LEA: Link Encryption Algorithm Proposed Stream ...

Ain Shams Engineering Journal (2014) xxx, xxx–xxx

Ain Shams University

Ain Shams Engineering Journal www.elsevier.com/locate/asej www.sciencedirect.com

ELECTRICAL ENGINEERING

LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm Hadia M.S. El Hennawy a, Alaa E.A. Omar b, Salah M.A. Kholaif a b c

c,*

Electronics and Communications Department, Faculty of Engineering, Ain Shams University, Cairo, Egypt Head of Research Development Division, Research Development Center, Cairo, Egypt Research Development Center, Cairo, Egypt

Received 20 June 2013; revised 19 December 2013; accepted 9 August 2014

KEYWORDS Link Encryption Algorithm; Stream cipher; Linear Feedback Shift Register; Bit organization; Non Linear Function

Abstract Cryptographic algorithms for confidentiality and authentication play a major important role in nowadays information security Sen (2012) [1]. Encryption algorithms are becoming more necessary to ensure the securely transmitted data over insecure communication channels. A new stream cipher is proposed. The design is very simple and based on 16 shift registers, nonlinear and an output function. The proposed algorithm is characterized by a high performance in software with measured encryption/decryption on Pentium IV processor. We have performed detailed security analysis, in particular, and standard statistical randomness test of the produced ciphertext. Experimental results in terms of performance and resources are presented. 2014 Production and hosting by Elsevier B.V. on behalf of Ain Shams University.

1. Introduction Nowadays there are many stream cipher algorithms proposed in both academic and industrial research. Stream cipher is an important category of symmetric encryption algorithms [1]; what’s more, synchronous stream ciphers do not suffer from error propagation, because each bit is independently encrypted/decrypted from any other. Compared with block ciphers, most stream ciphers are generally much faster and have greater software efficiency. Due to these features, stream * Corresponding author. Tel.: +20 1227337460. E-mail address: [email protected] (S.M.A. Kholaif). Peer review under responsibility of Ain Shams University.

ciphers have been becoming the best choice for several communication protocols especially that used in wireless field [2]. Block ciphers are memory less algorithms that permute N-bit blocks of plain text data under the influence of the secret key and generate N-bit blocks of encrypted data, whereas stream ciphers contain internal states and typically operate serially by generating a stream of pseudo random key bits, namely the keystream (stream ciphers are also called keystream generators). The keystream is then bitwise XORed with the data to encrypt/decrypt. LEA is a word-oriented stream cipher; it takes a 128-bit initial key and a 128-bit initial vector as input, and outputs a keystream of 32-bit words (where each 32-bit word is henceforth called a key word). This keystream is used to encrypt the plain text. To ensure the security of LEA, it is evaluated through a software implementation. Since the Linear Feedback Shift Registers (LFSRs) are pretty efficient in hardware and are

Production and hosting by Elsevier http://dx.doi.org/10.1016/j.asej.2014.08.001 2090-4479 2014 Production and hosting by Elsevier B.V. on behalf of Ain Shams University. Please cite this article in press as: El Hennawy HMS et al., LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm, Ain Shams Eng J (2014), http:// dx.doi.org/10.1016/j.asej.2014.08.001

2 the main building blocks of this cipher, it is possible to implement LEA in hardware and achieve higher throughput. This paper is structured as follows. In Section 2 the LEA stream cipher algorithm specifications are briefly described. In Section 3, we explain the security analysis of the LEA algorithm. In Section 4, we discuss the algorithm performance results. Finally, Section 5 concludes the paper. 2. Proposed Stream Cipher Algorithm The Proposed Link Encryption Algorithm, LEA, is a stream cipher algorithm. It is cryptological concept which was developed for encipher/decipher 8-bit ASCII character. For each step, cipher or decipher, the algorithm is performed once delivering an 8-bit key character. This character is combined with the plain (or cipher) character by bitwise addition to give the cipher (or plain) character. Thus there is no difference between encipher/decipher and this meaningful to explain only the process of encipherment. The algorithm is offering highest security level achieved through the high nonlinear complexity and the complete re-initialization before every encryption process. The idea of this algorithm is building up the key character sequence of combination of two different sequences, where the first one has probable long period and the second one is high complexity by using nonlinear functions. Moreover, both of these sequences are statistically flat. The good statistical properties of the first sequence are in principle that of Liner Feedback Shift Registers (LFSRs) with primitive characteristic polynomials to achieve maximal-length period. Also, those of the second part are achieved by using well distributed generated substitution boxes, confusion, and diffusion. The LEA encryption algorithm can be divided into a driving part and a combining part. The driving part consists of a set of maximum length Linear Feedback Shift Registers. It mainly governs the state sequence of the generator and is responsible for providing sequences of large periods and good statistics. The combining part is essentially nonlinear. It has the task to make the cipher stream generation to be mathematically complex [3]. 2.1. General structure of algorithm LEA is a word-oriented stream cipher that takes a 128-bit Key and a 128-bit Initial Vector (IV) as input, and outputs a key stream of 32-bit words, see Fig. 1. LEA has three logical layers. The top layer is a Linear Feedback Shift Register (LFSR) of sixteen Registers, each cell of 32-bit, the middle layer is for bit compression (BC), and the bottom layer is a nonlinear function (F). 2.2. Key loading The Initialization key procedure has four main parts, a 128-bit secret key (SK), 128-bit initialization value (IV), 240-bit Master Key (MK), and 16-bit balance Key (BK). MK is combination of SK and IV. MK ¼ ðLRot8 ðSK;2Þ&&ð0xFFFFFFFÞÞk ðLRot8 ðIV;5Þ&&ð0xFFFFFFFÞÞ:

H.M.S. El Hennawy et al. where (&&) is bitwise AND, || is concatenation operator, and LRot8 (x, y) = cyclic rotation of 8 bits sequence x by y position left. The Key Loading part use four keys groups SK (SK0 || SK1 ||. . .|| SK15), MK (MK0 || MK1 ||. . .|| MK15), IV (IV0 || IV1 ||. . .|| IV15), and BK (BK0 || BK1 ||. . .|| BK15), respectively, to produce sixteen substrings of 32-bit according to the following rule Ri = Ski || MKi || IVi || BKi, where (0 6 i 6 15). The generated value Ri is used as the initial state of the LFSR layer, and the BKi will be the rightmost bit with value equal to 1 for each register for register balancing requirement. 2.3. The Linear Feedback Shift Register (LFSR), layer The Linear Feedback Shift Register (LFSR), illustrated in Fig. 2, has sixteen Registers of 32-bit (R0 to R15), each register is restricted to take values from the (1 to 232 – 1). The LFSR layer has two stages of operations: the initialization stage of sixteen register and the working stage. In the initialization mode, each register LFSR receives a 32bit input, which is obtained from key loading process. In the working mode, the LFSR receives two 32-bit word inputs, one word N, which is obtained from the 32-bit output M of the nonlinear function F, and the other word R, from output feedback operation of LFSR. The output of the LFSR layer stage supplies four 32-bit (128-bit) as input to the bit compression layer, and the last register R15 are used in producing key stream. Informative note: Since the multiplication of a 32-bit string R by 2i over GF (232 – 1) can be implemented by a cyclic shift of R to the left by i bits, only addition modulo 232 – 1 is needed. 2.4. The bit-compression layer The middle layer of the LEA algorithm is the bit-compression (BC). It receives four 32 bits (128-bit) from the four distinct registers of the LFSR layer and combine them using addition modulo 232, and bitwise XOR operations, as shown in Fig. 3. Finally it produces 32-bit word, which will be used as the input of the nonlinear function F in the bottom layer. 2.5. The Nonlinear Function F layer The Non Linear Function or Finite state machine (FSM) function, as shown in Fig. 4, used as a non linear core, needs to satisfy various cryptographic criteria. They must be balanced [4], possess high nonlinearity to resist fast correlation attacks [5], and must possess high algebraic degree: To resist the Ronjom–Helleseth attack [6]. To resist the Berlekamp–Massey attack [5]. As a necessary but not sufficient condition to resist fast algebraic attacks [7]. In the case of FSM functions, a high order of correlation immunity is also necessary [8]. The nonlinear function F has 32-bit input comes from bit-compression stage. The construction of nonlinear function sequences was designed for cryptographic robustness, efficiency when implemented in software.

Please cite this article in press as: El Hennawy HMS et al., LEA: Link Encryption Algorithm Proposed Stream Cipher Algorithm, Ain Shams Eng J (2014), http:// dx.doi.org/10.1016/j.asej.2014.08.001

LEA: Link Encryption Algorithm New Proposed Stream Cipher Algorithm

3

Figure 1 General structure of Link Encryption Algorithm (LEA). Fig. 1, describes the general structure of LEA encryption algorithm, which is a word-oriented stream cipher that takes a 128-bit Key and a 128-bit Initial Vector (IV) as input, and outputs a key stream of 32bit words. LEA has three logical layers. The top layer is a Linear Feedback Shift Register (LFSR) of 16 registers, each cell of 32-bit, the middle layer is for bit compression (BC), and the bottom layer is a nonlinear function F.

Figure 2 Linear Feedback Shift Register (LFSR) Layer of LEA Algorithm. The LFSR layer has sixteen Registers of 32-bit (R0 to R15), operating over Galois Field GF (232). The LFSR layer has two stages of operations: the initialization stage of sixteen register and the working stage. LFSR layer gives four of 32-bit (128-bit) as input to the bit compression layer, and the last register are used in producing key stream.

Two substitution boxes are used in the non-linear function F, named S and Q respectively. Because the LFSR is shown to have good resistance against algebraic attacks over GF (2), algebraic immunity was not the highest priority in the design

of the substitution boxes. The implementations require the so-called secret constant, the values of both substitution box (S-box and Q-box), which are kept secret and might be consider as part of the secret key, also gives higher resistance


4

H.M.S. El Hennawy et al. LRot32 (x, y) ! cyclic rotation of 32 bits sequence x by y position left.

3. Security analysis of the LEA algorithm

Figure 3 Bit compression (BC) Layer of LEA Algorithm. The bit-compression layer extracts 128-bit from four different registers of the LFSR Layer and forms a new 32-bit word, which will be used as the input for the nonlinear function F in the next stage.

This section contains two main parts, security attacks, and measuring the statistical randomness properties of LEA algorithm output. 3.1. Security attacks We present in this sub-section three different attacks with LEA algorithm. 3.1.1. Guess and determine attack The general idea of guess-and-determine attacks [9,10] is to guess part of the internal state of the target algorithm, and then, by combining with some known mathematical relations for the algorithm, to deduce the remaining unknown internal state. The LEA Algorithm appears to have strong resistance against guess-and-determine attacks. It is seen that the LEA Algorithm has 16 · 32 + 2 · 32 = 576 bits of internal states. Assume that an attacker tries to find these internal states at some time instant, and he tries to guess r bits of these states to determine the remaining 576 - r states. Assume that the 528 bits of internal states have uniform probability distribution. Then the attacker needs at least d(576 - r)/32e key-words (the 32-bit words from the keystream) to establish algebraic equations, so as to possibly determine all the remaining unknown bits. For a successful guess-and-determine attack, it must be true that r < 128. In this case the attacker needs at least 14 words of keystream. In this sense the LEA Algorithm has good resistance against the guess-and-determine attack.

Figure 4 Non Linear Function (F) of LEA Algorithm. The nonlinear function (NLF) F has 32-bit input, and 32-bit output. The F Function can be considered as nonlinear transformations from 32-bit words to 32-bit words using two secret S-box, and Qbox of with 8-bit, and some mathematical notations like bitwise XOR and cyclic rotations. Its output is split into two directions, one as a feedback to the LFSR stage, while the other is used in producing output key stream.

against possible future advances in algebraic cryptanalysis. The Nonlinear function can be described as: Z0! 7 ¼ X0! 7 LRot8 ðQðX8! 15 Þ; Z0 Þ; Z8! 15 ¼ QðX8! 15 Þ LRot8 ðX0! 7 Þ; Z0 Þ Z16! 23 ¼ X24! 31 LRot8 ðSðX16! 23 Þ; Z2 Þ; Z24! 31 ¼ SðX16! 23 Þ LRot8 ðX24! 31 Þ; Z3 Þ Mi ¼ Zi LRot32 ðZi ; 9Þ LRot32 ðZi ; 22Þ where =! The assignment operator. ¯! The bitwise exclusive-OR operator.

3.1.2. BDD attack In 2002, Krause proposed a Binary Decision Diagram (BDD) attack [11], which is the best short key stream attack known so far, and it has a very low data complexity. In view of the large state size (576 bits), a straightforward application of this attack has no chance to succeed. We have not been able to identify a way that would optimize the attack so that it would approach the 2128 limit. We think that a BDD attack is no better than exhaustive search. 3.1.3. Timing attack It is well known that many cryptographic algorithms may be subject to side channel attacks [12]. One class of side channel attack is the timing attack, in which the attacker attempts to compromise a cryptosystem by analyzing the time taken to execute cryptographic algorithms. Information can leak from a system through measurement of the time it takes to respond to certain input. How much such information can help an attacker depends on cryptosystem design details, the CPU running the system, and the accuracy of the timing measurements. The software implementation in C code can be designed to protect against timing attacks.


LEA: Link Encryption Algorithm New Proposed Stream Cipher Algorithm 3.2. Statistical random tests Key streams generated by LEA-128 have been analyzed using the CRYPTX’98 statistical analysis program [13]. This program is used to examine whether the binary stream cipher sequence possesses those unique features of randomness to prevent deception from unauthorized receivers. Seven tests are conducted; frequency test, binary derivative test, change point test, subblock test, sequence complexity test. Test results are shown in Tables 1–7 and briefly described. CRYPTX’98 reported that the LEA-128 key streams tested have the properties of random bit streams. Other CRYPTX’98 tests look for a class of statistical properties than can be exploited by various classes of attacks. The analysis reported that LEA-128 key streams had none of these properties. This encourages us to believe that LEA-128 has no glaring weaknesses. The popular symmetric stream cipher algorithms including A5 (Actual Encryption Algorithm) [14], RC4 (Rivest Cipher number four) [15], Rabbit [16], and Sober [17], were adapted for testing with the same CRYPTX’98 tool and their results

Table 1

5

were compared with the stream cipher output of LEA algorithm, using the same input plaintext and key files. We apply a different stream cipher samples of string length, N, 400,000 bits generated by software implementation of LEA and other four stream cipher algorithms, using C++ programming language, to a CRYPTX’98 tool which includes seven randomness statistical tests and it produces a Significance probability p-value for each input type. The p-values obtained from a CRYPTX’98 test represents the probability of obtaining a result further than the test statistic lies from the expected, if the algorithm produces a random stream. Very small p-values would support non-randomness for the given measure. 3.2.1. Frequency test Test for an equal number of ones and zeros in the bit stream. The number of ones in a large random sequence is approximately normally distributed. The frequency test determines the tail end probability for the number of ones in the sample stream. The result is displayed in Table 1.

Combined table comparing the results of frequency test.

Algorithm

Test parameters Number of ones (X)

Expected ones (mean)

Proportion of ones

Significance probability (p)

Satisfy

LEA A5 RC4 Rabbit Sober

199,845 199,754 200,067 200,393 200,438

20,000 20,000 20,000 20,000 20,000

0.4996 0.4994 0.5002 0.5010 0.5011

0.6240 0.4366 0.8322 0.2140 0.1660

Yes Yes Yes Yes Yes

Frequency test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 1. It can be derived from the results given in Table 1, none of the sequences fail the frequency test because all of the significance probabilities are all greater than 0.001. It signifies that there are an equal proportion of ones and zeros in each stream. Therefore, the sequences are considered balance and randomness. The steam cipher RC4 algorithm and then LEA, and A5, algorithms results seems to have better distributions, for their larger significant, than the others. Binary derivative tests should be further conducted to assess whether are patterns existing in these streams.

Table 2

Results of Binary Derivative test.

Algorithm type

Number of ones (X)

First binary derivative (D1) test (N = 399,999) LEA 200,189 A5 200,301 RC4 200,099 Rabbit 200,744 Sober 199,794

Expected ones (mean)

Proportion of ones


Satisfy

199999.5 199999.5 199999.5 199999.5 199999.5

0.5005 0.5008 0.5002 0.4995 0.5002

0.5490 0.3404 0.7530 0.5158 0.8409

Yes Yes Yes Yes Yes

0.5005 0.5004 0.4996 0.4993 0.4993

0.5501 0.6218 0.6398 0.3725 0.3525

Yes Yes Yes Yes Yes

Second binary derivative (D2) test (N = 399,998) LEA 200,188 199,999 A5 200,155 199,999 RC4 199,851 199,999 Rabbit 199,717 199,999 Sober 199,705 199,999

Binary Derivative test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 2. It can be derived from the results given in Table 2, none of the sequences fail the first and second binary derivative test because all of the significance probabilities are all greater than 0.001. The equal number of ones and zeros in the first binary derivative stream indicates that the original stream contains an equal proportion of overlapping four 2-tuples, (0 0), (0 1), (1 0), (1 1). It can be observed from Table xx, the stream ciphers RC4 and Sober then LEA and Rabbit results seems to be less patterned than the others. The equal number of ones and zeros in the second binary derivative stream indicates that the original stream contains an equal proportion of overlapping eight 3-tuples, (0 0 0), (0 0 1), (1 0 0), (1 1 0), (0 1 1), (0 1 0), (1 0 1), (1 1 1). Also, it can be observed from Table xx, the stream ciphers RC4 and then LEA results seems to be less patterned than the others.


6

H.M.S. El Hennawy et al. Table 3 Algorithm


Results of change point test. Test parameters Change point

Number of ones before

Proportion of ones before

Proportion of ones after


Satisfy

222,886 265,864 129,267 215,662 229,480

111,150 132,539 64,849 107,625 115,303

0.4987 0.4985 0.5017 0.4990 0.5025

0.5008 0.5011 0.4995 0.5032 0.4993

0.4257 0.3488 0.4716 0.0304 0.1432

Yes Yes Yes Yes Yes

Change point test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 3. It can be derived from the results given in Table 3, all of the sequences satisfy the change point test. The proportion of ones and zeros are almost equal before and after the maximum change point. There is no change in the proportion of ones throughout the whole stream. These sequences give satisfactory results to the frequency test, First Binary derivative test, second Binary derivative test, and also the change point test. They are considered to generate equal number of the overlapping 3-tuples.

Table 4 Algorithm


Results of sub-block test. Test parameters Sub-block size

Chi-square value

Degree of freedom


Satisfy

2 2 2 2 2

0.5600 2.1209 1.4407 9.1120 3.1295

3 3 3 3 3

0.9055 0.5477 0.6960 0.0278 0.3721

Yes Yes Yes Yes Yes

Sub-block test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 4. It can be observed from the results given in Table 4, all of the sequences satisfy the sub-block test. For the sub-block size 2, a test of uniformity is applied. The proportion of non-overlapping 01, 11, 10, 00 are equal. It indicates that there is no uniformity or such patterns in these streams.

Table 5 Algorithm


Results of Runs test. Test parameters Number of runs

Number of blocks

Number of gaps

Chi-square value

Degree of Freedom


Satisfy

200,190 200,302 200,100 200,745 199,795

100,095 100,151 100,050 100,373 99,898

100,095 100,151 100,050 100,372 99,897

21.0619 24.0537 23.8395 33.3319 21.2072

30 30 30 30 30

0.8859 0.7696 0.7792 0.3083 0.8813

Yes Yes Yes Yes Yes

Runs test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 5. It can be observed from the results given in Table 5, all of the sequences satisfy the Runs test. The number of blocks, consecutive ones, and the number of gaps consecutive zeros, is almost equal. It indicates that there is no uniformity or such patterns in these streams.

3.2.2. Binary derivative test The binary derivative is a new stream formed by the exclusive-or operation on successive bits in the stream. Successive binary derivative streams may be obtained from each new binary derivative, each one being of length one less than its predecessor. The frequency test applied to the original stream and its first binary derivative is equivalent to testing for an equal number of the four overlapping two-tuples in the original stream. The frequency test applied to the original stream, its first and second binary derivatives, along with the change point test is equivalent to testing for an equal

number of the eight overlapping three-tuples in the original stream. The result is displayed in Table 2. 3.2.3. Change point test Test for a significant change in the proportion of ones throughout the stream. At each bit position in the stream the proportion of ones to that point is compared to the proportion of ones in the remaining stream. The bit where the maximum change occurs is called the ‘change point’. This test determines whether this ‘change’ is significant. This checks that there is an equal number of


LEA: Link Encryption Algorithm New Proposed Stream Cipher Algorithm Table 6

7

Results of sequence complexity test.

Algorithm

Test parameters


Sequence complexity

Threshold Value

Mean value

Satisfy

1440 1438 1437 1438 1440

1400 1400 1400 1400 1400

1415 1415 1415 1415 1415

Yes Yes Yes Yes Yes

Sequence complexity test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 6. It can be observed from the results given in Table 6, all of the sequences satisfy the sequence complexity test. The numbers of sequence complexity are considered as the number needed to recover the original sequence. It should be greater than threshold value and close to the mean value.

Table 7

Results of linear complexity test (N = 20,000). Algorithm

Test parameters Linear complexity

Linear complexity number of jumps

Linear complexity jump size

LC Expected LC Significant Probability P Number of Jumps Expected Number of Jumps Significant Probability P Chi-square value Degree of freedom Significant Probability P Satisfy

LEA

A5

RC4

Rabbit

Sober

10,002 10,000 0.9739 5030 5000 0.7257 9.1323 8 0.3313 Yes

10,001 10,000 0.8341 4988 5000 0.4052 9.6196 8 0.2927 Yes

10,000 10,000 0.5000 5047 5000 0.8264 8.1244 8 0.4214 Yes

10,001 10,000 0.8341 5029 5000 0.7190 14.5572 8 0.0683 Yes

10,000 10,000 0.5000 4931 5000 0.0838 6.2324 8 0.6212 Yes

Linear complexity test comparison applied to LEA stream cipher output and other known algorithms are shown in Table 7. It can be observed from the results given in Table 7, all of the sequences satisfy the linear complexity test, all of the sequences satisfy the linear complexity-number of jumps test, and all of the sequences satisfy the linear complexity-jump size test. The expected numbers of linear complexity are considered as the half numbers of the sequence. The observed numbers of linear complexity should be as large as possible. It is derived from Table 7, that, the stream cipher LEA is more complex and difficult to be detected.

Table 8 Link Encryption Algorithm (LEA), performance comparison results. Input size (bytes)

DES

3DES

AES

BF

LEA

20,527 36,002 45,911 51.200 59,852 69,545 79,776 87,968 96,160 103.056 Average time/samples Bytes/s

2 4 5 6 7 9 10 11 12 13 8 7988

7 13 17 20 23 26 31 34 37 40 26 2663

4 6 8 10 11 13 15 17 18 19 12 5320

2 3 4 5 6 7 7 8 8 10 6 10,167

2 4 5 6 7 8 8 8 8 12 7 9.285

Table 8 proves the superiority of Blowfish algorithm over other algorithms in terms of processing time, and secondly LEA consumes less time just after Blowfish algorithm. Another point can be noticed here that 3DES requires always more time than other algorithms because of its triple phase encryption characteristic. The performance results of Table 8 prove that the implementation of LEA encryption algorithm in software achieves competitive performance and some times better performance compared with the others in terms of throughput.

Figure 5 Design Implementation performance, Comparative execution times of LEA encryption algorithm and popular secret key algorithms. It displays the performance comparison results of LEA algorithm and four other well-known public algorithms. It proves that the LEA encryption algorithm achieves competitive performance compared with the others in terms of throughput ðBytes n SÞ.

overlapping three-tuples for streams which have passed the frequency test on the original stream and also on the first two binary derivatives. Change point test result is displayed in Table 3.


8 3.2.4. Sub-block test Test for the uniformity of non-overlapping sub-blocks of a chosen length. For sub-block sizes up to 16 the ‘uniformity test’ requires a sample of at least 5 * b * 2^ (b) bits, where b is the sub-block size. For sub-block sizes bigger than 16 the ‘repetition test’ is applied. This test requires a sample of b * 2^ (b/2 + 3) bits. Consult the manual for recommended upper limits on the sub-block size. Sub-block test result is displayed in Table 4. 3.2.5. Runs test Test the distribution of run lengths, assuming the data satisfies the frequency test. A ‘block’ is a run of ones and a ‘gap’ is a run of zeros. The runs test compares the distribution of block and gap lengths with that expected for a binomial population in which the probability of a one is a half. This supports Golomb’s postulates for which half the runs have length 1, a quarter has length 2, and an eighth has length 3, and so on. Runs test result is displayed in Table 5. 3.2.6. Sequence complexity test Test that there is a sufficient number of new patterns encountered throughout the stream. A stream with a sequence complexity measure below a given ‘threshold’ value is considered non-random. An average value of sequence complexity for a stream of this length is also calculated. Sequence complexity test result is displayed in Table 6. 3.2.7. Linear complexity test Every finite stream can be produced by a Linear Feedback Shift Register (LFSR). The linear complexity test checks for the minimum amount of knowledge (bits) needed to reconstruct the whole stream. Tests are applied to the linear complexity of the stream, and on the ‘‘’linear complexity profile’’ which follows the change in linear complexity as each new bit is added. Linear complexity test result is displayed in Table 7. 4. Design implementation performance Nowadays, the computational approach is widely recognized as the complement to the scientific analysis [2]. The LEA stream cipher has been designed with dedicated software implementation. The popular secret key algorithms including DES (Data Encryption Standard), 3DES (Triple Data Encryption Standard), AES (Advanced Encryption Standard), BF (Blowfish), were implemented, and their performance was compared with our LEA algorithm by encrypting input files with varying contents and sizes. Algorithms were implemented in a uniform language (C), C++ programming language, where they have conducted it on a 2.4 GHz Pentium 4 PC processor using 512 Mbyte RAM, using their standard specifications, to compare LEA algorithm with other algorithms performance. Here, our goal is to measure the Encryption and Decryption speed of LEA algorithm and compare it with most popular symmetric key algorithm with different packet sizes. Encryption time is used to calculate the throughput of an encryption scheme, it indicates the speed of encryption. The throughput of the encryption scheme is calculated by dividing the total plaintext in bytes encrypted on the total encryption

H.M.S. El Hennawy et al. time for each algorithm in seconds. As the throughput value is increased, the power consumption of this encryption technique is decreased. All the implementations were exact to make sure that the results will be relatively fair and accurate. The Simulation program accepts three inputs: Algorithm, Encryption keys, and Plaintext. After a successful execution, the performance results of data generated, encrypted and decrypted are shown in Table 8. Table 8 proves the superiority of Blowfish algorithm over other algorithms in terms of processing time, and secondly LEA consumes less time just after Blowfish algorithm. The performance results of Table 8 are displayed in Fig. 5 proves that the implementation of LEA encryption algorithm in software achieves competitive performance and some times better performance compared with the others in terms of throughput ðbytes n sÞ. 5. Conclusions In this paper, we proposed a new software-efficient stream cipher with 128-bit key length. As illustrates, the proposed cipher implementation achieves competitive performance and some times better performance compared with the others. The complete diffusion requirement is satisfied after a single round. The influence of individual plaintext or key bits should spread over all the ciphertext bits, so that the change in one plaintext or key bit causes the change of about 50% of the ciphertext bits, uniformly distributed all along the ciphertext. The similarity of encryption and decryption means that in order to decrypt LEA cipher it is enough to repeat the same transformations performed throughout the encryption process. As we are dealing with an involution, its repeated application with suitable keys, leads to the original data. A complete description of the algorithm structure, an evaluation of its security properties and software performance comparison were given. From security analysis, we are sure that proposed cipher has enough security. Further, algorithm provides a good combination of security features. However, the extensive security analysis of any new cipher requires a lot of efforts from many researchers. We thus invite and encourage the readers to analyze the security of our algorithm. Intriguingly present has implementation requirements similar to many compact stream ciphers. As such, we believe it to be of both theoretical and practical interest. Like all new proposals, we discourage the immediate deployment of present but strongly encourage its analysis. Finally we explicitly state that LEA algorithm is available and not covered by any patent in the world. References [1] Sen Jaydip. Applied cryptography and network security, by InTech; 2012. [2] Zoran Constantinescu. Advances in grid computing, by NC-SA 3.0; 2011. [3] Hu Qi. Stream ciphers and linear complexity. Master thesis, University of Singapore; April 2007. [4] Crama Y, Hammer P, editors. Boolean models and methods in mathematics, computer science, and engineering. Cambridge University Press; 2010. .


LEA: Link Encryption Algorithm New Proposed Stream Cipher Algorithm [5] Pieprzyk J, editor. Advances in cryptology – Asiacrypt 2008, vol. 5350 of lecture notes in computer science. IACR, Springer; December 2008. [6] Helleseth T, Ronjom S. A new attack on the filter generator. IEEE Trans Inform Theory 2007;53(5):1752–8, May. [7] Courtois NT. Fast algebraic attacks on stream ciphers with linear feedback. In: Boneh D, editor. Advances in cryptology – Crypto 2003, vol. 2729 of lecture notes in computer science. IACR, Springer; August 2003. [8] Siegenthaler T. Decrypting a class of stream ciphers using ciphertext only. IEEE Trans Comput 1985;C-34(1):81–5. [9] Hawkes P, Rose G. Guess and determine attacks on SNOW. In: Selected area of cryptography. SAC2002, LNCS 2595; 2002. [10] Ahmadi H, Eghlidos T, Khazaei S. Improved guess and determine Attack on SOSEMANUK, Tehran, Iran; 2006. . [11] Krause M. BDD-based cryptanalysis of Keystream generators. In: Knudsen L, editor, Advances in cryptology – EUROCRYPT 2002, vol. 2332 of lecture notes in computer science. SpringerVerlag; 2002. [12] Cao Yuchen, Zhou Yongbin, Yu Zhenmei. On the negative effects of trend noise and its applications in side-channel cryptanalysis. Cryptology ePrint Archive, Report 2013/102; 2013. . [13] Dawson E, Clark A, Gustafson H, May L. CRYPT-X’98, User Manual. Queensland University of Technology; 1999. [14] Hawkes P, Rose G. The T-class of SOBER stream ciphers. Technical report, QUALCOMM Australia, Suite 410 Birkenhead Point, Drummoyne, NSW 2047 Australia; 1999. . [15] Boesgaard Martin, Pedersen Thomas, Vesterager Mette, Zenner Erik. The Rabbit stream cipher, design and security analysis. Cryptology ePrint Archive, Report 2004/291; 2004. . [16] Basu Riddhipratim, Ganguly Shirshendu, Maitra Subhamoy, Paul Goutam. A complete characterization of the evolution of RC4 pseudo random generation algorithm. J Math Cryptol 2008:257–89. [17] Amiri M, Mahdavi M, Mirzakuchaki MS. QCA implementation of A5/1 stream cipher. In: Proceedings of the second international conference on advances in circuits. Electronics and microelectronics; 2009. p. 48–51.

9 Hadia Mohamed Said Hamed El Hennawy completed his bachelor’s degree in June 1972, master’s in September 1976 and doctoral in April 1982. He was working as Dean from August 2005 to July 2008.

Alaa Eldain Abdelrahman Omar completed his master’s degree in April 1990, M.Phil. in April 1993 and doctoral in January 1994.

Salah Mohamed Kholaif completed his master’s degree in June 2008.
