8/6/2019 Paper on Image Security

1/8

IMAGE SECURITY USING MODIFIED ADVANCED ENCRYPTION

STANDARD ALGORITHM (MAES)

Kishore.V N.Umamaheswara Rao

Dept. of ECE, Professor, Dept. of ECE,

Vardhaman College of Engineering Vardhaman College of Engineeringkishore.vennela@gmail.com numrao_natti@yahoo.com

Abstract

Security in transmission storage of digital images has

its importance in today's image communications and

confidential video conferencing. Advanced

Encryption Standard (AES) is a well known block

cipher that has several advantages in data

encryption. However, it is not suitable for real-time

applications. In this paper, we present a modification

to the Advanced Encryption Standard (MAES) to

reflect a high level security and better image

encryption. The modification is done by adjusting theShiftRow phase. Experimental results verify and

prove that the proposed modification to image

cryptosystem is highly secure from the cryptographic

viewpoint. The results also prove that with a

comparison to original AES encryption algorithm the

modified algorithm (MAES) gives better encryption

results in terms of security against statistical attacks.

Keywords:

AES, MAES, image encryption, security analysis

I. INTRODUCTION

Extensive research has been done in the areas of

improving encryption standards, providing betterhardware as well as software architecture for

implementing security and keeping the cost sensitivity,

low disk space and the energy constraints in check. This

can be implemented using hardware and software. The

advantages of software implementation are portability

and flexibility but it offers only limited physical security,

especially with respect to key storage and speed. When

data is integrated in the design, the hardwareimplementation is more physically secure and performs

in a high speed but has a limited flexibility. The Data

Encryption Standard (DES) which was used earlier for

data encryption is being replaced with Advanced

Encryption Standard (AES), because DES uses only a

very small 56 bit key length. The longer the key length,

the more secure is the key. Using larger key lengthmakes more possible keys to search, which makes the

algorithm to be more secure. AES has larger key length

and has been efficiently implemented both in hardware

and software. The National Institute of Standards and

Technology (NIST) on January 2, 1997 invited proposals

for new algorithms for the AES, where both hardwareand software performance measures were also included

in their efficiency testing. In October 2000, NIST had

chosen Rijndael as the Advanced Encryption Algorithm

which was designed by Joan Daemen and Vincent

Rijmen. This project primarily focuses on AES

encryption algorithm of key length 128 bit, briefs itsarchitecture, and evaluates the performance of the

algorithm using software models with slightmodifications to improve the security level.

II. AES ALGORITHM

AES algorithm can be operated in four modes,Electronic Code Block mode (ECB), Cipher Block chain

mode (CBC), Cipher feedback (CFB), Output Feedback

(OFB). In ECB mode, data block is directly encrypted to

form the cipher text and other three modes belong tofeedback. ECB mode can be achieved with high speed as

it can simultaneously process multiple blocks. Based on

this looping structure, the following architecture options

were investigated so as to yield optimization of AESalgorithm as iterative looping.

The Rijndael AES algorithm uses a symmetric key block

cipher both in encryption and decryption. At the start of

encryption, input is copied to the State array. State array

is nothing but a 4 x 4 matrix of bytes. The encryption

algorithm encrypts one block of data at a time to produce

the encrypted data block with the use of a secret key.

The decryption is simply the reverse of the encryption,and each operation is the inverse of the corresponding

one in encryption. The data block length is fixed to 128

bits, while the key length can be 128, 192, or 256 bits.

Each data block is rearranged in a matrix form. AES

algorithm is an iterative algorithm and each iteration is

called a round. The number of bytes in a row of key

length is given by equation

8/6/2019 Paper on Image Security

2/8

8r

LNB

=

where, N is the number of bytes, L is the block length inbits, and Br is the number of rows in a state array matrix.

Each round is iterated 10 times for a 128-bit length key,

12 times for a 192-bit key and 14 times for 256 bit key

with 4,6 and 8 bytes in a row of key lengths respectively.Each round uses four transformations and inverses but

finalround excludes MixColumn transformations.

The flow of the AES encryption process is given with

Figure 1 in which the there will be existence of

variability in the round elements based on the round

number Nr. The value of the number of rounds willdecide the required key length which in turn increases

the security as well as the complexity.

Figure1. Flowchart of AES Encryption

A. AES structure:

AES is an iterated block cipher where it repeats set of

transformations called a round transformation :

AES (State,CipherKey)

{

KeyExpansion(CipherKey,ExpandedKey);

AddRoundKey(State,ExpandedKey[0]);

For(i=1;i< ;i++)

Round (State,ExpandedKey[i]);

FinalRound (State,ExpandedKey[ ]);

}

The round transformation is consisting of four different

transformations:i) The ShiftRow transformation: the rows of the State are

cyclically shifted over different offsets.

ii) The MixColumn transformation: the columns of the

State are considered as polynomials over GF (28) and

multiplied modulo x4 +1 with fixed polynomial c( x ).

iii) The Round Key addition: a Round Key is applied to

the State by a simple bitwise XOR.iv) The ByteSub transformation: is a non-linear byte

substitution, operating on each of the State bytesindependently depending on substitution table (or S-box)

which is invertible and is constructed by the composition

of two transformations:

a) First, taking the multiplicative inverse in GF(28).

b) Then, applying an affine (over GF(2) ) transformation.

A round can be represented as follows:Round(State , ExpandedKey[i])

{

SubBytes(State);

ShiftRows(State);

MixColumns(State);

AddRoundKey(State,ExpandedKey[i]);

}

The final round of the cipher is slightly different asbelow which misses the MixColumns stage:

Round(State,ExpandedKey[ ]){

SubBytes(State);

ShiftRows(State);

AddRoundKey(State,ExpandedKey[ ]);

}

III.DATA UNIT AND BLOCKS SPECIFICATION

The data to be encrypted is represented as matrix of bytes called State Matrix. The AES process will be

initiated & each matrix value is byte valued. After the

representation of the input data as a matrix the individual

column elements form WORD which is of value 4 bytes.

This word representation will be very helpful whilegoing for the key generation which is essential for

symetric cryptography.

A. AddRoundKey

8/6/2019 Paper on Image Security

3/8

During each round of an AES process, a separate 128-bit

round key is used. The round keys are derived from the

cipherkey using a key expansion routine. The

AddRoundKey operation is a simple bit-by-bit XOR

operation between the state and the round key. An AES process requires a total of Nr+1 AddRoundKey

operations, as an additional 'initial' AddRoundKeyoperation is performed prior to the round operations. For

an AES encryption process this initial AddRoundKey

operation XORs the plaintext with the cipherkey. There

is a need for an additional AddRoundKey operation

during an AES process, as there are Nr rounds and Nr+1

subkeys.

B. SubBytes and InvSubBytes

The Substitution mechanism in AES is done for each

byte & only one table is used for every byte, which

means that if two bytes are same, their transformation is

also same. The transformation is defined by either a tablelook-up process or mathematical calculation in theGF(28) field. The substitution box for SubBytes

transformation is derived from GF(28) field by taking

predefined irreducable polynomial ( polynomial which

will have no factors). The contents of the state box are

substituted with reference to the SubBytes

transformation table as shown in Fig.2.

Fig2. SubByte Transformation

The irreducible polynomial to derive the elements of the

substitution table by GF(28) field defined as X8 + X4 +X3

+ X +1 and as steps the process is discribed for

SubByte process.

Finding the Multiplicative Invers of the Byte

value.

Byte to Matrix conversion.

Matrix multiplication with constant square

matrix X

Matrix Addition of above result with the

column matrix y, which cosists the initial value for

combination 00, the 1X1 element in subByte

transformation table.

Ex: 63, the 1X1 element

Matrix to byte conversion.

For the InvSubBytes process steps will be carries in

reverse manner with inverse value of the

constant matrix X. by modifying 1X1 elementor the constant matrix, the respective table byte

value will changes. This gives more security ina simple manner for the entire AES process.

C. ShiftRows and InvShiftRows

The Shift Rows operation changes the order of bytes in

each row of the state. The Row0 is not affected by this transformation. The second row i.e

Row1 is shifted cyclically to left by one byte,

the Row2 by two and the Row3 by three bytes

as seen in Figure3. The inverse operationInvShiftRows is quite similar in style, with

only the cyclic shifts made to the right.

Fig. 3. Shift and inverse Shift row transformation

D. MixColumns and InvMixColumns

MixColumns is a 32-bit operation that transforms four

bytes of each column in the state. The new bytes of the

column Sr,c are obtained by the given constant matrix

multiplication in GF(28). If the polynomial

representation of binary numbers is used, themultiplication process is carried as shown in Fig.4.

where Snc (n=0 to 3) represent the original byte column

8/6/2019 Paper on Image Security

4/8

in the state matrix and Snc(n=0 to 3) represent

corresponding modified state matrix column values.

Fig.4. Mix Columns Representation

E. Key Generation:

The key expansion routine is used to generate the

roundkeys from the cipherkey. The AES standard

defines the key expansion operations on four byte wordscalled wi. A subkey is composed of four such words. The

key expansion for AES-128 is relatively straightforward:

1. The first subkey (w3, w2, w1, w0) corresponds to the

cipher key itself.

2. The following words wi are calculated recursively

from this initial set of words using a simple XORfunction: for all values of i that are not multiples of 4 i.e.

if (I mod 4) 0 then W i = W i-1 xor W i-4

3. For the words with indices that are a multiple of 4

(w4k), a special transformation is used. First, the byte

ordering of w4k-1 is changed by cyclic left shift, and then

the SubBytes function is applied to all four bytes. In theAES standard these operations are named RotWord and

SubWord respectively. The result is XOR'ed with W i-4and a round constant Rconi/4 applied within a constantt.

If (I mod 4) =0, W I = t xor W i-4 , Here t is a

temporary word is a result of applying mentioned two

routines, SubWord & RotWord on Wi-1 & XORing the

result with a Round Constants Rcon. The final value of

the temporary wordt is given to be:

T=SubWord (RotWord (W i-1)) xor Rcon i/4

For AES-128 version with 10 rounds there are total 44

Words and as a schematic the key expansion can be

shown in Fig.5. As in the figure the original key is of

16bytes i.e. 128 bit in length from which round key are

generated. Where ti temporary words for i=4 Nr, where

Nr is Number of rounds, i is round value and is carried

as shown in Fig6.

Fig5. Key Expansion

Fig.6. Temporary word generation

F.Temporary word generation:

The temporary word plays a vital role in the key

expansion process and strong cryptographic nature isachieved by means of proper temporary word generation.

Even though the generation seems new but includes the

concepts of Sub Bytes and shifts. As a whole the process

includes Round constants which in turn depend on

Galois field used. The field GF(28) defines an irreducible

polynomial in order to generate the S-Box elements

which is going to be discussed in following sections.

Basically the temporary word t generation involves

three sub routines:

RotWord: The RotWord (rotate word) routine is similar

to Shift Rows transformation, but only applies to one

row. It takes 4 byte word array at a time and shifts each

byte to the left with wrapping.

SubWord: The SubWord (substitution word) routine is

similar to Sub Bytes transformation, but it is applied

only for four bytes. The routine takes each byte in theword and substitutes another byte for it.

8/6/2019 Paper on Image Security

5/8

Round Constants: Each Round Constant, RCon, is a 4-

byte value in which right most three bytes are always

zero.The generation of these Round Constant values can

be understandable by means of GF (28) to calculate the

leftmost byte dynamically as given in the followingexample. Consider case of generation of Round Constant

for the round 9. For this we need to carry the modulodivision operation on x9-1 = x8 with the irreducible prime

x8+x4+x3+x+1. i.e.

IV. SUBSTITUTION BOX DESIGN

The s-box design shows how much the algorithm is

cryptographically strong and how the encryptions of data

(which can be text or image) have level of security.Changing the initial value i.e. 1st row and 1st column

corresponding element, changes entire elements in thestate box. In AES, the initial value is taken to be 63.

A. State matrix representation:

In this section let us see how a 16 character block can be

shown as a 4X4 matrix. Assume that the text block is

AES uses a matrix. We add two extra characters at the

end to complete the 16 elements required to fill the state

matrix. The result will be AESUSESMATRIXZZ.

Now replace each character with an integer between 00and 25. Then we represent each byte as an integer with

two hexadecimal digits. For example S is changed to

18 and its corresponding hex equivalent is 1216. The state

matrix is filled up column by column as shown in Fig.7

Fig.7. Changing text to hexadecimal and to state matrix

B. Transformation using GF (28) Field

The byte substitution process either by SubBytes or a

mathematical calculation in the GF(28) field is used at

the encryption site. In SubBytes to substitute a byte, we

interpret the byte as two hexadecimal digits as

mentioned earlier. The left digit defines the row and

right digit defines column of the substitution table.

Although we can use substitution table to findsubstitution for each byte, AES also defines the

transformation algebraically using the GF(28) field with

irreducible polynomials x8+x4+x3+x+1.

The SubBytes transformation repeats a routine called

subbyte, sixteen times, in which multiplicative inverse ofthe byte is found in GF(28) with irreducible polynomial

as the modulus. Note that if the byte is 00 16 its inverse is

itself. The inverted byte is then interpreted as a column

matrix with the least significant bit at the top and most

significant bit at the bottom. this column matrix ismultiplied by a constant square matrix, X, and the result,

which is a column matrix. This is added with a constant

column matrix, y, to give a new byte. note that

multiplication and addition are done in GF(2). The

invsubbyte is doing the same thing in reverse order.

In encryption, multiplication is first and addition is

second; In the decryption, subtraction (addition by

inverse) is first and division (multiplication by inverse)

is second. Let us show how the byte 0C is transformed

to FE by subbyte routine and transformed back to 0C bythe invsubbyte routine.

subbyte:

a. The multiplicative inverse of 0C in GF(28) fieldis B0 i.e. 10110000

b. Multiplying matrix X by this matrix results incolumn matrix [c0 c1 c7]

c. The result of XOR operation with initialelement 63 (0110 0011) arranging byte in sucha way that MSB on the top and LSB at bottom.

The result is FE in hexadecimal.

invsubbyte:

a. The result of XOR operation will be columnmatrix

4 3

161 00011011 (1 ) x x x B= + + + = =

8 8 8 4 3mod mod( 1) x prime x x x x x= + + + +

8/6/2019 Paper on Image Security

6/8

b. The result will be multiplied with matrix X-1 andyields to value B0

c. The multiplicative inverse of B0 is 0C

C. Multiplicative Inverse

Bytes which are to be transformed to new bytes by

means of GF(28) use Extended Euclidian algorithm tofind the multiplicative inverse of the byte value. From

the definition, two numbers a and b are the multiplicative

inverse to each other if

a x b 1(mod n)

For example, if the modulus is 10, then the

multiplicative inverse of 3 is 7. In other words, we have(3x7) mod 10 =1.

In a set of least residue modulo n represented by Zn, we

can prove that a has multiplicative inverse in Zn if and

only if gcd(n,a)=1. In this case, a and n are said to be

relatively primes.

D. Extended Euclidian algorithm:

Given two integers a and b, we often need to find othertwo integers, s and t, such that

Extended Euclidian algorithm can calculate the gcd (a,b)and at the same time calculate the values of s and t. The

algorithm flow can be depicted based upon pseudo code

in which the algorithm uses three sets of variables, rs,

ss and ts . In each step r1, r2 and r have the same

values. The variables r1 and r2 are initialized to values a

and b, respectively. The values of the variables s1 and s2

are initialized to 1 and 0 respectively. The variables t1

and t2 are initialized to 0 and 1 respectively. Thecalculations of r,s and t are similar with one warning.

Although r is the remainder of dividing r1 by r2, there is

no such relationship between the other two sets. There is

only one quotient, q, which is calculated as r1/r2 and

used for other two calculations.

V. PRINCIPLES OF THE PROPOSED ALGORITHM

In the process of image security using AES

cryptographic method, there exist some challenging

issues viz. statistical and brute force attacks, memory

space requirements and execution speed. To improve the

efficiency of the algorithm in the view of security as wellas not affecting the speed and the memory space

requirements various modifications are carried. Themajor modifications are at the modules the substitution

box (S-BOX) design which is required at Sub Bytes

stage, choosing some other constant matrix at the stage

of matrix multiplication and shift row processing stage.

Among all these stage modifications in shift row

transformation is effective in the sense of fast executionand complexity when compared to the modifications that

are carried with other modules. Even though the

modifications in other modules rather than shift rows

give reasonable performance, they lag at the point of

memory requirements and circuit complexity.

A. Modified AES

In regular AES algorithms shift row transformation

stage, the bytes in the last three rows shifted over 1, 2 &

3 respectively. In the case of MAES, the modified

version of Advanced Encryption Standard, followingprocedure is followed for transformation.

Step 1: Examine the value of the first Row & first

Column, State [0][0] value is even or odd.

Step 2: If it is odd, The Shift Rows step operates on the

rows of the state matrix; it cyclically shifts the bytes in

each row by a certain offset. For MAES, the first & third

rows

Fig8.a. Shift Rows Operation if S [0, 0] is ODD

gcd( , ) s a t b a b + =

8/6/2019 Paper on Image Security

7/8

i.e Row0 & Row 2 are unchanged & each byte of Row1

is shifted one to left. Similarly, the Row3 is shifted three

to the left respectively as shown in Fig8.a.

Step 3: If it is even, the Shift rows step operates on the

rows of the stage; it cyclically shifts the bytes in each

row by a certain offset. The first & fourth i.e. Row0 &

Row3 are unchanged and each byte of Row1 is shiftedthree to the right. Similarly, the Row2 is shifted by two

respectively on to the right as shown in Fig8.b. With this

modification in the algorithm required level of security

can be achieved.

Fig8.b. Shift Rows Operation if S [0, 0] is EVEN

VI. EXPERIMENTAL RESULTS

Results of some experiments are given to prove its

efficiency of application to digital images. We use

several images as the original images (plain images).

The encrypted image of Micky image depicted in Figs.9a and 9b. The ciphered image in fig9 is because of the

application of regular AES algorithm. As shown, the

encrypted image (cipher image) region is totally visible

which shows that the ciphered image is under bruteforce

attack. The application of the Modified AES on the same

image solves this problem and the encrypted as well as

decrypted images are shown in Figs. 10a, 10b & 10c.

The visual inspection of Fig10 shows the possibility ofapplying the proposed MAES successfully in both

encryption and decryption. Also, it reveals itseffectiveness in hiding the information contained in

them.

a) Original image b) Encrypted image

Fig. 9 Application of the AES algorithm to Mickey plain

image

a) Original image b) Encrypted c) Decrypted

Fig.10 Application of the MAES algorithm to Mickey

plain image/cipher image

VII. CONCLUSION

In this paper a modified version of AES, namely MAES,

is proposed. The modification is done by adjustingShiftRow phase. The proposed cryptosystem does not

require any additional operations rather than the original

AES. We have shown that MAES gives better

encryption results interms of security against statistical

attacks. The secutiy level can be further increased byselecting a simple valid modification in the modules

existing. As an example the dynamic S-Box selection for

key genertion and Subbyte modulE operation.

8/6/2019 Paper on Image Security

8/8

VIII. REFRENCES

[1] J. Daemen and R.Rijmen, AES Proposal:Rijndael, version 2, 1999.http://www.esat.kuleuven.ac.be/~rijmen/rijnd

ael.[2] Advanced Encryption Standard(AES),Federal Information Processing StandardsPublication 197, November 26, 2001.[3] A. J. Elbirt, W. Yip, B. Chetwynd, andC.Paar, An FPGA Implementation andPerformance Evaluation of the AES BlockCipher Candidate Algorithm Finalist,The Third AES Conference (AES3), New York,April 2000.http://csrc.nist.gov/encryption/aes/round2/conf3/aes3papers.html.[4]V. Rijmen, Efficient Implementation ofRijndael S-box, http://www.esat.kuleuven.ac.be/~rijmen/rijndael .[5] J. Daemen and R.Rijmen, Rijndael: TheAdvanced Encryption Standard, Dr. Dobbs

Journal, pp. 137139, March 2001.[6] B. Schneier, Applied Cryptography: Protocols,

Algorithms and Source Code in C. John Wiley and Sons,

1996.[7] Federal Information Processing Standards

Publication (FIPS 197), "Advanced Encryption Standard

(AES) ", 26 Nov. 2001

[8] J.J. Amador, R. W.Green Symmetric-Key Block

Cipher for Image and Text Cryptography: International

Journal of Imaging Systems and Technology, No. 3,

2005, pp. 178-188.

http://www.esat.kuleuven.ac.be/~rijmen/rijndael.http://www.esat.kuleuven.ac.be/~rijmen/rijndael.http://csrc.nist.gov/encryption/aes/round2/conf3/aes3papers.htmlhttp://csrc.nist.gov/encryption/aes/round2/conf3/aes3papers.htmlhttp://www.esat.kuleuven.ac.be/~rijmen/rijndaelhttp://www.esat.kuleuven.ac.be/~rijmen/rijndael.http://www.esat.kuleuven.ac.be/~rijmen/rijndael.http://csrc.nist.gov/encryption/aes/round2/conf3/aes3papers.htmlhttp://csrc.nist.gov/encryption/aes/round2/conf3/aes3papers.htmlhttp://www.esat.kuleuven.ac.be/~rijmen/rijndael