Merging of RC5 with AES - Incorporating more

Flexibility and Security to AES

Suhas J Manangi, Parul Chaurasia, Mahendra Pratap Singh
suhasjm@gmail.com, stylishparul@gmail.com, mps_82@aol.in

Department of Computer Science, NITK-Surathkal

Abstract:
This paper proposes a new symmetric/private key
block encryption algorithm, which can process data
blocks of 128 bits, using cipher keys with variable
length and variable word size and variable number of
rounds depending on the level of security needed. The
proposed algorithm is Data Dependent AES and is a
merger of RC5 [1] with AES [2] to inject more
flexibility and security to existing AES. The algorithm
can be used with variable key length, variable word
size and variable number of rotations. These different
flavors are referred as DD-AES (k, w, r).
Key Words: Symmetric Key, Block Ciphers, Private
Key, AES, RC5.

1. Introduction to Existing AES

For the AES algorithm, the length of the input block,
the output block and the State is 128 bits.

2. Introduction to RC5
Encryption and Decryption is shown in the below
Figure 4.

The Encryption and Decryption is described in the

pseudo code in Fig. 2 and Fig. 3:

3. Drawbacks of AES and Merging of RC5

with AES to overcome them:
Mainly 3 drawbacks are identified, these are
explained as below:
1.

In the ShiftRows(), data independent

rotations
are
used
which
brings
predictability in Cipher. This affects the
level of security AES could have provided.
To overcome this data independent rotation
property of AES, a new Data Dependent
AES (DD-AES) algorithm is proposed in
this paper.

12th International Conference on Information Technology

2.

AES is defined only for key length of 128,

192, 256 Bits and 10, 12, 14 rounds
respectively. Depending on the security
needed, key length and number of rounds
should be chosen than considering fixed
parameters. So in DD-AES algorithm length
and rounds are variables.

3.

In AES no care is taken about using the

processor power efficiently. By considering
word size equal to processor registry size,
processor can be better utilized. So for
ShiftRows( ) function and AddRoundKey( )
function if word size is made equal to
processor register size then processor will be
best utilized.

The working of DD-AES is shown in Figure 7 as a

Pseudo Code

4. Algorithm Specification: Data Dependent

AES (DD-AES)
In DD-AES is same as AES except ShiftRows() in
which RC5 properties are included thus improvising
AES to Data Dependent AES.

4.1. Encryption:
At the start of the Cipher, the input is copied to the
State array using the conventions described in Fig.6.

4.1.1. SubBytes( ) Transformation

The SubBytes() transformation is a non-linear byte
substitution that operates independently on each byte
of the State using a substitution table (S-box). This SBox is shown in Figure 8.

For example, if S1, 1 ={53} then the substitution value

would be determined by the intersection of the row
with index 5 and the column with index 3 in
Fig.8.This would result in having S1, 1 a value of
{ed}. Fig. 9 illustrates the effect of the SubBytes()
transformation on the State S.

Manangi, Chaurasia, and Singh: Merging of RC5 with AES ...

4.1.2. ShiftRows( ) Transformation

In this function data dependent rotation of State is
used.
Rot[16] = { S0,0 , S0,1 , S0,2 , S0,3 , S1,0 , S1,1 , S1,2 , S1,3 ,
S2,0 , S2,1, S2,2, S2,3 , S3,0 , S3,1 , S3,2 , S3,3 }
Here to illustrate the working of data dependent
rotation in ShiftRows( ), w= 32, 64 is considered.

4.1.4. AddRoundKey( ) Transformation

In the AddRoundKey() transformation, a Round Key
is added to the State by a simple bitwise XOR
operation. Each Round Key consists of 16 Bytes from
the key schedule (described in Sec 4.1.5). Those 16
bytes are each added into the State, such that: For all
0 <= row < 4 and 0 <= col < 4 and 1 <= round <= r
S[row, col]=S[row, col] A[col+4row+16(round-1)]
4.1.3. MixColumns( ) Transformation
The MixColumns() transformation operates on the
State column-by-column, treating each
Column has a four-term polynomial which is
described in AES algorithm. The columns are
considered as Polynomials over GF (28) and
multiplied modulo x4 + 1 with a fixed polynomial
a(x), given by:
a(x) = {03}x3 + {01}x2 + {01}x + {02}

12th International Conference on Information Technology

4.1.5. Key Expansion

The AES algorithm takes the Cipher Key, K and
performs a Key Expansion routine to generate a key
schedule. The Key Expansion generates a total of
16*r Bytes. Key Expansion is described as shown in
Fig. 14 below.

4.2. Decryption:
At the start of the Decryption, the Input is copied to
the State matrix and after complete decryption State
matrix is copied back into the Output array, using the
conventions described in Fig 6. The working of DDAES is shown in Figure 15 as a Pseudo Code.

4.2.1. InverseAddRoundKey( ) Transformation

In the AddRoundKey() transformation, a Round Key
is added to the State by a simple bitwise XOR
operation. Each Round Key consists of 16 Bytes from
the key schedule (described in Sec 4.1.5). Those 16
bytes are each added into the State, such that For all
0 <= row < 4 and 0 <= col < 4 and 1 <= round <= r
S[row, col]=S[row, col] A[col+4row+16(r-round)]

4.2.2. InverseMixColumn( ) Transformation

InvMixColumns() is the inverse of the MixColumns()
transformation.
It operates on the State column-by-column, treating
each column as a four term polynomial as described
in Sec. 4.1.3. The columns are considered as
polynomials over GF (28) & multiplied modulo x4+ 1
with a fixed polynomial a-1 (x), given by:
a-1 (x) = {0b}x3 + {0d}x2 + {09}x + {0e}.

Manangi, Chaurasia, and Singh: Merging of RC5 with AES ...

4.2.3. InverseShiftRows( ) Transformation

InvShiftRows() is the inverse of the ShiftRows()
transformation.
Rot[16] = { S0,0 , S0,1 , S0,2 , S0,3 , S1,0 , S1,1 , S1,2 , S1,3 ,
S2,0 , S2,1, S2,2, S2,3 , S3,0 , S3,1 , S3,2 , S3,3 }
Here to illustrate the working of data dependent
rotation in InverseShiftRows( ), w=32, 64 is
considered.

5. Incorporation of Flexibility in AES:

1. Flexibility in Key length.

AES comes in only three flavors AES-128,
AES-192 and AES-256, though it is defined
for larger range in the original Rijndael. This
above defined DD-AES has no such
constraints thus can be used with any key
length. Applications and Data needing higher
security can make use of longer key lengths
and
vice-versa
is
also
applicable.

2. Flexibility in Number of Rounds.

AES has fixed number of rounds
depending on the key size used. The above
defined DD-AES eliminates this constraint
also thus making Number of Rounds
dependent on the level of security needed.

3. Flexibility in word size.

4.2.4. InverseSubBytes( ) Transformation

The InverseSubBytes() transformation is a non-linear
byte substitution that operates independently on each
byte of the State using a substitution table (Inverse Sbox). This Inverse S-Box is shown in Fig. 20.

AES has fixed 32 bit word size which

would work inefficiently in any processor
other than 32 bit processors. DD-AES
algorithm which is presented in this paper
introduces flexibility in the word size so
depending on the processor capacity word
size could be fixed thus the flexibility and
efficiency are increased.

6. Incorporation of Higher Security in AES:

1.

The data rotation round in the AES is static

causing Hackers to know which rows rotate
by how many bytes. This introduces some
amount of pit fall in the AES which is
successfully covered in this paper by
introducing data dependent rotations. Thus
security is increased in DD-AES compared to
AES.

2.

Since DD-AES algorithm needs three

parameters to be passed along with the data,
the additional security comes from these
parameters which could also be kept secret
along with the key.

12th International Conference on Information Technology

7. Advantages of Data Dependent AES over

AES:
1.

The data independency of rotations in

ShitRows( ) of AES is solved here by
incorporating data dependent rotation. This
brings in more security to the AES.

2.

AES doesnt take care of word size, if word

size is same as CPU register size then
efficiency of processor would be highest.
This is also taken care in Data Dependent
AES by keeping word size variable.

3.

AES is not very flexible. It provides key

length only 128,192 and 256 Bits and rounds
10, 12 and 14. Depending on security and
speed needed, these should be varying. Data
Dependent AES supports variable key
length and variable number of rounds
depending on the security and speed needed
by the user.

8. Future Works
1.

S-box and Inverse S-Box defined here are

static. Even these can be made dynamic by
making them data dependent or key
dependent. Thus more security can be
achieved.

2.

MixColumns and its Inverse uses static

matrix for transformation. Even this can be
made dynamic and more security can be
incorporated.

9. Conclusion
Data Dependent AES supports variable size key
length, variable number of rounds and variable word
size. By this, the proposed algorithm provides more
flexibility. And data dependent rotations in
ShiftRows() and its Inverse removes predictability,
thus achieves more security. And its future works can
be in removing static nature of S-Box, MixColoumns
and their Inverse.
10. References
[1]. RC5 Encryption Algorithm by Ronald L Rivest,
MIT Laboratory for Computer Science
[2]. Advanced Encryption Standard (AES) Federal
Information Processing Standards Publication 197