Image encryption using aes key expansion

11,640 views

Published on

Published in: Technology
13 Comments
26 Likes
Statistics
Notes
  • could u provide download link for this ....
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • can u please mail it at- racjain11@gmail.com
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • hey buddy i will b greatful if u can mail me some more material related to AES encryption as Even i am planning some related topic to AES for my project....email id
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • dear sreeda pls mail me farhan.vjti@gmail.com
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • plzz send this doc to my id anuece.anu@gmail.com
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
11,640
On SlideShare
0
From Embeds
0
Number of Embeds
32
Actions
Shares
0
Downloads
0
Comments
13
Likes
26
Embeds 0
No embeds

No notes for slide

Image encryption using aes key expansion

  1. 1. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 1CHAPTER 1IntroductionThis chapter gives a brief introduction to Image Encryption and its advantages. The topicscovered are: Introduction to Image Encryption, Problem statement, Objective and scopeof Study, Literature Review and the need for proposed algorithm. Finally, limitations ofthe study and organisation of chapters in this report are given.1.1 General IntroductionA major issue for computer networks is to prevent important information frombeing disclosed to illegal users. For this reason, encryption techniques were introduced.Most encryption techniques have an easy implementation and are widely used in the fieldof information security.During the last decade, the use of computer networks has grown spectacularly,and this growth continues unabated. New networks are being installed and connected toglobal internet. The internet is commonly seen as the first incarnation of an informationsuperhighway. Today, the information transmitted over internet is not only text, but alsocontains multimedia like image, audio etc. Mostly images are used. However, the moreextensively the images are used, the more important their security will be. For example, itis important to protect military image databases, ensure confidential video conferencing,and protect personal online photograph albums.However, with the growth of computer processor processing power and storage,illegal access has become easier. As a result image security has become an importanttopic in the current computer world.Most traditional or modern cryptosystems have been designed to protect textualdata. The original plain-text is converted into cipher-text (hidden form of message) whichis stored or transmitted over network. Upon reception, the cipher-text can be transformedback into the original plain-text by using a decryption algorithm.
  2. 2. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 2However images are different from text. Although the traditional cryptosystems,such as RSA and DES-like cryptosystems may be used, to encrypt images directly, it isnot a good idea for two reasons.One is that the image size is always much greater than that of text. Therefore,the traditional cryptosystems need much time to directly encrypt the imagedata.The second is that, the decrypted text must be equal to that of original text.However, this requirement is not necessary for image data. This is due to thecharacteristics of human perception; a decrypted image containing smalldistortion is usually acceptable.A digital image is defined as a two dimensional (2D) rectangle array. Theelements of this array are denoted as pixels. Each pixel has an intensity value (digitalnumber) and a location address (row, column).An image can be encrypted by combining MATLAB with the encoder. Each pixelin an image is represented by 8 bits, i.e., 1 byte. Using MATLAB the pixel values can beconverted into bytes. These byte values are then used as input to the encoder. The 128 bitencoder then convert this byte into corresponding encoded byte. The encoded bit valuesare then converted into decimal values for pixels. This operation is then repeated for eachpixel to generate a 2D text array corresponding to the pixel value.For protecting the stored 2D data, they must be converted to one dimensional (1D)arrays before using various traditional encryption techniques. The raster sequence ofimage data can be encrypted into blocks by using block cipher or a stream cipher. Aproduct cipher can also be used to encrypt a file of image data. However, it is moreefficient to encrypt an image after employing some compression techniques. This willreduce the computational requirement and also the increases the speed of processing(which is of high importance in real time scenario).1.2Problem StatementThe two main problems that arise in image encryption process are with respect tothe time it takes for its computation and its security level. For real time image encryptiononly those ciphers are preferable which takes lesser amount of computational time
  3. 3. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 3without compromising security. An encryption scheme which runs very slowly, eventhough may have higher degree of security features would be of little practical use for realtime processes. Hence a trade off has to be made.Many encryption methods have been proposed in literature, and the most commonway to protect large multimedia files is by using conventional encryption techniques.Private Key bulk encryption algorithms, such as Triple DES or Blowfish, are not suitablefor transmission of large amounts of data (such as images). Due to the complexity of theirinternal structure, they are not particularly fast in terms of execution speed and cannot beapplied for images in the real time scenario. Also traditional cryptographic techniquessuch as DES cannot be applied to images due to the intrinsic properties of images such asbulk data capacity, redundancy and high correlation among pixels. Image encryptionalgorithms can become an integral part of the image delivery process if they aim towardsefficiency and at the same time preserve the security level.1.3 Objective of the StudyThe three basic characteristics in the information security field: privacy (anunauthorized user cannot disclose a message), integrity (an unauthorized user cannotmodify or corrupt a message) and availability (messages are made available to authorizedusers faithfully).A perfect image cryptosystem is not only flexible in the security mechanism, butalso has high overall performance.The objective of this study is to realise an image cryptosystem that, besides theabove mentioned characteristics, also posses the following characteristics:i. System should be computationally secure i.e., it should have an extremely longcomputation time to break. In other words unauthorized users must not be able toread privileged images.ii. Encryption and decryption should be fast enough not to degrade systemperformance. i.e., the algorithm should be simple enough to be done by users witha personal computer.iii. The security mechanism should be widely acceptable to design a cryptosystemlike a commercial product; and should be flexible.
  4. 4. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 41.4 Related WorksDue to the differences between images and text, a wide variety of cryptographicalgorithms have been proposed for image security.In the paper [2], Kuo proposed an image encryption method - image distortion, whichobtains the encrypted image by adding the phase spectra of the plain image with those ofthe key image. This method is safe but the image is not compressed, thus encryption &decryption is inefficient.In the paper [3], Bourbakis and Alexopoulos developed a new method which performsboth lossless compression and encryption of binary and gray-scale images. Thecompression and encryption schemes are based on SCAN patterns generated by theSCAN technique. SCAN is a formal language-based two-dimensional spatial- accessmethodology which can efficiently specify and generate a wide range of scanning pathsor space filling curves. Here again security is high but no image compression isconsidered.In the paper [4], Chin-Chen Chang, Min-Shian Hwang, and Tung-Shou Chen used one ofthe popular image compression techniques, vector quantization, to design an efficientcryptosystem for images. The scheme is based on vector quantization (VQ),cryptography, and other number theorems. In VQ, the images are first decomposed intovectors and then sequentially encoded vector by vector. Major advantage- simplehardware structure; required bit-rate for VQ is also small.In the paper [5], Fridrich demonstrated the construction of a symmetric block encryptiontechnique based on 2D standard chaotic map. In this paper to encrypt large data filesprivate-key symmetric block encryption schemes are used because public key encryptionschemes are not suitable for encrypting of large amounts of data and archival due to theirrelatively slow performance. Also, the security of public key cryptographic schemes liesin the computational complexity of certain problems, such as factorization of largenumbers or computing of the discrete logarithm problem. Advances in algorithmictechniques, number theory force us to re-encrypt large databases and archives with alonger key to maintain a sufficient degree of security. Here a chaotic map is firstgeneralized by introducing parameters and is then discretized to a finite square lattice ofpoints (image) which represent data items (pixel). The discretized map is further extended
  5. 5. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 5to three dimensions and composed with a simple diffusion mechanism to obtain a blockproduct encryption scheme. The main features of the encryption scheme studied in thispaper are a variable key length, a relatively large block size (several kB or more), and ahigh encryption rate. However, the drawback here is the choices for the ciphering keydepend on the block size. Files with size smaller than 10kB would have to be padded toguarantee sufficiently many encryption keys which will increase the size of the data to betransmitted.In the paper [6], Mitra had used a random combination of bit, pixel, and blockpermutations. The permutation of bits decreases the perceptual information, whereas thepermutation of pixels and blocks produce high level security.1.5 Limitation of the studyThe algorithm for Image Encryption used here is based on 128-bit AES KeyExpansion. To increase the key space 192-bit/256-bit AES Algorithm may be usedin future.Also the S-box used here provides only 70% non linearity to algorithm. Sbox withbetter non linearity may be designed in future to increase the avalanche effect ofencrypted Image.1.6 Chapter OrganisationThe first 2 Chapters of this report, discusses the theoretical concepts required tounderstand the image encryption and its importance. The next 4 chapters deal withintroduction to image cryptosystems and the proposed method to overcome the problemsfaced in real time implementation of image cryptosystems. Last chapter deals withExperimental analysis of proposed method and comparative results. The list of chaptersand brief description of their contents is given below.Chapter 1: Gives the brief idea of image encryption requirements. It explains thescope, literature survey, methodology and overall general view of this study.Chapter 2: Gives a brief background to cryptography and some of the commonterms used in cryptography. It also discusses about the different types of cryptographiesand the types cryptanalysis attacks possible on images.
  6. 6. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 6Chapter 3: Gives a brief overview of some of the image cryptosystemimplemented so far, its efficiency and drawback in regard to real time application.Chapter 4, 5 ,6 & 7 : In these chapters, AES standard, mathematical preliminariesrequired to understand AES Algorithm, AES algorithm with the transformations used andKey expansion schedule ,An example for AES Key Expansion and modification to AESKey Expansion to suite Image Cryptosystems in real time application have beenexplained. The chapter 7 gives Experimental analysis and results of proposed method.
  7. 7. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 7CHAPTER 2Basics of CryptographyThis chapter just gives a basic idea about cryptography and its types, so that the conceptsin image cryptosystems can be understood better. The topics covered are: Definition ofcryptography and cryptanalysis, types of cryptography, types of cryptanalysis attacks forevaluating the security of image cryptosystems.2.1 Terms Used in Cryptography―Cryptography‖ is the science of using mathematics to encrypt and decrypt data. Itenables us to store sensitive information or transmit it across insecure networks (like theInternet) so that it cannot be read by anyone except the intended recipient.While cryptography is the science of securing data, ―cryptanalysis‖ is the scienceof analyzing and breaking secure communication. Classical cryptanalysis involves aninteresting combination of analytical reasoning, application of mathematical tools, patternfinding, patience, determination, and luck. Cryptanalysts are also called as attackers.Cryptology embraces both cryptography and cryptanalysis.Cryptography can be strong or weak; its strength is measured in the time andresources it would require to recover the plain-text. The result of strong cryptography iscipher-text that is very difficult to decipher without possession of the appropriatedecoding tool.A cryptographic algorithm, is a mathematical function used in the encryption anddecryption process. it works in combination with a key—a word, number, or phrase—toencrypt the plain-text. The same plain-text encrypts to different cipher-text with differentkeys. The security of encrypted data is thus entirely dependent on two things: the strengthof the cryptographic algorithm and the secrecy of the key.A cryptographic algorithm, plus all possible keys and all the protocols that make itwork comprise a ―cryptosystem‖.
  8. 8. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 82.2 Types of cryptographyCryptography is usually of two types based the type of key used. They are: Secretkey & Public key Cryptography.2.2.1 Secret key Cryptography It is also known as Conventional or Symmetric Cryptography. Here same key is used for encryption & decryption as shown in figure 2.2.1(a). Example: DES (Data Encryption Standard).Figure 2.1 Conventional encryption/decryption. Advantages of conventional cryptography are,i. It is very fast.ii. It is especially useful for encrypting data that is to be stored securely andnot transmitted. Main problem in conventional or secret key cryptography is ―Key Distribution‖.For a sender and recipient to communicate securely using conventionalencryption, they must agree upon a key and keep it secret between themselves. Ifthey are in different physical locations, they must use some secure communicationmedium to prevent the disclosure of the secret key during transmission else a thirdparty intercepting the key in transit can later read, modify or forge all informationencrypted.
  9. 9. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 92.2.2 Public Key Cryptography The problems of key distribution are solved by public key cryptography. It is an asymmetric scheme which uses a pair of keys for encryption: ―public key‖,which encrypts the data and a corresponding ―private key‖ or ―secret key‖, whichdecrypts the data. Here the public key is published to the world but private key is kept a secret i.e.,anyone with the copy of public key can encrypt information whereas decryptioncan only be done with the knowledge of private key. It is computationally infeasible to deduce the private key from the public key.Anyone who has a public key can encrypt information but cannot decrypt it. Onlythe person who has the corresponding private key can decrypt the information. Example: RSA (named after its inventors, Ron Rivest, Adi Shamir, and LeonardAdleman)Figure 2.2 Public key Encryption/Decryption Advantages of Public Key Cryptography are,i. The primary benefit of public key cryptography is that it allows peoplewho have no pre-existing security arrangement to exchange messagessecurely.ii. The need for sender and receiver to share secret keys via some securechannel is eliminated; all communications involve only public keys, andno private key is ever transmitted or shared.
  10. 10. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 102.3 Types of Cryptanalysis Attacks for Evaluating theSecurity of Image CryptosystemsThe following five attacks are used for evaluating the security of imagecryptosystems. Each of them assumes that the cryptanalyst has the complete knowledgeof the encryption algorithm used.The first attack is called the cipher-image-only or brute force attack. In this attack,an illegal user is assumed to obtain the cipher-image from networks, but does not have theprivate key. In other words, a cryptanalyst must determine the private key solely from anintercepted cipher-image.The second attack is called the known-plain-image-only attack. The illegal usersare assumed to have obtained several plain-image and cipher-image pairs in this attack. Acryptanalyst must deduce the private key used to encrypt the plain images or thealgorithm to decrypt any new cipher image encrypted with same private key.The third attack is called the chosen plain-image attack. In this attack, the illegalusers are able to select the plain-images and obtain the corresponding cipher-images thisis more powerful than the known-plain-image-only attack, because cryptanalysts canchoose some specific pain-images to encrypt, and this yields more information about theprivate key. The cryptanalysts uses this information to deduce the private key used toencrypt the plain images.The fourth attack is called jigsaw puzzle attack. In this attack, the illegal users firstdivide a cipher-image into many small areas. The cryptanalysts then breaks these areasone by one. Since each area is much smaller than the entire cipher-image, thecomputational load for breaking each area is much less than that for breaking the entirecipher-image. The jigsaw puzzle attack is therefore more efficient than other attacks.The fifth attack is called the neighbour attack. In this attack, the illegal users areassumed to know a part of the plain-image. The changes across the boundaries of theareas are smooth in most images. Therefore, the cryptanalysts use this attribute to speedup the selections for the boundaries of the neighbouring areas; and can derive theneighbouring pixels for the known part of plain image and break the whole cipherefficiently.[3]
  11. 11. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 11CHAPTER 3Efficiency and Security of Some Image CryptosystemsThis chapter gives brief explanation about the techniques previously applied to solveproblems related to real time image encryption. This chapter covers the topics: ImageEncryption Using SCAN Patterns, Image Encryption Using Combinational PermutationTechniques, and the need for AES based method.3.1 Image Encryption Using SCAN PatternsDue to the differences between images and text, a wide variety of cryptographicalgorithms have been proposed for image security.In the paper [3], Bourbakis and Alexopoulos developed a new method whichperforms encryption of binary and gray-scale images. The encryption schemes are basedon SCAN patterns generated by the SCAN technique. This method converts 2D imagepatterns into 1D list & employs a SCAN language to describe the converted result. SCANis a formal language based 2D spatial accessing methodology which can efficientlyspecify and generate a wide range of scanning paths. In this language there are severalSCAN letters & each letter represents a scan order. The four basic SCAN patterns used bySCAN language are: Continuous raster (C), Continuous diagonal (D), Continuousorthogonal (O) and Spiral (S).These four patterns are shown in figure 3.1.Figure 3.1 Basic SCAN patterns [3]Different combinations of SCAN letters generate different kind of secret images.Once the combination of SCAN letters is determined, the scheme generates a SCANstring which defines the SCAN order of the original image. The algorithm then scans theimage and encrypts the SCAN string using commercial cryptosystems. Since illegal users
  12. 12. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 12cannot obtain correct SCAN string, the original image is therefore secure. Figure 3.2shows an example of SCAN key patterns.Figure 3.2 Example of SCAN key pattern—B5(s2Z0(c5b0o0s5)c4d1) [3]Drawbacks of Image Encryption using SCAN patterns are,This method does not consider the advantages of image compression. As a result,the size of the image is very large and is inefficient to encrypt or decrypt imagesdirectly for real time applications.Also, due to large image size encryption/decryption process is consumes lot oftime and hence is slow.Although it provides fair enough security it is not preferred for real timeapplication because the time taken by this method to produce cipher image is notacceptable for real time scenerio.3.2 Image Encryption Using Combinational PermutationTechniquesIn the paper [6] Mitra presents an approach using a combinational permutationtechniques for image encryption. This technique uses a random combination of bit, pixel,and block permutations. The permutation of bits decreases the perceptual information,whereas the permutation of pixels and blocks produce high level security. It is observedthat the permutation of bits is effective in significantly reducing the correlation therebydecreasing the perceptual information, whereas the permutation of pixels and blocks aregood at producing higher level security compared to bit permutation. A random
  13. 13. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 13combination method employing all the three techniques thus is observed to be useful fortactical security applications, where protection is needed only against a casual observer.The security of images used in electronic communication may be needed againsttwo types of attackers; casual listeners/observers or professional unauthorized recipients,termed as cryptanalysts. In the former case, the security is needed only in terms of hourswhile in the later it may be in terms of years. The duration roughly indicates the amountof time that is needed to analyze the information available in unintelligible form in theinsecure channel without the knowledge of keys to derive the underlying information.The scenario where security is needed against casual listener/observer, thecryptographic structure should be as simple as possible in order to reduce the cost. Thepresent work focuses on development of improved private key cryptographic methods forproviding security against such casual observers in the context of image communications.In designing private key cryptographic techniques, permutation methods andpseudo random sequence generators play important roles due to their simple yet effectiveinformation coding performances. This method uses many good keys, selected usingpseudo random index generators (PRIG), for different permutation operations. Since alarge number of keys are used, the security level offered is comparatively high. Further,the amount of redundant information available in the encrypted image is kept as low aspossible, thereby providing fairly high security level against casual observers. In imagecommunication, the image is represented as a group of bits, pixels and blocks andtherefore, the encryption is done by permuting the respective groups. Further, to make itmore robust against casual attacks, a random combinational image encryption approachwith bit, pixel and block permutations is used. It is also shown that if the randomcombinational sequence of permutations is not known to the observer, it will not bepossible for him/her to retrieve the original information, even if the permutation privatekeys are known to that person.The Pseudo random index generator (PRIG) for permutation purpose is usuallyconstructed using the linear feedback shift registers (LFSR). A PRIG contains ‗n‘ shiftregisters and is initiated with a starting seed, which is usually transmitted through asecured channel for intended users only. The outputs of the shift registers are multipliedwith the coefficients (Cn−1,Cn−2,...,C1,C0) of a primitive polynomial with respect to mod-2
  14. 14. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 14operation. The resultant output obtained by the modulo operation is then fed back to thefirst shift register. The shift register output values are converted into decimal index usingbinary to decimal converter. The general structure of such a PRIG is shown in Fig. 3.3.Note that the periodicity of such a random index generator is 2n−1.Figure 3.3 Structure of a general pseudo random index generator [6]In the context of images, three basic permutation techniques, they are,1) Bit permutation: The image can be seen as an array of pixels, each with eight bits for256 gray levels. In the bit permutation technique, the bits in each pixel taken from theimage are permuted with a key chosen from the set of keys by using the PRIG. The entirearray of these permuted pixels forms the encrypted image. The encrypted image obtainedfrom the bit permutation technique is transmitted to the receiver through the insecurechannel. At the receiver the encrypted image is decrypted using the same set of keys andsame pseudo random index generator. As the number of bits in each pixel is eight, the keylength is also taken equal to eight. The number of permutations obtained with eightelements is 8! (=40320) but the number of good keys formed by such eight elements isonly 121. Therefore, to get 127 keys using a PRIG of maximal length 127, other 6 keysare taken randomly from these 121 good permutation keys to form the complete set.2) Pixel permutation: In this scheme each group of pixels is taken from the image. Thepixels in the group are permuted using the key selected from the set of keys. Theencryption and decryption procedure is same as the bit permutation technique. The size ofthe pixel group is same as the length of the keys, and all the keys are of same length. Ifthe length of the keys is more than the size of pixel group, the perceptual information
  15. 15. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 15reduces. In this work the group of pixels is taken along the row without the loss ofgenerality, i.e., the column wise procedure would yield same kind of results.3) Block permutation: In this technique, the image can be decomposed into blocks. Agroup of blocks is taken from the image and these blocks are permuted same as bit andpixel permutations. For better encryption the block size should be lower. If the blocks arevery small then the objects and its edges do not appear clearly. In this block permutationthe blocks are permuted horizontally in the image. The permutation of blocks alongvertical side is also similar to horizontal side block permutation. At the receiver theoriginal image can be obtained by the inverse permutation of the blocks.Figure 3.4 Block diagram of Combinational Permutation technique [6]The main idea behind this method is that an image can be viewed as anarrangement of bits, pixels and blocks. The intelligible information present in an image isdue to the correlations among the bits, pixels and blocks in a given arrangement. Thisperceivable information can be reduced by decreasing the correlation among the bits,pixels and blocks using certain random permutation techniques. The advantage offered bythis scheme is that even if the private key is known to the attacker somehow and the
  16. 16. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 16random combination key is unknown, then the person will not be able to extract/tamperthe image. Also, due the combination of three permutation approaches the redundancy,visual intelligence reduces.To get back the original image at the receiver, the order of the permutationprocesses should be exactly reverse to the order at the transmitter; otherwise the outputwill produce no visible information. Figure 3.4 shows the block diagram of this method.However the drawback in this approach is that it provides security only againstcasual observers and not against professional hackers; hence is not preferred for real timeapplication because it is not possible to predict the type of attackers posing danger to theintegrity of image data.3.3 Need for AES Key Expansion Based MethodThe above discussed two Cryptosystem were mainly developed for singleapplication scenario and hence had its own limitation when considering a general Imagesecurity application. Also these methods were not suitable for Real Time Applicationsbecause the algorithm either had very high security but was slow in processing or it wasvery fast at the prize of security.Hence there is need for an algorithm that in general is applicable for all Imagesecurity applications in Real Time. Thus a method that is based on AES Key Expansionwhich overcomes the limitations of above mentioned algorithm is preferred.Here the encryption process is a Bitwise Exclusive OR operation of a set of imagepixels along with a 128 bit key which changes for every set of pixels. The cipher keys aregenerated independently at the sender and receiver side based on AES Key Expansionprocess, hence the initial key alone is shared and not the whole set of keys. The algorithmhas been experimented with standard bench mark images proposed in USC-SIPI databaseand the result shows that it offers good resistance against brute force attack, keysensitivity tests and statistical crypt analysis.
  17. 17. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 17CHAPTER 4Advanced Encryption StandardThis chapter contains a brief introduction to AES. The topics covered are: Introduction toAES, Mathematical foundation for AES – Galios Field.4.1 Introduction to AESIn January, 1997 NIST began its effort to develop the AES, a symmetric keyencryption algorithm, and made a worldwide public call for the algorithm to succeedDES. Initially 15 algorithms were selected, which was then reduced down to 4algorithms, RC6, Rijndael, Serpent and Two-fish, all of which were iterated blockciphers. The four finalists were all determined to be qualified as the AES.The final evaluation, which also solicited worldwide public input was based on threecharacteristics [see table 4.1]1) Security: It encompassed resistance to known attacks, mathematical soundness,randomness of output and security compared to other algorithms.2) Cost: encompassed encryption speed, required memory, and no licensing agreementsi.e. the algorithm had to be available worldwide royalty free.3) Algorithm and implementation characteristics: The algorithm had to be suitableacross a wide range of hardware and software systems. The algorithm had to be relativelysimple as well. After extensive review the Rijndael algorithm was chosen to be the AESalgorithm.Algorithm SecuritySpeed MemoryEncryption/Decryption Key RAM ROMRC6 Adequate High end Average Average AverageRijndael Adequate High end High end High end High endSerpent High Low end Average Average AverageTwo Fish High Average High end High end AverageTable 4.1 Some evaluation criteria and results for AES finalists
  18. 18. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 18AES was designed to have the following characteristics:Resistance against all known attacks.Speed and code compactness on a wide range of platforms.Design simplicity.The AES Algorithm is a symmetric-key cipher, in which both the sender and thereceiver use a single key for encryption and decryption. The data block length is fixed tobe 128 bits, while the length can be 128, 192 or 256 bits. In addition, the AES is aniterative algorithm; each iteration being called a round. The total number of rounds Nr isdependent on Key length Nk, where Nr and Nk are specified in words. The 128 bit datablock is divided into 16 bytes. These bytes are mapped to a 4x4 array called the State, andall the internal operations of the AES algorithm are performed on the State. Theparameters for AES algorithm are shown in Table 4.2Algorithm Key length, Nk Block size, Nb No of rounds, Nr= Nk+ 6AES-128 4 4 10AES-192 6 4 12AES-256 8 4 14Table 4.2 AES Parameters.Most of the operations in the AES algorithm take place on bytes of data or on wordsof data 4 bytes long, which are represented in the field GF(28), called the Galois Field.These bytes are represented by the polynomial equation,b7x7+ b6x6+ b5x5+ b4x4+ b3x3+ b2x2+ b1x + b0 = ∑ bixi- - - - equation (4.1)Where, bi {0,1} and i = 0,1,2,...7. There are 256 elements in GF(28).For example, 0x11(00010001) identifies the specific finite field x4+1.4.2 Mathematical PreliminariesIn abstract algebra, a finite field or Galois field is a field that contains a finitenumber of elements. Finite fields are important in number theory, algebraic geometry,Galois theory, cryptography, coding theory and quantum error correction. The finite fieldsare classified by size; there is exactly one finite field up to isomorphism of size pkforeach prime p and positive integer k. This is represented as GF(pk). Finite field elements
  19. 19. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 19can be added and multiplied, but these operations are different from those used in normalalgebra. [7]4.2.1 Addition in Finite Field AlgebraThe addition of two elements in GF(28) is achieved by ―adding‖ the coefficients forthe corresponding powers in the polynomials for the two elements. The addition isperformed with the XOR operation (denoted by ) - i.e., modulo 2 addition.i.e., (0 0) = 0; (0 1) = 1; (1 0) = 1; (1 1) = 0.Consequently, subtraction of polynomials is identical to addition of polynomials. [7]Example: (0x57 + 0x83) = (x6+x4+x2+x+1) + ( x7+x+1) = x7+ x6+x4+x2= 0xD4.4.2.2 Multiplication in Finite Field AlgebraIn the polynomial representation, multiplication in GF(28) (denoted by •) correspondswith the multiplication of polynomials modulo an irreducible polynomial m(x) of degree8. A polynomial is irreducible if its only divisors are one and itself. For the AESalgorithm, this irreducible polynomial is, m(x)=x8+x4+x3+x+1, or {01}{1b} inhexadecimal notation. [7]Example: {0x57} • {0x83} = {0xC1}.i.e.., let A = (x6+x4+x2+x+1) • ( x7+x+1)= x13+x11+x9+x8+x7+x7+x5+x3+x2+x+ x6+x4+x2+x+1= x13+x11+x9+x8+ x6+ x5+ x4+ x3+1.Result of multiplication = A mod (x8+x4+x3+x+1) = x7+x6+1= 11000001 = 0xC1.The modular reduction by m(x) ensures that the result will be a binary polynomial ofdegree less than 8, and thus can be represented by a byte. Unlike addition, there is nosimple operation at the byte level that corresponds to this multiplication. There are threerules which can help in multiplying polynomials in GF(28). They are,1) 0x01 is the identity in GF(28). Thus anything multiplied by 0x01 remains unchanged.2) Multiplying by two is the same as decimal arithmetic, provided the result does notexceed the field size of 255 or 0xFF. Also multiplying by 2 in binary is the same as
  20. 20. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 20shifting left by 1. If the result exceeds 0xFF then the result must be XORed with 0x1B.This will prevent any overflow errors if working with bytes thus keeping the resultswithin range.3) Multiplying by three is the same as multiplying by (1 + 2). Thus,a • 0x03 = a • (0x02 + 0x01) = (a • 0x02) (a • 0x01).4.2.3 Multiplicative Inverse in Finite Field AlgebraThe multiplication defined above is associative, and the element {01} is themultiplicative identity. For any non-zero binary polynomial b(x), the multiplicativeinverse of b(x) modulo m(x), denoted by b-1(x) ,can be found using Extended EuclideanAlgorithm if degree of b(x) is less than that of m(x) and also if GCD[b(x),m(x)]=1. [7]i.e.., if b(x) • b-1(x) = 1 ( mod m(x) ), then b-1(x) is the multiplicative inverse of b(x) inmodulo m(x).=> [ b(x)*b-1(x) ] – [ i*m(x) ] = 1, - - - - - - - - - - - - - - - - - - - - - - - -equation (4.2)where i is the integer quotient of division [ b(x)*b-1(x) ] ÷ m(x).=> [ 1 + {i*m(x) ] ÷ b(x) = b-1(x) - - - - - - - - - - - - - - - - - - - - - - - -equation (4.3)Equation (4.3) represents the Euclidean Approach to find multiplicative inverse.The basics of Galois field discussed in section 4.2, is required to understand AESAlgorithm better.
  21. 21. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 21CHAPTER 5AES AlgorithmThis chapter gives detailed explanation about the steps involved in AES algorithm. Thetopics covered includes: AES encryption/decryption, Transformations used in AES andKey expansion Schedule.5.1 AES Encryption/DecryptionFor each round of AES, 128 bit input data and 128 bit key is required, i.e.., it needs 4words of key in one round. Thus the input key must be expanded to the required numberof words depending upon the number of rounds. The output of each round serves as inputto the next stage. In AES system, same secret key is used for both encryption anddecryption; thus simplifies the design. The block diagram for AES Encryption andDecryption is as shown in Figure 5.1Figure 5.1 AES Encryption and Decryption.
  22. 22. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 22For both its Cipher and Inverse Cipher, the AES algorithm uses a round function thatis composed of four different byte-oriented transformations: 1) byte substitution using asubstitution table (S-box), 2) shifting rows of the State array by different offsets, 3)mixing the data within each column of the State array, and 4) adding a Round Key to theState. The above 4 transformation are looped Nr-1 times. In the last round (i.e.., Nrthround) Mixcolumn is not performed.The AddRoundKey is performed at the beginning and at the end of the cipher inorder to provide initial and final randomness to the algorithm. Without this, the first orlast portion of the cipher could be easily deduced, and therefore would be irrelevant to thesecurity of the cipher. The last round in the cipher is different from the other rounds inorder to make the encryption and decryption routines more similar, allowing thecomplexity to be reduced in hardware and software implementations.5.2 AES TransformationsThe four transformations used in AES Encryption are : ByteSub, ShiftRows,MixColumns, AddRoundKey. The inverse of these operations are performed fordecryption.5.2.1 Byte SubstitutionThe ByteSub transformation is a non-linear byte substitution that operatesindependently on each byte of the State using a substitution table (S-box) as shown infigure 5.2Figure 5.2 ByteSub transformation
  23. 23. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 23The S-box, which is invertible, is constructed by composing two transformations,i. Take the multiplicative inverse in the finite field GF(28); the element {00} ismapped to itself.ii. Apply the following affine transformation (over GF(2) ) which is defined as,bi‘= bi b(i+4)mod8 b(i+5)mod8 b(i+6)mod8 b(i+7)mod8 Ci - - - - - -equation (5.1)Where, 0 ≤ i ≤ 8 and bi is the ithbit of byte and Ci is the ithbit of byte C whosevalue is 0x63 or (01100011).In matrix form, the affine transformation element of the S-box can be expressedas;The S-box for ByteSub is as shown in Figure 5.3The Inverse ByteSub is used to reverse this operation in decryption process. Theaffine transformation for Inverse ByteSub is as shown below;The S-1box for inv ByteSub operation is shown in Figure 5.4
  24. 24. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 24Figure 5.3 look up table for ByteSub transformation.Figure 5.4 look up table for Inv ByteSub operation.
  25. 25. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 255.2.2 Shift RowsShift-Rows operates on individual rows of the state. It provides diffusion throughoutthe AES algorithm. This operation will not change the values of byte in the row, but willjust change their order. It performs left circular shift on each row as follows;Row 0  Shift 0; Row 1  Shift 1; Row 2  Shift 2; Row 3  Shift 3;This is illustrated in Figure 5.5 below. For decryption this Shift operation is reversed.Figure 5.5 Illustration of Shift Row transformation.5.2.3 Mix ColumnsThe MixColumns transformation operates on the State column-by-column, treatingeach column as a four-term polynomial. The columns are considered as polynomials overGF(28) and are multiplied modulo (x4+1) with a mixing polynomial a(x) given by,a(x)=(0x03) • x3+ (0x01) • x2+ (0x01) • x + (0x02).This can represented by matrix equation as,0201010303020101010302010101030202010103030201010103020101010302a3a2a1a0a3a2a1a0a’3a’2a’1a’0a’3a’2a’1a’0=
  26. 26. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 26Figure 5.6 illustrates the mix column transformation.Figure 5.6 Illustration of MixColumn transformation.InvMixColumns performs the reverse operation for decryption and can be described bythe matrix equation is,5.2.4 Add Round KeyIt is the step that incorporates the round key, a portion of the expanded key, into theplaintext. This routine performs bitwise XOR of each byte of the state with thecorresponding byte of the round key.If Add Round Key operates on a variable twice, the variable itself is returned. Thisproperty is used in decryption. Figure 5.7 illustrates this transformation.0e090d0b0b0e090d0d0b0e09090d0b0e0e090d0b0b0e090d0d0b0e09090d0b0ea3a2a1a0a3a2a1a0a’3a’2a’1a’0a’3a’2a’1a’0=
  27. 27. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 27Figure 5.7 Add round key TransformationThe above 4 transformation are looped Nr-1 times. In the last round (i.e.., Nrthround) Mixcolumn is not performed.The AddRoundKey is performed at the beginning and at the end of the cipher inorder to provide initial and final randomness to the algorithm. Without this, the first orlast portion of the cipher could be easily deduced, and therefore would be irrelevant to thesecurity of the cipher. The last round in the cipher is different from the other rounds inorder to make the encryption and decryption routines more similar, allowing thecomplexity to be reduced in hardware and software implementations.5.3 Key Expansion schedulePseudo code for AES Key Expansion is given in Figure 5.9. The key-expansionroutine creates round keys word by word, where a word is an array of four bytes. Theroutine creates 4x(Nr+1) words. For Nk=4words, Nr=10; this routine creates 44 words.The process is as follows :First 4 words of round key are made from initial cipher key. The key is consideredas an array of 16 bytes k[0:15]. The first four bytes (k0 to k3) become w0, the nextfour bytes (k4 to k7) become w1, and so on.The rest of the words (wi for i=4 to 43) are derived as follows:if (i mod 4)!=0 then, wi = wi-1 wi-4 ;else if(i mod 4)=0 then wi=t wi-4. Here ‗t‘ is a temporary word result ofapplying SubByte transformation and rotate word on wi-1 and XORing the resultwith a round constant.Figure 5.8 shows the pictorial representation of AES key expansion.
  28. 28. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 28Figure 5.8 AES Key ExpansionFigure 5.9 pseudo code for AES key expansion.
  29. 29. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 29Steps to find wi when ( i mod 4) = 0i. RotWord: performs one byte circular left shift on wi-1.ii. SubWord: performs a byte substitution on each byte of its input word, usingthe S-box.iii. The result of step (i) and (ii) is XORed with a round constant Rcon[j] whichisgiven by, Rcon[j]={RC[j],0,0,0},where RC[j]=2*RC[j-1], with multiplicationover GF(28).J 1 2 3 4 5 6 7 8 9 10RC[j] 01 02 04 08 10 20 40 80 1B 36Table 5.1 RC[j] values in hex.5.3.1 Example for AES Key ExpansionConsider the 16 byte key to be, K = 2b7e151628aed2a6abf7158809cf4f3c.Key length, Nk = 4 words. => expanded key has 44 words or 11 sets of 4 word keys( oneset used in each round).AES key expansion steps to obtain the expanded key:Step 1: Enter the K into key array byte by byte column wise.2b 28 ab 097e ae f7 cf15 d2 15 4f16 a6 88 3cW[0] W[1] W[2] W[3]
  30. 30. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 30W[0:3] forms the cipher key.Step 2: calculate the first set of 16byte key to be used for 1ndround, i.e., w[4:7]Step 2a: to find w[4] , follow the steps discussed in section 5.3.Now, W[i-1] = W[3] = [ 09 cf 4f 3c ].After shift row operation, W[3] = [ cf 4f 3c 09 ].After SubByte transform, W[3]* = [ 8a 84 eb 01 ].Now, W[i-4] = W[0] = [ 2b 7e 15 16 ] and Rcon[1] = [ 01 00 00 00]. W[4] = W[3]* W[0] Rcon[1] W[4] = [ 8a 84 eb 01 ] [ 2b 7e 15 16 ] [ 01 00 00 00]. W[4] = [a0 fa fe 17].Step 2b: To find W[5], W[i-1] =W[4] = [a0 fa fe 17] and W[i-4]= W[1] = [ 28 ae d2 a6 ]. W[5] = W[4] W[1]. W[5] = [a0 fa fe 17] [ 28 ae d2 a6 ]. W[5] = [ 88 54 2c b1 ].Step 2c: Find W[6] and W[7] using the same procedure as 2b.Thus W[6] = [ 23 a3 39 39 ]. And W[7] = [ 2a 6c 76 05 ].Therefore, the 2ndround key is,A0 88 23 2aFa 54 A3 6cFe 2c 39 7617 B1 39 05
  31. 31. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 31Step 3: Similarly find rest of the 9 round keys using the step 2.2ndround key :F2 79 59 73C2 96 35 5995 B9 80 F6F2 43 7a 7f3rdround key:3d 47 1e 6d80 16 23 7a47 fe 7e 887d 3e 44 3b4thround key:Ef A8 B6 Db44 52 71 0bA5 5b 25 0d41 7f 3b 00
  32. 32. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 325thround key:D4 7c Ca 11D1 83 F2 F9C6 9d B8 15F8 87 bc Bc6thround key:6d 11 Db Ca88 0b F9 00A3 3e 86 937a Fd 41 Fd7thround key:4e 5f 84 4e54 5f A6 A6F7 C9 4f Dc0e F3 B2 4f
  33. 33. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 338thround key:Ea B4 31 7fD2 8d 2b 8d73 Da F5 2921 D2 60 2f9thround key:Ac 19 28 5777 Fa D1 5c65 Dc 29 00F3 21 41 6e10thround key:D0 C9 E1 B614 Ee 3f 63F9 25 0c 0cA8 89 C8 A6
  34. 34. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 34CHAPTER 6Modified AES Key ExpansionThis chapter gives the detailed description of the proposed method for Real Time ImageCryptosystems-Modified AES Key Expansion Based Method. The topics coveredinclude: Changes in AES Key Expansion Schedule to suite Image Cryptosystems, Stepsinvolved in Image Encryption/Decryption and Experimental Results & Analysis.6.1 Changes in AES Key Expansion Schedule to Suite ImageCryptosystemsCertain changes made to the AES key expansion process (discussed in the section 5.3)improves the encryption quality, and also increases the avalanche effect in the resultingcipher image. The changes are,The initial key is expanded based on the number of pixels in the image.The Rcon value is not constant instead it is being formed from the initial keyitself.Both the s-box and Inverse s-box are also used for the modified Key Expansionprocess because it improves non-linearity in the expanded key and also improvesthe encryption quality. The S-box and Inverse S-box are however not directly usedin this algorithm; instead some circular shifts are performed on the boxes based onthe initial key.The above changes in the algorithm can be represented as discussed in the sections below.6.1.1 Key Expansion for the imageConsider a plain gray-level image of size mxn. In this method, a set of 16 pixels (128bits) is encrypted using 2 round keys.∴ No of keys to Encrypt the whole image N=2*{(m*n)/16}.
  35. 35. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 356.1.2 Formation of Rcon valuesRcon[j] is formed from the initial cipher key as follows:Rcon[0]=key[12:15]; Rcon[1]=key[4:7];Rcon [2]=key[0 : 3]; Rcon [3]=key[8:11];6.1.3 Using Inverse S-Box for key expansionThe ‗temp‘ value used in the algorithm is formed as follows,temp = SubWord(RotWord(temp)) + InvSubWord(Rcon[i/4]);here the Rcon values are not used directly, instead each byte of Rcon is substituted by itscorresponding InvSubByte value from S-1box. This improves the non-linearity of theexpanded key.6.1.4 Shifting of S-box and Inverse S-boxThe offset for shifting S-box and S-1box is obtained using following equation,Sbox_offset = sum(key[0:15])mod256;Inv_Sbox_offset = (sum(key[0:15])*mean(key[0:15]))mod256;6.2 Steps Involved in Image Encryption/Decryption UsingModified AES Key ExpansionThe steps involved in Image Encryption/Decryption using Modified AES KeyExpansion include: Key selection, Generation of multiple keys, Encryption andDecryption. Each of these steps are explained briefly below.6.2.1 Key selectionThe sender and receiver agree upon a 128 bit key. This key is used for encryptionand decryption of images. It is a symmetric key encryption technique, so they must sharethis key in a secure manner.
  36. 36. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 36The key is represented as blocks k[0],k[1]...k[15]. Where each block is 8bits long(8*16=128 bits).6.2.2 Generation of Multiple keysThe sender and receiver can now independently generate the keys required for theprocess using the above explained Modified AES Key Expansion technique. This is a onetime process; these expanded keys can be used for future communications any number oftimes till they change their initial key value.6.2.3 EncryptionEncryption is done in spans, where 16 pixels are processed in each span. ThisAlgorithm performs two XOR operations and a SubBytes Transformation for each set ofpixels. Since two XOR operations are performed using the expanded key for every set ofpixels it is impossible to get the key from plain image and cipher image, and to improvethe non linearity the s-box values used in AES may also be used. This is shown in figure6.1.6.2.4 DecryptionThe decryption process shown in figure 6.1 is similar as encryption, but here InverseSubByte Transformation is used and also the order of XOR operation using the expandedkey is reversed.Figure 6.1 Encryption/Decryption process for image encryption using modified aes key expansion
  37. 37. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 37CHAPTER 7Experimental AnalysisThe algorithm has been implemented in Mat Lab 6.0 in windows environment with asystem configuration of PIV processor with 1 GB RAM. The proposed algorithm hasbeen tested with various images in USC-SIPI repository which is a collection of digitizedimages primarily to support image processing, image analysis and machine vision.7.1Key Space AnalysisThe strength of any cryptographic algorithm depends upon key space which shouldbe sufficiently large enough to make brute force attack infeasible. The proposedalgorithm has a huge key space which is 2^128 possible keys. If an opponent tries forbrute force attack, since the key sensitivity of this algorithm is very high he would have totry all combinations of keys for the image which is computationally infeasible.7.2Histogram AnalysisTo prevent the leakage of information to an opponent, it is also advantageous if thecipher image bears little or no statistical similarity to the plain image. An imagehistogram illustrates how pixels in an image are distributed by graphing the number ofpixels at each colour intensity level. The histogram of the encrypted image is expected tobe fairly uniform and significantly different from the respective histograms of the originalimage.Figure 7.1 and figure 7.2 shows the histogram analysis of plain image and cipherimage. The histogram analysis shows that the histogram of the cipher image is fairlyuniform and is significantly different from the original image. The encryption algorithmhas covered up all the characters of the plain image and has complicated the statisticalrelationship between the plain image and its ciphered version.Figure 7.1 shows the analysis for grey scale image whereas figure 7.2 shows theanalysis for color image.
  38. 38. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 38Figure 7.1 Histogram analysis of Grey Scale 1024X1024 Lena Image
  39. 39. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 39Figure 7.2 Histogram Analysis of Colour 640X480 Mountain Image
  40. 40. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 407.3 Key Sensitivity AnalysisHigh key sensitivity is required by secure image cryptosystems, which means thatthe cipher image cannot be decrypted correctly even if there is only a slight differencebetween encryption or decryption keys. The proposed algorithm is experimented forvarious key values whose difference is negligibly small. This is similar to avalancheeffect in text encryption where a small bit difference in the key could produce asignificant difference in the cipher text produced. The strength of the algorithm is thateven for a single bit change in the key value the image is not decrypted. Figure 7.3illustrates the key sensitivity of the proposed algorithm.Figure 7.3 Key Sensitivity Analysis of Proposed Algorithm
  41. 41. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 417.4 Execution TimeAnother important factor that evaluates the efficiency of algorithms is measuring theamount of time required to encrypt an image. In this investigation, actual time in CPUcycles will be used as a measure of execution time. Table 7.1 shows the comparison ofcomputational time taken by algorithms specified in literature to that of proposedalgorithm to encrypt a 1024x1024 gray-scale Lena Image.Algorithm Time in seconds for Lena ImageBourbakis(SCAN patterns) 2.54Mitra (CPT) 1.82Proposed Algorithm 1.41Table 7.1 Computational time comparison
  42. 42. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 42CHAPTER 8Conclusion and Future Work8.1 ConclusionBased on the experimental results shown in section 6.3, it can be observed thatThe proposed algorithm offers high encryption quality with minimalcomputational time.The key sensitivity and key space of the algorithm is very high which makes itresistant towards Brute force attack and statistical cryptanalysis.The time taken for encryption is relatively less in comparison with the algorithmsproposed in the literature.The above mentioned features make the algorithm suitable for image encryption in realtime applications.8.2 Future workS-box is the pivotal part of AES. Research may be done to improve the quality ofS-box design.AES-192 or AES-256 may be used to further increase the key sensitivity and keyspace of the algorithm.
  43. 43. Image Encryption using AES Key Expansion Seminar Report 2013Department of Telecommunication Engineering,PACE, Mangalore. Page 43References[1] B.Subramanyan, Vivek.M.Chhabria, T.G.Sankar babu, Image Encryption Based OnAES Key Expansion, 2011 Second International Conference on Emerging Applications ofInformation Technology, page 217-220.[2] C.J.Kuo, Novel image Encryption Technique and its application in progressivetransmission. Journal of Electron imaging 24 1993 pp 345-351.[3] N.J.Bourbakis , C.Alexopoulos, Picture data encryption using SCAN patterns. PatternRecognition 256 1992 pp567 -581.[4] Chin-Chen Chang, Min-Shian Hwang, Tung-Shou Chen, ―A new encryptionalgorithm for image cryptosystems‖, The Journal of Systems and Software 58 (2001), 83-91.[5] Fridrich Jiri, Symmetric ciphers based on two dimensional chaotic maps, Int. J.Bifurcat Chaos 8 (1998) (6), pp. 1259– 1284.[6] Mitra, Y. V. Subba Rao, and S. R. M. Prasanna, A new image encryption approachusing combinational permutation techniques, International Journal of Computer Science,vol. 1, no. 2 , pp. 1306- 4428, 2006..[7] http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf.

×