Two-Key Dependent Permutation for Use in Symmetric Cryptographic System

This paper deals with a two-key based novel approach for generating a permutation table that can be used in a symmetric cryptographic system to cause diffusion. It also discusses how the permutation table generated using the approach can be applied to character based encryption and binary data block produced at intermediate stages by symmetric cipher algorithms. It also describes the effect of our approach on characters of intermediate text as well as on bits of binary data block along with the impact of a single bit change in key information on producing permutation sequences applied to plaintexts to produce ciphertexts. The results are satisfactory and the proposed approach can be employed in any symmetric block cipher algorithm that uses the predefined permutation tables.


Introduction
The substitution and permutation processes play a very important role in causing confusion and diffusion in the text blocks being generated in various rounds of Feistel or SPN based ciphers.Many of the symmetric block ciphers use identical rounds of substitution and permutation processes in each encryption round with a subkey generation function to generate a different round key for use in each round.The algorithms like DES [1] use predetermined substitution and permutation boxes and others like Blowfish block cipher [2], Khufu algorithm [3], and Twofish [4] utilize the dynamic substitution and permutation boxes.To develop better insight of the work, the terminology and concepts related to cryptography with respect to the work and the description of our algorithm for generating permutation table with a required size are presented in the following section.

Functions.
A function  from set  to set  is denoted by  :  → .If  ∈ , then a preimage  is an element  ∈  for which () = .The set of all elements in  which have at least one preimage is called the image of .The various types of functions are [5].

Permutation.
A permutation  on , finite set of elements, is a bijection from  to itself.It is denoted by  :  → .We will have ! permutations on a set  of  elements.

Bijection Function.
If a function  :  →  is oneto-one and onto, then  is called a bijection or one-to-one correspondence.

One-to-One Function.
A function  :  →  is oneto-one (injective) function if each element in  is related to a different element in .

Onto Function.
A function  :  →  is said to be onto (surjective) if, for every element  in , there is an element  in  such that () = .The definition can be restated as a function is onto when its image equals its range.
2 Mathematical Problems in Engineering 2.1.5.Inverse Function.If  is a bijection from  to  then there exists a bijection  from  to  such that, for each  ∈ , () =  holds where  ∈  and () = .The function  derived from  is called the inverse function of  and is denoted by  =  −1 .

Symmetric Cryptographic Schemes.
Cryptography is the study of schemes used for encryption [6] and mathematical techniques related to aspects of information security such as confidentiality, data integrity, entity authentication, and data origin authentication [5].The scheme defines a cryptographic system or a cipher that can be used to enable two people, usually referred to as Alice and Bob, to communicate over an insecure channel that could be a telephone line or computer network, without giving chances to understand the scrambled text of what is being sent or guess the key used for transformation of the original text.
The message Alice wants to send is called the plaintext and the scrambled message which Bob receives is called the ciphertext.The plaintext and ciphertext are written in some alphabet consisting of a certain number  of letters including numerals, blanks, punctuation marks, or any other symbols that we use when writing the messages [7].
Alice uses a precomputed key to encrypt the plaintext and sends the ciphertext to Bob over the channel.Only Bob, who knows the encryption key, can decrypt the ciphertext and reconstruct the plaintext.
If Alice and Bob use the same key, the system is referred to as symmetric or conventional encryption.The system is called asymmetric when they use different keys.
Block ciphers and stream ciphers are the two kinds of symmetric-key encryption schemes.A Block cipher processes a block of plaintext at a time to produce a ciphertext block of equal length.On the other hand a stream cipher processes a digital data stream one bit/byte at a time.Many symmetric block encryption algorithms are based on Feistel structure.Such a structure consists of a number of identical rounds of processing involving substitution followed by a permutation [6].Block ciphers are categorized into substitution ciphers and transposition ciphers.Since their results are in the set of all permutations on the alphabet set , we present the following known definitions to facilitate better understanding of the role of permutations in the substitution and transposition ciphers.

Substitution Ciphers.
In substitution, the letters of plaintext are replaced by other letters or by numbers or symbols.If the plain text is a binary block, substitution involves replacing plaintext bit patterns with cipher bit patterns one bit or a binary block as whole at a time.
Let  be an alphabet of  symbols and  be the set of all strings of length  over .Let  be the set of all permutations on the set . for each  ∈  an encryption transformation   is defined as [5] The inverse permutation  =  −1 and Some examples of substitution ciphers are Caesar cipher, monoalphabetic substitution cipher, play fair cipher, hill cipher, and polyalphabetic substitution ciphers.
When a random substitution is performed over the 26letter English alphabet, dramatic increase in key space is obtained by permuting the elements of the alphabet randomly.The encrypted text will be any permutation of the 26 alphabetic characters from the set of ! permutations making it difficult for cryptanalysis [6].
The ciphers are easy to break since they are monoalphabet based and they reflect the frequency details of the original alphabet.Multiple substitutes for a single letter can be a counter measure in this case.Some multiletter substitution ciphers are Playfair and Hill ciphers, Vigenère cipher, autokey system, and so forth.
Even Vigenère cipher is vulnerable to cryptanalysis.Because the key and the plaintext share the same frequency distribution of letters, a statistical technique can be applied.
The Playfair cipher is relatively easy to break, because it still leaves much of the structure of the plaintext language intact.A few hundred letters of ciphertext are generally sufficient.Although the Hill cipher is strong against a ciphertextonly attack, it is easily broken with a known plaintext attack [6].

Transposition Ciphers.
In this, a very different kind of mapping is achieved by performing some sort of permutation on the plaintext letters.Let  be the block length and  be the set of all permutations on the set {1, 2 ⋅ ⋅ ⋅ }.For each  ∈  an encryption transformation   is defined as [5]   () = ( (1)  (2) ⋅ ⋅ ⋅  () ) , where  = ( 1  2 ⋅ ⋅ ⋅   ) ∈ . ( The set of all such transformations is called a simple transposition cipher.The decryption key corresponding to  is the inverse permutation

Substitution and Permutation Related
Works.The modern design of block ciphers is based on the concept of an iterated product cipher.They improve security effectively by combining substitutions and permutations [8].Both substitution and permutation are added to the encryption in a round [5] to cause confusion and diffusion, respectively, and represent the two basic building blocks for any cryptographic system [8] to thwart statistical cryptanalysis.
In diffusion, the statistical structure of the plaintext is so distributed across the ciphertext that each plaintext element affects the value of many ciphertext elements or vice versa.Diffusion is achieved by repeatedly performing some permutation on the elements of the plain text so as to prevent the cryptanalyst to infer the key.But in confusion relationship between the ciphertext and the key value is hidden to determine the key [6].
Substitution operation is constructed as a box with input bits and output bits.One noticeable characteristic of the box is its size.Larger -boxes are generally more immune to differential and linear cryptanalysis [6] but require more lookup overhead and careful design.
-boxes can be a precomputed one or built with a predetermined key.The static -boxes are vulnerable to differential cryptanalysis [9] and linear cryptanalysis [10] and cryptographically insignificant but key dependent -boxes are insusceptible to these attacks.
A substitution and diffusion based new image 128-bit key encryption scheme proposed in [13] divides an image into several key based dynamic blocks and each block passes through the eight rounds of diffusion for rearranging sequences of block pixels and substitution process to replace block pixels with that of another using row-column difference computation.
A fast permutation algorithm to generate key-dependent -box and key-dependent -Box has been discussed in [14] to protect its internal structure so as to resist the linear and differential cryptanalysis in a few round encryptions.In [15], the modified Rijndael algorithm that constructs the -boxes defined over GF (2 4 ) has been discussed.Each one of the small -boxes has different equation and each equation is extracted by using one of the three irreducible polynomials existing in GF (2 4 ).
Dynamic -box generation using RC4 algorithm, well known stream cipher, for Advanced Encryption Standard and for AES-128 has been described in [16] and [17], respectively.An -box generation method through compositions of permutations from some fixed set using random bijective methods has been discussed in [18].Pseudorandom -boxes generated using a secret key for AES Block cipher has been described in [19].Cryptographically key-dependent -box design using a four-dimensional hyperchaotic Chen system and its suitability for designing block cipher with dynamic boxes satisfying the -box design criteria is suggested in [20].
In all the works above, permutations have been used to prevent cryptanalysis.

Two-Key Dependent Permutation
Algorithm.The algorithm consists of the following major steps.
Step 1 (Initialization).This step initializes the variables  and  with 1 and  which is the product of  1 and  2 .We initialize set  = {1, 2, 3, . . ., size} where size denotes the number of letters/bits in the given text block.Initially,  is empty.
Step 3 (Replacement).It locates for duplicate elements in the set  generated in the previous step and replaces them with −1.
Step 4 (Unique Set Construction).It constructs a unique set  of positive integers.
Step 5 (Set Difference Operation).This step produces a set  consisting of elements that are in  but not in .
Step 6 (Sorting).It sorts the elements of the set  in descending order.
Step 7 (Placement).As the elements of  are scanned from left to right, −1 s and 0 s are replaced by successive elements of .This process is repeated until the last occurrence of −1 or 0 is replaced with the last element of the set .The set  is, now consisting of elements from 1 through size but permuted in some order which depends on  1 and  2 values.
(4) Let  denote the number of elements in  where   ≤ 0.
(5) Create a unique set  with size −  elements that satisfy   > 0: (6) Construct a missing element set  with  elements using set minus operation: (7) Sort the elements of set  in descending order.

Results and Discussion
This section discusses how the results of the algorithm can be applied to text composed of characters (Character Based Permutation) and bits of binary data block (Binary Based Permutation).

Character Based Permutation.
Let  be the text of length (in characters), size.Let  be set of   values representing positions of letters in .There are size!ways in which letters of  can be permuted.Given that text  = abcdefgh, the positional set  consists of values in the range from 1 through size.Table 1 shows the positions of letters in the text .The 2KDP algorithm with input size = 8 generates the permutations for various values of  1 and  2 , as shown in Table 2 and Figure 1 shows their deviations from the original one.How the permutations 1 through 5 applied to message  permute elements in  can be understood from Table 3.
By choosing the appropriate values for  1 and  2 the algorithm generates permutations that affect positions of all the characters making up the message .
For example, for a set of 4 different values of  1 and  2 , Table 4 shows permutations generated by the algorithm and it can be seen from Table 5 that the permutations have affected all the characters' positions in the message  with size = 8.

Binary Based Permutation.
In the binary based permutation, characters in the message  are represented as their 8-bit binary equivalents as shown in Figure 2.
Since the message  consists of 8 characters, the size of the entire message  is 64 bits.The binary representation of the message  is 01100001011000 10011000110110010001-100101011001100110011101101000 and denoted by the letter .
A permutation table can be generated by using the 2KDP algorithm with a size equivalent to number of bits of the message .The permutation table thus generated will consist of 64 entries that indicate how the bits of the binary block  related to the message  should be permutated.
Table 6 shows the initial position of bits of binary data block for the message .Four 64-bit permutation tables constructed using different values of  1 and  2 are shown in Tables 7 through 10.The permutations graphs shown in Figures 3, 4, 5, and 6 help understanding the amount of deviations they have with respect to one another.
By using the permutations tables (see Tables 7, 8, 9, and 10) produced for four different values of  1 and  2 , the bits of the text are rearranged and the results are shown in hexadecimal representation in Tables 11,12, 13, and 14.
The effectiveness of the algorithm on binary bits of the text and how it affects the various binary bits of the text can be understood from Table 15.The bits of the given text are XORed with permuted output to count the number of bits affected due to the permutation algorithm.If the  th bit in the text matches with the  th bit in the permuted output, the  th bit in the text is not affected.Otherwise the  th bit in the text is affected.Table 16 shows the number of bits affected after XORing the permuted output obtained by applying

Cryptanalysis of the Algorithm.
In this section, we discuss the worthiness of our algorithm after having applied different  1 and  2 values and tested its results on texts.When the algorithm is applied on two different plaintexts that differ in a single bit with same keys  1 and  2 , the cipher texts will also differ in a single bit.For example, for the two plain texts 1: abcdefgh and 2: ibcdefgh, the algorithm with  1 = 123 and  2 = 57 results in two different ciphertexts C1: 52d2ced2e8925c82 and C2: 52d2cfd2e8925c82, respectively, as shown in Table 17.Table 18 shows all the texts varying in single bit and its corresponding permuted texts that also differ in a single bit.Given two cipher texts of two different plaintexts varying in single bit or more make the cryptanalyst hard to deduce the keys.Since the key space is huge for an adversary to choose keys from, it makes the cryptanalysis somewhat difficult.We have found that it is possible to have the same permutation sequence for different values of keys if the number of bits to be permuted is less.For example, the key pairs (251, 53) and (59, 53) applied to the algorithm with size = 8 will generate the same permutation sequence 2, 6, 1, 3, 4, 8, 7, 5 which is not desirable.So, the algorithm with less size value can be used to generate one time key, which is shorter, for authentication purpose.If the size is larger than at least 64 bits, the chances for generating the same permutation sequence are remote and therefore it requires tremendous efforts.
The algorithm can be iterated with different key pairs.Each iteration results in a permutation sequence.A permuted text obtained in the first iteration can be made secure by applying it to a permutation sequence generated in the successive rounds with different key pairs.Thus, the resultant permuted text is so secure that it increases the time required to decipher it.For example, the ciphertext C1: 52d2ced2e8925c82 formulated with permutation produced with keys  1 = 123 and  2 = 53 by the algorithm for the plaintext 1: abcedefgh can be made secure by subjecting it to any number of rounds with different values of  1 and  2 .Suppose the algorithm generates the following permutation sequence with  1 = 91 and  2 = 131: 56 52 47 17   It can be noted that it produces a good avalanche effect.Similarly, we also tried different  2 values (185, 121, 25, 41, 49, 61, 59, 56) that differ in single bit but with  1 = 123 (refer to Table 22) to generate the permuted texts as shown in Table 21.
The algorithm has also produced a good effect even after having swapped  1 and  2 values applied to it (see Table 25).
The power of the algorithm lies in constructing permutation/substitution tables of any size using key information derived from plain text/key blocks.Instead of predefined -Boxes and -Boxes used with some symmetric block ciphers to achieve an avalanche effect that makes the relationship between plaintext and ciphertext complex at each round during encryption process, the same effect can be realized if we generate these tables dynamically based on the information available during rounds of encryption at runtime.Making a single bit change in any of the key values  1 ,  2 , or both has resulted in a permutation sequence that can be applied to intermediate ciphertexts to achieve good confusion and diffusion.The results of the algorithm are satisfactory that it can be used with symmetric crypto systems like DES for generating substitution/permutation tables dynamically.

Conclusion
The two-key dependent permutation algorithm generates a permutation table based on two keys.The good choice of key values enables algorithm to construct a permutation table that will disturb positions of all characters/bits making up a given message.The results show that the 2KDP algorithm can also be used with Feistel based symmetric block ciphers.We have also shown how a single bit change in any of the two keys or both will produce a permutation table that brings in drastic impact on complicating the relationship between plaintext and ciphertext after its application on plain text.

Figure 1 :
Figure 1: Permutations graph for various values of  1 and  2 .

Table 1 :
Initial position of letters in the message .

Table 2 :
Permutations generated for various values of  1 and  2 with size: 8.

Table 3 :
Impact of permutations on positions of characters of the message .

Table 4 :
Permutations generated for another set of  1 and  2 values with size: 8.

Table 5 :
Permutations affecting positions of all characters of the message .

Table 6 :
Initial position of bits of binary block for the message .
P2Figure4: Permutation graph for PT2 with  1 : 57,  2 : 123. the permutation table tables (see Tables7, 8, 9, and 10) on bits in the given text with original bit stream of the given text.

Table 11 :
PB1-permuted bits of binary data block using permutation table PT1.

Table 12 :
PB2-permuted bits of binary data block using permutation table PT2.

Table 14 :
PB4-permuted bits of binary data block using permutation table PT4.

Table 15 :
Permuted bits of binary data for various values of  1 and  2 .

Table 17 :
Impact of change in 5th bit on plain text: abcdefgh and its corresponding permuted text.

Table 18 :
Texts with single bit change in the plain text: abcdefgh and corresponding permuted texts.

Table 19 :
Single bit change in key  1 : 123 without change in  2 : 57 and corresponding permuted texts.

Table 21 :
Single bit change in key  2 : 57 without change in  1 : 123 and corresponding permuted texts.

Table 24 :
Permutation sequences for  1 : 123 and  2 : 57 with a single bit change (in keys).

Table 25 :
Permuted texts for  1 : 57 and  2 : 123 with a single bit change (in keys) after swapping.