1s in  are approximately the same, as would be expected for a random sequence.Let  0 ,  1 denote the number of 0s and 1s in , respectively.We use these statistics as [1]: which approximately follows an  2 distribution with 1 degree of freedom.

Serial Test.
The objective of this test is to examine whether the numbers of occurrences of 00, 01, 10, and 11 as subsequences of  are approximately the same, as would be expected for a random sequence.Let  0 ,  1 denote the number of 0s and 1s in , respectively, and let  00 ,  01 ,  10 , and  11 denote the number of occurrences of 00, 01, 10, and 11 in , respectively, where  00 +  01 +  10 +  11 =  − 1, since the subsequences are allowed to overlap.We use these statistics as [1]: which approximately follows an  2 distribution with 2 degrees of freedom.

Autocorrelation Test.
The purpose of this test is to check for correlations between the sequence  and (noncyclic) shifted versions of it.Let  be a fixed integer, 1 ≤  ≤ ⌊/2⌋.The number of bits in  not equal to their -shifts is () = ∑ −−1 =0   ⊕  + .We use these statistics as [1]: which approximately follows a normal distribution with mean of zero and standard deviation of 1 if  −  ≥ 10.

Poker Test.
Let  be a positive integer such that ⌊/⌋ ≥ 5 ⋅ (2  ), and let  = ⌊/⌋.Divide the sequence  into  nonoverlapping parts each of length , and let   be the number of occurrences of the th type of sequence of length , 1 ≤  ≤ 2  .The poker test determines whether the sequences of length  each appear approximately the same number of times in , as would be expected for a random sequence.We use these statistics as [1], which approximately follows an  2 distribution with 2  − 1 degrees of freedom: For a significance level of  = 0.05, threshold value for  1 = 3.8415,  2 = 5.9915,  3 = 1.6449 and  4 value is different for different degree of freedom which is computed using different size subsequences (see Table 10).
The calculated   (1 ≤  ≤ 4) results clearly indicate that the statistical results obtained via the IGRKG generator are consistently superior to the GRKG generator (see Tables 7-10).
In addition to the above-discussed statistical tests, we have tested large output sequence  of both the generators on the more stringent batteries of statistical test: Diehard, NST, and "ENT" [30].For this purpose, we have generated two separate files of 250 MB corresponding to the output of each of the generators over a low entropy input, and then each file was analyzed with each of the batteries.Note that 250 MB data is a vast binary sequence  generated by using input parameters  1 to  4 .Table 11 shows the results of the ENT test.As evident from the ENT results, the output of the GRKG and the IGRKG generators successfully passes all the tests.However, it is clear from the results that the ENT test results are superior in the case of the proposed IGRKG scheme.Diehard results are shown in Table 12.The tests are treated as successful if  value is greater than 0.05.IGRKG passes all the tests with significantly better results than GRKG.It is important to note that GRKG has failed in monkey test OPSO and overlapping sums test.
In the case of NIST test, 100  values have been evaluated for each test; the proportion of successful results are presented in Table 13.The tests are treated as successful if  value is greater than 0.959 (except discrete Fourier transformation and binary matrix ranks 6 * 8 tests).In these two tests the  value should be in between 0.051 and 0.990 for success [31].Results presented in Table 13 show that the IGRKG generator passes all the tests; however, the GRKG generator has failed in longest-run test and binary matrix ranks 31 * 31 and 32 * 32 tests.
For the comparison purpose, Johnson's scoring method [39] is used.We have generated 50 different 10 MB files from GRKG and IGRKG using the same method as mentioned in Table 6, and then scores have been assigned using results of the Diehard tests.The score corresponding to different generators has been taken from [31]  represent the behavior of the algorithm for first three (0 to 2), second three (3 to 5), and the last three (6 to 8) generations, respectively, where 0th generation indicates the initial pad status and 8th generation represents the final pad status.The 1st and 2nd generations pad status can be seen in Figure 2(a) which are (37,52,115,94,209,192,199,134,61,44) and (37,52,91,126,209,192,199,198,61,44), respectively.The 3rd, 4th, and 5th generations pad status can been seen in Figure 2(b) which are (37,52,195,126,209,193,71,94,61,44), (37,52,203,126,209,195,71,94,61,44), and (37,52,195,126,209,195,47,94,61,65), respectively.The 6th, 7th, and 8th generations pad status can been seen in Figure 2  0.373 6.7.Basic Cryptanalysis of GRKG and IGRKG.This section discusses resistance results against some of the basic cryptanalytic attacks that are as follows: (1) Input-Based Attack.In order to distinguish between random outputs and GRKG or IGRKG outputs, if it is possible to use control or knowledge of the generator, then we say that the generator is not resistant to inputbased attack.
(    A binary sequence  of size 20000 bits is generated individually from both the GRKG and the IGRKG generators corresponding to four different input  parameters that have been mentioned in Table 6.Afterward, cryptanalysis against all the above-mentioned attacks has been performed.The cryptanalytic results have been mentioned in Table 15.Results obtained indicate that the IGRKG method is resistant to all the attacks; however, the GRKG method is not resistant to backtracking, iterative guessing, and meet-in-middle attacks.

Conclusion and Avenues for Future Research
This paper has presented an improved and efficient geneticbased OTP key generator.The proposed method is a significant improvement in the GRKG method.The proposed IGRKG generator has successfully passed the simple statistical tests such as frequency, serial, autocorrelation, and poker
Generate an initial population Popu of size , where th chromosome is represented as binary string equivalent to   .Here the initial vector  =  0 ,  1 , . . .,   is computed via LCG equation, where  =  − 1. Select a pair of chromosome and determine a point of crossover.Repeat the process till counter reached .

Table 2 :
Genetic parameters for the IGRKG method.
(14)ding Values of  and .If the initial pad length  < 10, then selection of one pair of chromosomes (i.e.,  = 1) and a single chromosome (i.e.,  = 1) is sufficient for reproduction and mutation, respectively (see Remark 2).However, for the initial pad of size  ≥ 10,  and  are determined deterministically by utilizing   and  (see Steps(7)to(14)).  is a common probability parameter for crossover and mutation.

Table 6 :
Parameter values corresponding to ( −1 , , , ,   , ) for generating four different 20000-bit binary sequences to be tested for examining randomness property of two generators: GRKG and IGRKG.For an initial value of , 2000 bits are generated and then we increment  by one, for the incremented value again 2000 bits are generated, and so on.For instance, in the case of  1 the last parameter is incremented up to 10 with step size +1, so that the last value will be 59.In this way, 20000 bits are generated, that is, a concatenation of 2000 bits ten times, where for each  a different 20000-bit-long sequence is generated.

Table 7 :
1 values for a binary sequence  of size  = 20000, where  is generated individually from both the GRKG and the IGRKG generators corresponding to four different input  parameters that have been mentioned in Table6.

Table 8 :
2 values for a binary sequence  of size  = 20000, where  is generated individually from both the GRKG and the IGRKG generators corresponding to four different input  parameters that have been mentioned in Table6.
. Since Diehard tests produce one or more  values, categorizing them as rejected, suspect, or good, a  value is called rejected if  ≥ 0.998 and suspect if 0.95 ≤  < 0.998; all other  values are considered to be good.Two points, one point, and zero points have been assigned for rejection, suspect, and good, respectively.Finally, the addition of these points produces a global Diehard score for each generator.The average has been taken over the 50 evaluations in the case of GRKG and IGRKG generators.In Table14, low scores indicate good quality generators.From Table14, it can be noted that the IGRKG generator is comparatively better than Lamar and significantly superior to the rest of the generators.

Table 9 :
3 values for a binary sequence  of size  = 20000, where  is generated individually from both the GRKG and the IGRKG generators corresponding to four different input  parameters that have been mentioned in Table6.

Table 10 :
1 values for a binary sequence  of size  = 20000, where  is generated individually from both the GRKG and the IGRKG generators corresponding to four different input  parameters that have been mentioned in Table6.

Table 11 :
Results obtained by ENT batteries of statistical test (GRKG versus IGRKG).
) State Compromise Extension Attack.Assuming that a state 1 has been recovered by the adversary through successful efforts (e.g., due to inadvertent leak, a cryptanalytic success, etc.), an attack which tries to extend the advantage of state 1 is called state compromise extension (SCE) attack.SCE attack succeeds when the attacker is able to distinguish between random outputs and generator outputs before 1 was compromised.Due to insufficient starting entropy the generator can be started from an insecure guessable state; at that time there is a highest probability of SCE attack to work.SCE attack can also work when 1 has been compromised by any of the attacks mentioned below.(a)Backtracking Attack.In order to acquire previous generator values, the backtracking attack uses the compromise of the state 1 at time .(b) Permanent Compromise Attack.As soon as the attacker negotiates 1 at time , all past and