**Security analysis of AES and Enhancing its Security by Modifying S-Box with an Additional Byte**

Abdullah Al- Mamun^{1}, Shawon S. M. Rahman, Ph.D.^{2}, Tanvir Ahmed Shaon^{1}, and MdAlam Hossain^{1}

^{1}Department of Computer Science and Engineering

Jessore University of Science and Technology,Jessore-7408,Bangladesh

^{2}Associate Professor, Department of Computer Science

Majmaah University, Majmaah, Kingdom of Saudi Arabia

**Abstract**

Secured and opportune transmission of data alwaysis a significant feature for any organization. Robust encryption techniques and algorithms always facilitate in augmenting secrecy, authentication and reliability of data. At present, Advanced Encryption Standard (AES) patronized by NIST is the most secure algorithm for escalating the confidentiality of data. This paper mainly focuses on an inclusive analysis related to the security of existing AES algorithm and aim to enhance the level security of this algorithm. Through some modification of existing AES algorithm by XORing an additional byte with s-box value, we have successfully increased the Time Security and Strict Avalanche Criterion. We have used random additional key for increasing security. Since this key is random, result of security measurement sometimes fluctuates.

**Keywords**

Cryptography;Advanced Encryption Standard;secure algorithm;s-box; Ciphertext; Avalanche Effect; SAC;

**1.Introduction and History**

Security is an issue to defend anything from danger or threat. From the very beginning of humankind, Security was major concern to protect valuable things. Nowadays information has become more and more important.Before 19^{th} century information was stored as hard copy and people used physical media to store &classical cryptography to protect that. But in 20^{th} century digital way was invented to store and share information using computer and Internet. Internet is a common place for storing & sharing data. Everyone has free accessibility to it. So there is a question to protect information from unauthorized access. And so, modern cryptography has initialized.

Cryptography is a way of storing and transmitting data in a scramble form that can only be understood and processed by intended persons [1]**Error! Reference source not found.**. The many schemes used for encryption constitute the area of study known cryptography. Such a scheme is known as cryptographic system or a cipher. Encryption is a process of secure one’s data from unauthorized access. Our data in readable form is called plaintext; data in encoded or unreadable form is called cipher text. The process of converting or translating plaintext to cipher text is called encryption and its reverse is called decryption. Figure 1 shows encryption and decryption process.

In modern cryptography, complex algorithms or functions are used for encryption and decryption. All these algorithms use keys of different size for encryption and decryption. The strength of cryptography depends on the algorithm and key used. The key can be private or public. In public key Cryptography, pair of key is used**Error! Reference source not found.****Error! Reference source not found.****Error! Reference source not found.**. One key is private and other is public. Both sender and receiver generate their own pair of key. Receiver distributes the public key to the intended senders and keep private key secret. Sender encrypts data with receiver’s public key and sends the ciphertext to the receiver. The receiver decrypts that ciphertext with own private key to generate plaintext. In private key cryptography same key is used for both encryption and decryption. The key is always kept secret. Sender encrypts the plaintext with the private key and sends to the receiver. The receiver decrypts the ciphertext with same key.

Figure 1 (a) Encryption Process (b) Decryption Process

**2.Background Study**

**2.1.AES Description**

Advanced Encryption Standard (AES) is a symmetric cipher and it always uses the same key for encryption and decryption. This key is called cipher key. AES is also a block cipher and splits it input stream into block of fixed size. It allows a verity of block and key size. The size can be 128, 160, 192, 224 and 256 bits (multiple of 32 bits and from minimum 128 to maximum 256 [2]). But the standard is that, the input block size will always be fixed at 128 and the key size will be any of 128, 192 and 256. AES follows the substitution permutation network structure and so it has several working rounds depending on the key size. AES works in 10 rounds for 128 bits key, 12 rounds for 192 bits key and 14 rounds for 256 bits key. Nowadays, most commonly used key size is 128.

In inner work of AES, cipher key is expanded into 11, 13 or 15 keys respectively for 10, 12 or 14 rounds. Then the input block is copied into an array named state array. State array is 4×4 matrixes. Afterword the state array is XOR’ed with first round key and this step is known as AddRoundKey. Finally, AES perform 10, 12 or 14 rounds of computation on state array according to key size. Each round contains four different steps and last round contains three steps.

AES steps are [3]:

- Key expansions:
**Rijndaelkey schedule**expands all round keysfrom cipher key. - Initial round:
**AddRoundKey**– The state array is XOR’ed with the first round key. - Rounds: Each roundexcept last round performs these four steps.

**SubBytes**on state array using s-box.- A permutation
**ShiftRows**on state array. **MixColumns**on state array.**AddRoundKey**with state array.

- Final round: This round does not contain MixColumns and it performs following three steps.

**SubBytes**on state array using s-box.- A permutation
**ShiftRows**on state array. **AddRoundKey**with state array.

**2.2.K****ey Expansion**

In cryptography , each round consist of same set of operations but some parameter like cipher key or round key are different from each other. A Key Schedule is an algorithm that gives those round keys for each round [4]. Suppose, each word length w_{i}= 32 bits = 4 bytes. So a key consists of 4 words (4*32=128) and the initial round key is w_{0} + w_{1}+ w_{2}+ w_{3}.

Others words will be calculated as follows:

w_{i} = w_{i-1} Xor w_{i-4} for all values of i that are not multiple of 4.

For the words with indices that are a multiple of 4 (w_{4k}):

- RotWord: Bytes of w
_{4k-1}are rotated left shift (nonlinearity). - SubWord (r
_{sw}): SubBytes function is applied to all four bytes (Diffusion). - The result (r
_{sw}) is XOR’ed with w_{4k-4 }and round constant rcon.

That is: w_{4k}= r_{sw} Xor w_{4k-4} Xor r_{con}.

Figure 1. Diagram of Key Expansion

**2.3.AddRoundKey**

AddRoundKey is the initial step of encryption and decryption process. It is also a step in every rounds of AES algorithm. In AddRoundKey step, the plaintext array that means state array is being XOR’ed with round key. In this step 16 byte state array XOR’ed with 16 byte (4 words) round key and generate 16 byte (128 bit) output.

Figure 2. State array XOR’ed with Round Key

**2.4.SubBytes**

SubBytes mean substitution of byte of the state array by searching in lookup table which is called substitution box or S-box. S-box is a 16*16 lookup table and it contains 256 different values. The S-box table contains all possible values for 8 bit sequence that means in decimal 0 to 255.

Each byte of the state array is the input of this SubBytes step and the input byte is alternated by a corresponding value. Figure 4 shows S-box. Each byte is mapped into a new byte in the following way: the left most 4 bits denotes the row and right most 4 bits denotes the column of s-box. Suppose the input byte in s-box is b7 (in binary 10110111). The left most 4 bits means 1011 (b) denotes the row number and 0111 (7) denotes the column number of S-box. So the output value for input b7 is a9 (in binary 10101001)[5].

Figure 3. 16*16 Look up Table

**2.5.ShiftRows**

ShiftRows step perform shifting of bytes among the columns of a state array. The state array contains 4 rows and 4 columns. This step perform left shift of certain offset in different rows cyclically. For 128 bit and 192 bit data block ShiftRows rules are given bellow:

- First rows will be unchanged.
- Second row will be shift 1 byte to left.
- Third row will be shift 2 bytes to left.
- Fourth row will be 3 bytes to left.

In general, row ‘a’ is left shifted cyclically for (a-1) bytes.

For 256 bit block data ShiftRows rules step are:

- First rows will be unchanged.
- Second row will be shifted 1 byte to left.
- Third row will be shifted 3 bytes to left.
- Fourth row will be 4 bytes to left.

Figure 4. ShiftRows

The importance of this step is to avoid the columns being linearly independent.In decryption, the Inverse ShiftRows step perform opposite route shifting of each of the last three rows.

**2.6.****Mix Columns**

MixColumns step offer diffusion in AES encryption. Each column of state array enters in MixColumns step and produces four output columns. This step takes a column of state array and performs matrices multiplication with a fixed matrix and produces an output column.

**3.Security Measurement Criteria**

Security is the key term of Advanced Encryption Standard. Security of AES means how resistant this system is against active or passive attack. We measure the security based on three criteria [6].

- Time Security
- Avalanche Effect
- Strict Avalanche Condition

**3.1.Time Security**

It depict the potency of cryptographic method against brute force attack with different key size and time it takes to effectively mount a brute force attack.Brute force attack means thoroughly checking all probable key combinations until the accurate key is originate. For a 3 bit key, Brute force attack will take maximum 8 rounds to check every possible key arrangement. Maximum key combination for different key size is given in table 1.

From table 1, for 128 bit key brute force attack must check maximum 3.403 x 10^{38}key combinations. Now the brute force attacking time based on processing speed of latest super computer can be measured

Table 1. Maximum Key Combination

Faster Super Computer: 33.86 PFLOP/s = 33.86 x 10 ^{15} FLOP/s.

33.86 Quadrillion keys per second**. **[1 Quadrillion=1,000,000,000,000,000;one thousand million million; 10^{15}; prefix peta-]

1 year=365*24*60*60=31536000s.

So, 31536000*3.386 x 10^{16}= 1.067 x 10^{24}keys per year.

So, Brute force attack time to break 256 bit key is = years

= 1.0844 x 10^{53}years

So 1.0844 x 10^{53}years need to break the 256-bit AES key using brute force attack.

Table 2. Estimation of Years to Break AES

As shown in table 2, even with a supercomputer, it would take 1 billion billion years to crack the 128-bit AES key using brute force attack.

**3.1.Avalanche Effect**

Avalanche effect is a property that is very crucial for block cipher and cryptographic hash function. A cryptosystem has avalanche property if for flipping or change just a single bit in plaintext or in secret key the output change significantly (about half of the output).

If a cipher does not show desirable degree of avalanche effect then the cryptanalysts can guess the plaintext by analyzing the Cipertext. So they can be able to break the cipher.

Humming Distance:The Hamming Distance is a digit used to indicate the variation between two binary strings. It is a tiny section of a broader set of formulas used in information analysis. Specifically, Hamming’s formulas allow computers to detect and correct error on their own [7].

**3.2.Strict Avalanche Criterion**

** **For symmetric key cryptographic algorithms Strict Avalanche Criterion is a wanted property. In block cipher context the SAC is said to be maintained by algorithms if, one bit complemented either in key or in plaintext causes a drastic change in ciphertext- about one half of the ciphertext. This SAC completely depends on algorithms confusion and diffusion property. In this AES symmetric key context SubBytes step, ShiftRows step and MixColumns step gives a desirable degree of confusion and diffusion.

**4.Security Analysis of Existing AES**

**4.1.AES-128**

AES-128 algorithm uses 128 bit block of plaintext and 128 bit key. With the fastest Super Computer of this age it will take 3.19 x 1014 years to creak a key combination through brute force attack. So it is not possible not only for a human but also for a generation to break a key with checking all key combinations [8].

** Case 1:** Here the plaintext change by 1 byte in every experiment and the key is always constant.

Key (16 byte): 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f

Table 3. Avalanche Effect for fixed key 128 bit

** Case 2:**Here the plaintext is always constant and the key will be changed by 1 bit.

Input plaintext (16 bytes): ABCDEFGHIJKLMNOP

Table 4. Avalanche Effect for Fixed Plaintext but Variable Key

Table 5. SAC for AES-128

From table 3 and 4, we can say that AES-128 bit maintain a good degree of Claude Shannon’s Confusion and diffusion property. For checking this property we deal with Avalanche effect. To determine Avalanche Effect in case 1 (table 3) we take fixed 128 bit key and different plaintext pair with difference of 1 bit and in case 2 ( table 4) we take fixed plaintext and pair of keys with difference 1 bit. In each pair it shows a good degree of bit variance.

AES-128 also maintains a good degree of Strict Avalanche Criterion. Table 5 shows that among 8112 sample encryption, in average 4322 times it maintains SAC means for complementing 1 bit in input plaintext pair, it gives more or equal than 50% change in ciphertext in 4322 times.

**4.2.AES-192**

AES-128 algorithm uses 128 bit block of plaintext and 192 bit key. With the fastest Super Computer of this age it will take 5.88 x 10^{ 33 }years to break a key combination through brute force attack. It is much bigger than AES-128.

** Case 1:** Here the plaintext change by 1 byte in every experiment and the key is always constant.

Key (24 byte): 00 01 02 03 04 05 06 07 08 09 0a 0b0c 0d 0e 0f 00 11 22 33 44 55 66 77

Table 6. Avalanche Effect for Fixed Key 192 Bit

__Case 2:__Here the plaintext is always constant and the key will be changed by 1 bit.

Input plaintext (16 bytes): ABCDEFGHIJKLMNOP

Table 7. Avalanche Effect for Fixed Plaintext but Variable Key

From table 6 and7, we can say that AES-192 bit also maintain a good degree of Claude Shannon’s Confusion and diffusion property. To determine Avalanche Effect in case 1 (table 6) we take fixed 192 bit key and different plaintext pair with difference of 1 bit and in case 2 ( table 7) we take fixed plaintext and pair of keys with difference 1 bit. In each pair it shows a good degree of bit variance. On an average for flipping 1 bit the ciphertext change about 50%.

Table 8. SAC for AES-192

AES-192 also maintains a good degree of Strict Avalanche Criterion. Table 8shows that among 8112 sample encryption, in average 4324 times it maintains SAC. It means for complementing 1 bit in input plaintext pair, it gives more or equal than 50% change in ciphertext in 4324 times.

**4.4.AES-256**

AES-256 algorithm uses 128 bit block of plaintext and 256 bit key. With the fastest Super Computer of this age it will take 1.0844 x 10^{53 }years to creak a key combination through brute force attack. So it is not possible not only for a human but also for a generation to break a key with checking all key combinations.

** Case 1:** Here the plaintext change by 1 byte in every experiment and the key is always constant.

Key (32 byte): 00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 00 11 22 33 44 55 66 7788 99 aa bb cc dd ee ff

Table 9. Avalanche Effect for Fixed Key 256 Bit

** Case 2:**Here the plaintext is always constant and the key will be changed by 1 bit.

Input plaintext (16 bytes): ABCDEFGHIJKLMNOP

Table 10. Avalanche Effect for Fixed Plaintext but Variable Key

From table 9 and 10, we can say that AES-128 bit maintain a good degree of Claude Shannon’s Confusion and diffusion property. To determine Avalanche Effect in case 1 (table 9)we take fixed 128 bit key and different plaintext pair with difference of 1 bit and in case 2 (table 10) we take fixed plaintext and pair of keys with difference 1 bit. In each pair it shows a good degree of bit variance. With fixed plaintext and variable key almost all the time it shows avalanche affect more than 50%.

Table 11. SAC for AES-256

AES-256 also maintains a good degree of Strict Avalanche Criterion. Table 11 shows that among 8112 sample encryption, in average 4377 times it maintains SAC means for complementing 1 bit in input plaintext pair, it gives more or equal than 50% change in ciphertext in 4377 times.

Figure 5. SAC Property of AES

**5.Proposed System for AES**

**5.1.Changes to Existing System**

AES is already a secured algorithm beyond all cryptanalysis. For cryptanalysis, hackers always try to find the cipher key by which the cipher text can be decrypt. In theory, brute force is the most common cryptanalysis, which can be used against all cryptographic algorithms. In brute force attack, hackers search the cipher key among all possible combination of keys. They compute every possible combination of keys and perform a trail decryption for testing if it is the accurate key. Now the question is that, how long time is needed for brute force to find the actual key? The time for brute force attack depends on the key size. If the key size is small, it can be found very quickly. But if the key size is longer, then it may be take very long time to find the actual key**Error! Reference source not found.**.

To increase the brute force attack time in our propose plan of new AES, we increase the key size by 8 bits. That means the existing key size is extended from 128 to 136, 192 to 200 and 256 to 264. This additional 8 bits are generated by a user defined function named getRandKey for encryption and are stored secretly for further use in decryption. The 8 bits key is used in the time of getSBoxValue execution. In getSBoxValue function, the 8 bit random key is Xor’ed the substituted s-box value during the key expansion and the execution of SubBytes step for each round. As a result, the key expansion time increases significantly which makes the brute force attack more time consuming. On the other hand, the additional key also increases the time security more than 2^8 times. To implement our propose plan we have to change the existing AES both for encryption and decryption.

**5.2.Encryption**

**5.2.1getRandKey**

The getRandKey is a user defined function used in encryption algorithm for our proposed plan in addition with the existing AES. This function is used to generate 8 bits random key. As get Rand Key is a user defined function, the consumer can use any kind of random generator to generate the 8 bits random key. The user must have to generate the key before key expansion in main algorithm and store the key for decryption.

**5.2.2.getSBoxValue**

In existing AES, getSBoxValue is a function to substitute a value with a corresponding value in s-box. This function is used during the key expansion and the execution of SubBytes in each round for encryption algorithm. In our propose plan, every time the corresponding s-box value are Xor’ed with the 8 bits key.

**5.3.Decryption**

The cipher text generated by our proposed algorithm can be decrypted by usual AES decryption algorithm using the additional 8 bits key which was generated during encryption algorithm. In proposed AES decryption algorithm the 8 bits key is Xor’ed with each cipher byte before substituting with s-box value and all other task in decryption processes are remain unchanged.

**6.Security Analysis of Proposed AES**

In section3, we have discussed about security measurement criteria for AES cryptosystem. Now, we will measure the security for all 128, 192 & 256 bits proposed AES based on three criteria.

**6.1 128 Bit Proposed AES**

**6.1.1.Time Security**

In section3, we have calculated that, brute force attack must check maximum 3.403×10^{38}key combinations for existing AES-128 and it needs almost 3.19 x 10^{14}years to find the key with the fastest Super Computer of this age. In our proposed AES-128**Error! Reference source not found.****Error! Reference source not found.**, the plaintext block size is 128, key size is 128 and additional random key size is 8. For this additional 8 bits, brute force attack has to check maximum 3.403+E^{38}x 2^{8 }(8.712 x 10^{40})key combinations and it needs maximum 3.19+E^{14}x 2^{8} (8.165 x 10^{16}) years to crack the proposed AES-128 with the fastest Super Computer of this age. So, it is not possible for human being to check all the key combination.

**6.1.2.Avalanche Effect**

To compute the avalanche effect of proposed AES-128, we consider two cases**Error! Reference source not found.****Error! Reference source not found.**.

** Case 1:** Here, the plaintext changes by 1 bit in every experiment, the 128 bit key is always constant and the additional 8bit key is random.

Key (16 byte): 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

Table 12. Avalanche Effect for Fixed 128 Bit Key and Variable Input Block

** Case 2:**In this case, the plaintext is always constant; the key changes by 1 bit and the additional 8bit key is random.

Input plaintext (16 bytes): 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15

Table 13. Avalanche Effect for Fixed Plaintext but Variable Key

Table 12 shows that, single bit variance in input plaintext shows a large number of bit variance in output. Again table 13 also shows that, single bit variance in 128 bit key shows a large number of bit variance in output. After all from both table we can say that, our proposed AES-128 maintains a good degree of Claude Shannon’s Confusion and Diffusion property.

**6.2.4.Strict Avalanche Criterion**

For measuring Strict Avalanche criteria, we analyzed five experiments. Here the 128 bits key is fixed and the additional 8 bits key is random.

Table 14. SAC for Proposed AES-128

Table 14 shows that, in five experiments for 8112 sample encryption, average 4347 times the proposed AES-128 maintains the SAC condition. That means for single bit variance in input plaintext, bit variance in chipper text is more than 50% for average 4347 times.

**6.2. 192 Bits Proposed AES**

**6.2.1.Time Security**

For existing AES-192 we have calculated in section3 that, brute force attack has to check maximum 6.278 x 10^{57 }key combinations to find the key and it needs almost 5.88 x 10^{ 33 }years to crack AES-192 **Error! Reference source not found.****Error! Reference source not found.**with the fastest Super Computer of this age. In our proposed AES-192, the plaintext block size is 128, key size is 192 and additional random key size is 8. For this additional 8 bits, brute force attack has to check maximum6.278+E^{57 }x 2^{8 }(1.607 x 10^{60}) key combinations to find the key and it needs maximum 5.88+E^{33 }x 2^{8} (1.505 x 10^{36}) years to crack the proposed AES-192 with the fastest Super Computer of this age. So, it is not possible for human being to check all the key combination.

**6.2.2.Avalanche Effect**

** **To compute the avalanche effect of proposed AES-192, we consider two cases.

** Case 1:** Here, the plaintext changes by 1 bit in every experiment, the 192 bit key is always fixed and the additional 8 bit key is random.

Key (24 byte): 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F FF EE DD CC BBAA 99 88

Table 15. Avalanche Effect for Fixed 192 Bit Key and Variable Input Block

** Case 2:** In this case, the plaintext is always fixed; the key changes by 1 bit and the additional 8bit key is random.

Input plaintext (16 bytes): 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15

Table 16. Avalanche Effect for Fixed Plaintext but Variable Key

Table 15 shows that, single bit variance in input plaintext shows a large number of bit variance in output cipher text. Again, table 16 also shows that, single bit variance in 192 bits key shows a large number of bit variance in output. After all, from both table we can say that, our proposed AES-192 maintains a good degree of Claude Shannon’s Confusion and Diffusion property.

**6.2.3.Strict Avalanche Criterion**

For measuring Strict Avalanche criteria, we analyzed five experiments. Here the 192 bits key is fixed and the additional 8 bits key is random.

Table 17. SAC for Proposed AES-192

Table 17 shows that, in five experiments for 8112 sample encryption, average 4368.8 times the proposed AES-192 maintains the SAC condition. That means for single bit variance in input plaintext, bit variance in chipper text is more than 50% for average 4368.8 times.

**6.3 256 Bit Proposed AES**

**6.3.1 Time Security**

For existing AES-256 brute force attack checks maximum 1.158 x 1077 key combinations to find the key and it needs almost 5.88 x 10 33 years to crack AES-256 with the fastest Super Computer of this age. In our proposed AES-256, the plaintext block size is 128, key size is 256 and additional random key size is 8. For this additional 8 bits, brute force attack has to check maximum 1.158+E77 x 28 (2.965 x 1079) key combinations to find the key and it needs maximum 1.0844+E53 x 28 (2.776 x 1055) years to crack the proposed AES-256Error! Reference source not found.Error! Reference source not found. with the fastest Super Computer of this age. So, it is not possible for human being to check all the key combinations.

**6.3.2 Avalanche Effect**

To compute the avalanche effect of proposed AES-256, we consider two cases.

** Case 1: **Here, the plaintext changes by 1 bit in every experiment, the 256 bit key is always fixed and the additional 8 bits key is random.

Key (32 byte): 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F FF EE DD CC BB AA 99 88 77 66 55 44 33 22 11 2A

Table 18. Avalanche Effect for Fixed 256 Bit Key and Variable Input Block

** Case 2:** In this case, the plaintext is always fixed; the 256 bit key changes by 1 bit and the additional 8 bits key is random.

Input plaintext (16 bytes): 00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15

Table 19. Avalanche Effect for Fixed Plaintext but Variable Key

Table 18 shows that, single bit variance in input plaintext shows a large number of bit variance in output cipher text. Again, table 19 also shows that, single bit variance in 256 bits key shows a large number of bit variance in output. After all, from both table we can say that, our proposed AES-256 maintains a good degree of Claude Shannon’s Confusion and Diffusion property.

**6.3.3. Strict Avalanche Criterion**

For measuring Strict Avalanche criteria, we analyzed five experiments. Here the 256 bits key is fixed and the additional 8 bits key is random.

Table 20. SAC for Proposed AES-256

Table 20 shows that, in five experiments for 8112 sample encryption, average 4385.8 times the proposed AES-256 maintains the SAC condition. That means for single bit variance in input plaintext, bit variance in chipper text is more than 50% for average 4385.8 times.

**7.Security Comparisons of Proposed AES with Existing System**

**7.1.Time Security**

The comparison between existing and proposed AES in basis of time security is given in table 21.

Table 21. Time Security Comparison between Existing & Proposed AES System

**7.2.Avalanche Effect**

In existing system, if the key (128, 192 or 256) and input block are fixed then the avalanche effect is constant. But in proposed plan, although the key (128, 192 or 256) and input block are fixed, the 8 bit key is random with each execution. So the avalanche effect always varies with every execution.

To compare Avalanche effect criteria between existing & proposed plan, we did three experiments for proposed plan and a single experiment for existing system. In every experiment 8112 sample inputs were taken. For every input, we computed the avalanche effect and took the average of all 8112 inputs. The total result is enlisted in table 22.

Table 22. Avalanche Effect Comparison between Existing & Proposed AES System

**7.3.Strict Avalanche Criterion**

To compare strict avalanche effect between existing & proposed system, we did five experiments. In each experiment there were 8112 sample inputs. After completing those experiments, we have enlisted the average result in table 23.

Table 23. SAC Comparison between Existing & Proposed AES System

**8.Result & Conclusion**

We have studied the existing Advanced Encryption Standard and its implementation. We have also analyzed the security of existing AES algorithm in basis of time security, avalanche effect, and strict avalanche effect. We conclude that AES is one of the best secured algorithms at present time. Although, historically, brute force attack can be used against all cryptographic algorithms.

In our work, we have proposed a new plan and enhanced the security by XORing a new 8 bit key in key expansion and each round of existing system. We have also analyzed the security of our proposed plan in basis of those three criteria. Finally, we have found that the time security of the proposed plan increases by 256 times compared to the existing system. The avalanche effect always fluctuates with each execution while the avalanche effect in existing system is always fixed and the strict avalanche effect of the proposed system is greater than the existing system for all 128, 192 and 256 key sizes.

Figure 8. SAC Comparisons between Existing and Proposed AES

**9.References**

[1] Guy-Armand Yandji, Lui Lian Hao, Amir-Eddine Youssouf, Jules Ehoussou, “RESEARCH ON A NORMAL FILE ENCRYPTION AND DECRYPTION” in proceedings of IEEE 2011.

[2] Hyubgun Lee, Kyounghwa Lee, Yongtae Shin, “AES Implementation and Performance Evaluationon 8-bit Microcontrollers”, International Journal of Computer Science and Information Security,Vol. 6 No. 1, 2009

[3] “Specification for the ADVANCED ENCRYPTION STANDARD (AES)”, Federal Information Processing Standards Publication 197 November 26, 2001

[4] Saberi, I. Shojaie, B. ; Salleh, M. “Enhanced Key Expansion for AES-256 by using Even-Odd method”, Research and Innovation in Information Systems (ICRIIS), 23-24 Nov. 2011

[5]Liam Keliher ,“Substitution-Permutation Network Cryptosystems Using Key-Dependent Boxes”, http://www.researchgate.net/publication/2822741, ARTICLE • NOVEMBER 1997

[6] Krishnamurthy G N and V Ramaswamy, “Making AES Stronger: AES with Key Dependent S-Box.” International Journal of Computer Science and Network Security, VOL.8 No.9, September 2008

[7] Mohan H. S. and A Raji Reddy, “ Performance Analysis of AES and MARS Encryption Algorithms”, IJCSI International Journal of Computer Science Issues, Vol. 8, Issue 4, No 1, July 2011

[8] Manisha S. Mahindrakar’ “Evaluation of Blowfish Algorithm based on Avalanche Effect”, International Journal of Innovations in Engineering and Technology (IJIET), Vol. 4 Issue 1 June 2014

[9] Akash Kumar Mandal1, Mrs. Archana Tiwari, “Analysis of Avalanche Effect in Plaintext of DES using Binary Codes”, International Journal of Security, Privacy and Trust Management, Volume 1, Issue 3, September – October 2012

[10] SriramRamanujam and MarimuthuKaruppiah, “Designing an algorithm with high Avalanche Effect”, International Journal of Computer Science and Network Security, VOL.11 No.1, January 2011

[11] K.Anchugam and M.Tamilselvi “New Data Encryption Standard Algorithm” , International Journal of Computer Science and Network Security, VOL.13 No.4, April 2013

[12] M.Abirami, S. Chellaganeshavalli, “Performance Analysis of AES and Blowfish Encryption Algorithm”, International Journal of Innovative Research in Science, Engineering and Technology, Vol. 2, Issue 11, November 2013

[13] AbdulkarimAmerShtewi, BahaaEldin M. Hasan and Abd El Fatah .A. Hegazy,” An Efficient Modified Advanced Encryption Standard (MAES) Adapted for Image Cryptosystems”, International Journal of Computer Science and Network Security, VOL.10 No.2, February 2010

[14] Nidhi Singhal and J.P.S.Raina, Comparative Analysis of AES and RC4 Algorithms for Better Utilization, International Journal of Computer Trends and Technology- July to Aug Issue 2011

[15] M.Abirami, S. Chellaganeshavalli, “Performance Analysis of AES and Blowfish Encryption Algorithm”, International Journal of Innovative Research in Science,Engineering and Technology, Vol. 2, Issue 11, November 2013

[16] Chandra Prakash Dewangan,Shashikant Agrawal, A Novel Approach to Improve Avalanche Effect of AES Algorithm, International Journal of Advanced Research in Computer Engineering & Technology Volume 1, Issue 8, October 2012

[17] Amish Kumar , Mrs. Namita Tiwari, “EFFECTIVE IMPLEMENTATION AND AVALANCHE EFFECT OF AES”, International Journal of Security, Privacy and Trust Management ( IJSPTM), Vol. 1, No 3/4, August 2012

[18] Akash Kumar Mandal, Mrs. Archana Tiwari, “Analysis of Avalanche Effect in Plaintex of DES using Binary Codes”, International Journal of Security, Privacy and Trust Management ( IJSPTM), Volume 1, Issue 3, September – October 2012

[19]Jayant P. Bhoge, Dr. Prashant N. Chatur,” Avalanche Effect of AES Algorithm”, International Journal of Computer Science and Information Technologies, Vol. 5 (3), 2014, 3101 – 3103

[20] Opala, Omondi John; Rahman, Shawon; and Alelaiwi, Abdulhameed; “The Influence of Information Security on the Adoption of Cloud computing: An Exploratory Analysis”, International Journal of Computer Networks & Communications (IJCNC), Vol.7, No.4, July 2015

[21] Rader, A., Marc and Rahman, Syed (Shawon); “Exploring Historical and Emerging Phishing Techniques and Mitigating the Associated Security Risks”; International Journal of Network Security & Its Applications (IJNSA), ISSN:0974-9330(online); 0975-2307

[22] Opala, John, Omondi; Rahman, Shawon and Alelaiwi, Abdulhameed ; “An Analysis on the Factors Influencing Managers’ Decision to Adopt of Cloud Computing”; ” Handbook of Research on Architectural Trends in Service-Driven Computing” IGI Global in 2014,DOI: 10.4018/978-1-4666-6178-3

**AUTHORS**

**Abdullah Al- Mamun**: Abdullah Al- Mamun is doing MSc in Computer Science & Engineering in Jessore University of Science & Technology. He earned his graduation degree in CSE from same university in 2015. His research focus is on information security, cloud technology and specially on encryptiontechnology. Mamun has two years of work experience in the field of web application development.

**Dr. Shawon Rahman**: Dr. Shawon S. M. Rahman is an Associate Professor in the Department of Computer Science at the Majmaah University, Majmaah, KSA. Dr. Rahman’s research interests includeInformation Assurance and Security, Software Engineering education, Software Testing & QA, Cloud Computing, Mobile Application Development, and Web Accessibility. He has published over 100 peer-reviewed articles and is a member of many professional organizations including IEEE, ACM, ASEE, ASQ, ISACA, and UPE.

**Tanvir Ahmed Shaon**: Tanvir Ahmed Shaon has earned his master’s degree in Computer Science and Engineering from Military institute of science and technology. His research focus is on Ad-hoc network security. He also holds an BSc in Computer Science and Engineering. Shaon has two years’ work experience in the field of web technology

**MdAlam Hossain**: Md. Alam Hossain is working as an Assistant Professor at the department of Computer Science & Engineering in Jessore University of Science & Technology (JUST), Jessore, Bangladesh. Prior to that, he joined as Lecturer at the same department. He completed his B.Sc and M.Sc (Thesis) in Computer Science & Engineering from Islamic University, Kushtia, Bangladesh. Currently he is pursuing PhD on Cloud Computing Security. His research interest fields are Cloud Computing, Cloud Computing Architecture, Cloud Computing Security Issues, Cloud Computing Application Services and Quality, Cyber Security, Banking Solutions Security, Network Security, Digital Forensic Science, Steganography, Information Security, Internet Security.

%d bloggers like this: