Devising a method for improving crypto resistance of the symmetric block cryptosystem RC5 using nonlinear shift functions

Authors

DOI:

https://doi.org/10.15587/1729-4061.2021.240344

Keywords:

nonlinear function, symmetric cryptosystem, shift function, RC5, block cipher, cryptoanalysis

Abstract

This paper analyzes ways to improve the cryptographic strength of the symmetric block cipher RC5. The task to enhance the stability of the classic RC5 cipher is explained by the fact that it is part of various open cryptographic libraries and is frequently used in practice. Several methods have been considered, applying which theoretically contributes to improving the stability of cryptographic transformations. It is found that unlike other alternatives (increasing the number of rounds, the length of the key, and the encryption block), the use of nonlinear shift functions does not increase the computational complexity of the RC5 algorithm. The study result has helped build an analytical model that was implemented in the form of the MATLAB (USA) software application. The software interface provides the ability to manually change the encryption parameters of the RC5 crypto algorithm. The resulting upgrade of the RC5 crypto algorithm has been tested on different sets of input data during encryption and decryption. The resulting modification also does not lead to an increase in the calculation time but makes it possible to improve the resistance to hacking the encrypted data by several orders of magnitude (210), provided that differential analysis methods are used and the number of rounds is 14. For one of the nonlinear functions used, resistance to the differential cryptoanalysis used increased by 212 times already in the eleventh round of encryption. The reliability of the improved cryptosystem has been confirmed by the absence of statistical correlation between the blocks of incoming messages and output blocks, the absence of collisions at which it is possible to obtain the same sequences of bits at the output with different messages at the input. The resulting algorithm could be applied in computer systems with low computing performance

Author Biographies

Andrii Sahun, National University of Life and Environmental Sciences of Ukraine

PhD, Associated Professor

Department of Computer Systems and Networks

Vladyslav Khaidurov, Institute of Engineering Thermophysics of the Institute of Engineering Thermophysics of NAS of Ukraine

PhD, Senior Researcher

Department of Monitoring and Optimization of Thermophysical Processes

Valeriy Lakhno, National University of Life and Environmental Sciences of Ukraine

Doctor of Technical Sciences, Professor

Department of Computer Systems and Networks

Ivan Opirskyy, Lviv Polytechnic National University

Doctor of Technical Sciences, Professor

Department of Information Security

Vitalii Chubaievskyi, Kyiv National University of Trade and Economics; Department of Information and Analytical Support of the National Police of Ukraine

PhD, Associate Professor

Department of Software Engineering and Cyber Security

Deputy Chief of Department, Police Colonel

Olena Kryvoruchko, Kyiv National University of Trade and Economics

Doctor of Technical Sciences, Professor

Department of Software Engineering and Cyber Security

Alona Desiatko, Kyiv National University of Trade and Economics

PhD, Associate Professor

Department of Software Engineering and Cyber Security

References

  1. Recommendation X.200 (07/94). Available at: https://www.itu.int/rec/T-REC-X.200-199407-I
  2. Understanding Layer 2 Encryption. Technical Whitepaper (2013). SafeNet. Available at: https://newberrygroup.com/wp-content/uploads/2017/10/understanding-layer-2-encryption-wp-en-v2-dec022013-web.pdf
  3. Rivest, R. L. (1995). The RC5 encryption algorithm. Lecture Notes in Computer Science, 86–96. doi: https://doi.org/10.1007/3-540-60590-8_7
  4. OpenSSL. Cryptography and SSL/TLS Toolkit. Available at: https://www.openssl.org/
  5. RSA® BSAFE® Crypto-J JSAFE and JCE Software Module 6.2.4 Security Policy Level 1 (2020). Available at: http://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3172.pdf
  6. Blozva, A., Kydyralina, L. M., Matus, Y. V., Osypova, T. Y., Sauanova, K., Brzhanov, R. T., Shalabayeva, M. (2021). IoT Devices Integration and Protection in available Infrastructure of a University computer Network. Journal of Theoretical and Applied Information Technology, 99 (8), 1820–1833. Available at: http://www.jatit.org/volumes/Vol99No8/11Vol99No8.pdf
  7. Luzhetskyi, V., Horbenko, I. (2015). Metody shyfruvannia na osnovi perestanovky blokiv zminnoi dovzhyny. Zakhyst informatsiyi, 17 (2), 169–175.
  8. Biryukov, A., Khovratovich, D. (2009). Related-Key Cryptanalysis of the Full AES-192 and AES-256. Lecture Notes in Computer Science, 1–18. doi: https://doi.org/10.1007/978-3-642-10366-7_1
  9. Garfinkel, S. (1994). PGP: Pretty Good Privacy: Pretty Good Privacy. O'Reilly Media, 432.
  10. Schneier, B. (1994). Description of a new variable-length key, 64-bit block cipher (Blowfish). Lecture Notes in Computer Science, 191–204. doi: https://doi.org/10.1007/3-540-58108-1_24
  11. Biryukov, A., Kushilevitz, E. (1998). Improved cryptanalysis of RC5. Advances in Cryptology – EUROCRYPT’98, 85–99. doi: https://doi.org/10.1007/bfb0054119
  12. Furlong, M., Heys, H. (2005). A timing attack on the CIKS-1 block cipher. Canadian Conference on Electrical and Computer Engineering, 2005. doi: https://doi.org/10.1109/ccece.2005.1556916
  13. Matsui, M. (1994). Linear Cryptanalysis Method for DES Cipher. Lecture Notes in Computer Science, 386–397. doi: https://doi.org/10.1007/3-540-48285-7_33
  14. Kaliski, B. S., Yin, Y. L. (1995). On Differential and Linear Cryptanalysis of the RC5 Encryption Algorithm. Lecture Notes in Computer Science, 171–184. doi: https://doi.org/10.1007/3-540-44750-4_14
  15. Knudsen, L. R., Meier, W. (1997). Differential cryptanalysis of RC5. European Transactions on Telecommunications, 8 (5), 445–454. doi: https://doi.org/10.1002/ett.4460080503
  16. Aggregate Statistics (2021). RC5-72 / Overall Project Stats. Available at: https://stats.distributed.net/projects.php?project_id=8
  17. Panasenko, S. P. (2009). Algoritmy shifrovaniya. Spetsial'niy spravochnik. Sankt-Peterburg: BHV, 576.
  18. Welchman, G. (1982). The Hut Six Story: Breaking the Enigma Codes. Harmondsworth: Allen Lane.

Downloads

Published

2021-10-31

How to Cite

Sahun, A., Khaidurov, V., Lakhno, V., Opirskyy, I., Chubaievskyi, V., Kryvoruchko, O., & Desiatko, A. (2021). Devising a method for improving crypto resistance of the symmetric block cryptosystem RC5 using nonlinear shift functions. Eastern-European Journal of Enterprise Technologies, 5(9 (113), 17–29. https://doi.org/10.15587/1729-4061.2021.240344

Issue

Vol. 5 No. 9 (113) (2021): Information and controlling system

Section

Information and controlling system

License

Copyright (c) 2021 Andrii Sahun, Vladislav Khaidurov, Valeriy Lakhno, Ivan Opirskyy, Vitalii Chubaievskyi, Olena Kryvoruchko, Alona Desiatko

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.

A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.