A polymorphic advanced encryption standard - A novel approach

Abstract

To secure various forms of data, a polymorphic variant of the Advanced Encryption Standard (P-AES) has been introduced. In the P-AES, the AES parameters' values will change with every new key. The exact values will be available only to legitimate communicating parties during execution time. To achieve these objectives, the basic AES transformations, SubBytes, ShiftRows, and MixColumns, have been made key-dependent in the proposed P-AES. Hence, with every new key, these transformations will operate differently. The receiver can retrieve the operations' details from the encryption key. Consequently, polymorphism has been achieved and interoperability remains intact. P-AES has been implemented seamlessly using the existing AES modules, and the performance was more or less equal to the AES performance (71 and 70 milliseconds to encrypt 500 bytes using the P-AES and the AES respectively). From a security standpoint, the proposed P-AES fully complies with Kerckhoff's principle. This means the cipher has an open design, and the security provided by the P-AES depends only on the secrecy of the encryption key. The cipher resistance to differential and linear attacks has been proved. Moreover, the resulting proposed cipher can operate in 128 different ways, which will significantly reduce the capabilities of any sophisticated attacker. Furthermore, the proposed P-AES's scores of the key avalanche and the plaintext avalanche were 0.496 and 0.504 respectively. Finally, the Statistical Test Suite (STS) recommended by the NIST has been used to ensure the randomness of the cipher output, and the cipher has passed all the STS tests.