CA-PCS: A Cellular Automata based Partition Ciphering System

In this paper, the authors present a modified version of the Partition Ciphering System (PCS) encryption system previously proposed. The previously developed encryption system PCS uses the partition problem to encrypt a message. The goals of newly developed system are avoiding statistical and frequency attacks, by providing a balance between 0s and 1s, ensuring a good level of entropy and achieving confidentiality through encryption. One of the novelties of the new design compared to its predecessor is the use of cellular automata (CAs) during the encryption. The use of CAs is justified by their good cryptographic properties that provide a level of security against attacks, and better confusion and diffusion properties. The new design is first presented with details of the encryption and decryption mechanisms. Then, the results of the DIEHARDER battery of tests, the results of the avalanche test, a security analysis and the performance of the system are outlined. Finally, a comparison between CA-PCS and PCS as well as the AES encryption system is provided. The paper shows that the modified version of PCS displays a better performance as well as a good level of security against attacks. Keywords—Partition ciphering system; partition problem; frequency analysis; cellular automata; avalanche effect; confusion; diffusion; statistical properties; cryptographic properties


I. INTRODUCTION
One of the five pillars of cryptography is achieving confidentiality. This latter comprises two principles: data confidentiality and privacy. Data confidentiality ensures that no data is accessed or revealed to unauthorized parties. Privacy controls the access to data and storage of data by concerned parties [1]. This paper presents a modified version of the Partition Ciphering System (PCS), which was previously developed by the authors [2]. It is a symmetrical encryption system based on the partition problem, more precisely the Card-Partition version. The use of the partition problem in PCS was motivated by the fact that it changes the frequency of the appearance of characters between the plaintext and the ciphertext. Consequently, PCS is robust against frequency cryptanalysis; an adversary cannot learn any information about the plaintext from the ciphertext. However, PCS has some limitations to check the diffusion property and resistance to some attacks like linear and differential attacks. A cellular automaton (CA) is a suitable candidate to provide better confusion and diffusion. Also, the CA cryptographic properties could be studied to verify the security level. These later are nonlinearity, algebraic degree, balancedness, resiliency, and correlation immunity. A CA is a dynamic system involving a network of cells. CAs are widely used in cryptography and other fields to benefit from their simplicity, parallelism, and unpredictability. Besides, CAs make the hardware and software implementations easier [3]. In this paper, a new design called CA-PCS (Cellular Automata based Partition Ciphering System) is proposed. It consists of a hybrid CA, with satisfying cryptographic properties, that evolves multiple iterations to increase resistance to linear and differential attacks, followed by the insertions of necessary blocks so that the frequency of all the blocks is the same. In addition to a random permutation is applied to the results of the second step. Each layer produces better confusion and diffusion, and consequently, better resistance to linear and differential cryptanalysis. Also, the cryptographic properties of the CA ruleset are studied and display good results. A high nonlinearity, high algebraic degree, and balancedness are satisfied. CA-PCS was compared to AES and PCS in terms of randomness, security, and performance. Thus, the CA-PCS results are satisfying.
The rest of this article is organized as follows: In Section 2, a brief background on cellular automata is presented. Next, in Section 3, the related works are included. Then, CA-PCS is detailed in Section 4. Section 5 provides a brief description of the PCS and AES encryption systems. Finally, Section 6 presents results and security analysis.

II. BACKGROUND ON CELLULAR AUTOMATA
The history of cellular automata goes back to the 1940s when Stanislaw Ulam [4] initiated their study by taking interest in self-replicating automata. Then in the 1960s, John von Neumann used them in Biology for modeling self-reproduction [5]. They were later on popularized by John Conway's game of life in the 1970s [6]. They were first use in cryptography by Stephen Wolfram in the 1980s [7]. Simply put, a cellular automaton is a network of cells, each of which has a state that changes from a time step t to a time step t+1 according to a defined local rule and depending on its neighbors. The interest of the scientific community in cellular automata stems from the fact that simple local calculations at the cells scale produce a complex behavior at the automaton scale. Another interesting aspect of using cellular automata is that both uniformity and non-uniformity can be modeled. A cellular automaton is defined as [3] (d, L, S, N, f ), where d represents the cellular space dimension, L represents the cellular space, S is the finite set of states, N is the neighborhood vector and f or (f 1 ,f 2 ,...) is the local rule or ruleset respectively. The global rule of the cellular automata is designated by Φ.
By modifying the tuple (d, L, S, N, f), different kinds of cellular automata can be obtained. One interesting type of cellular automata was introduced by Wolfram in [8]. This kind of CAs is called Elementary Cellular Automata (ECAs). They are one-dimensional, two-state (0 or 1), 3-neighborhood CAs. They are of particular interest in cryptography as their simple implementation, both in hardware and software, their good cryptographic properties and the small number of possible rules (2 2 3 = 256) are well suited in this field as they can be thoroughly studied. The local rules can be either linear (only XOR operator ⊕ in their Boolean expression) or nonlinear (AND(·)/OR(+) operators as well in their Boolean expression). Table I shows an example of a linear and nonlinear rule.

III. RELATED WORK
The partition problem or Equal Piles Problem, which is the source of inspiration for this work, was first studied by Jones and Beltramo in [9], where they defined a challenging instance. They tried nine standard genetic algorithms, but without finding an optimal solution. To solve this instance of the problem, Falkenauer [10] and William [11] proposed particular types of genetic algorithms. Concretely, Falkenauer [10] tried to adjust the grouping genetic algorithm that he designed previously using specific crossover and mutation operators suited for similar problems. William [11]used a particular approach in the design of the Eager Breeder genetic algorithm, which makes the manipulation of genetic materials easier and produces better results compared to the previous algorithms. However, their results are not that good for this article's proposed design.More recently, evolutionist algorithms were also used to come up with a solution to the partition problem as in the works of Trichni [12], Bougrine [13] and Kaddouri [14].
The first use of cellular automata in cryptography goes back to Wolfram in [7]. He applied rule 30 to design a pseudorandom number generator (PRNG) and a stream cipher. A more recent example of the use of CAs in an encryption algorithm is the design of Das et al. [15] who proposed a block cipher using one dimensional programmable CAs. Other works using one dimensional uniform CAs include Bhaumik [16] and Roy [17]. Non uniform one-dimensional CAs were studied by Mehta [18] and Bouchkaren [19]. Two dimensional uniform CAs were used by Bouchkaren [20] and Faraoun [21]. CAs were also used for image encryption by Li in [22], who made use of two dimensional non-uniform CAs. Other image encryption schemes can be found in [23] and [24].

A. CA-PCS Encryption Algorithm
The CA-PCS encryption scheme goes through three steps: 1) CA Evolution: The first step includes the hybrid CA evolving of the binary message using the rules {90, 150, 30, 180, 45, 90, 150, 30}. Linear rules 90 and 150 provide better diffusion property and high cycle length [25]. While nonlinear rules 30, 45, and 180 provide better confusion property [26]. Moreover, these rules provide resistance to linear attacks and differential attacks. Because of the high nonlinearity met after a few iterations and the significant algebraic degree.
2) Blocks Insertion: The second step consists of representing the first step's result as a partition and add some blocks at random positions to get the same appearance frequency for all blocks. At first, the CA output is split into blocks of a randomly chosen size 2 ≤ k ≤ 16. Then the ideal cardinality IC is computed IC = max{Card(L 1 ), Card(L 2 ), ..., Card(L m )}. Next, for each block B i , the cardinality of the corresponding L i , representing the positions of Bi in the CA output, is 3) Permutation: Finally, a random permutation is applied to the set {L 1 , L 2 , ..., L m }. This permutation is useful to change the blocks' occurrence lists L i s. It is denoted formally by π : S → S where S is a set of m elements. m! permutation of {L 1 , L 2 , ..., L m } are possible. A possible example of a random permutation for m=10, π :{L 1 , L 2 , L 3 , L 4 , L 5 , L 6 , L 7 , L 8 , L 9 , L 10 } → {L 2 , L 4 , L 1 , L 6 , L 3 , L 9 , L 7 , L 10 , L 8 , L 5 }. Following this example, Accordingly, B 1 will appear in the positions of B 2 , B 2 will appear in those of B 4 , and so on.

B. CA-PCS Decryption Algorithm
The CA-PCS decryption process, as Fig. 2 displays, is as follows, given the ciphertext C and the secret key SK = {k, CASeq, ListOf InsertedBlocksP ositions, P Seq}: At first, the PSeq sequence is XORed with the ciphertext to get M". Then, M" is split into blocks of size k. Next, inserted blocks are removed from M" using the ListOfInsertedBlocksPositions to get M'. Then M' is XORed with the CASeq to get the plaintext.

A. Partition Ciphering System (PCS)
The Partition Ciphering System PCS [2] is a symmetric enryption schemme that encrypts a plaintext in three steps. the first step consists of the construction of a partition from the plaintext, which is initially split into blocks of size k>2. Each block is associated with a list of occurrences. This partition un-

B. Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES) [27] is a symmetric cipher that encrypts 128-bit blocks using keys of size 128 bit, 192 bit, or 256 bit. It comprises N rounds, where N changes according to the length of the key: 10 for a 128-bit key, 12 for a 256-bit key, and 14 for a 192-bit key. In the first step, the plaintext is XORed by the first 128 bit of the key. Next, for N-1 iteration, four operations are performed: SubBytes, ShiftRows, MixColumns, and AddRoundKey. [27] provides a detailed description of these operations. Finally, the last round consists of only SubBytes, ShiftRows, and AddRoundKey operations.

VI. RESULTS AND SECURITY ANALYSIS
This section displays the statistical tests and the confusion and diffusion properties of CA-PCS compared to the AES.

A. Dieharder Test
The battery of tests Dieharder was designed by Robert G. Brown to check out the behavior of PRNGs and cryptographic primitives like encryption systems, hash functions, and MACs. It involves tests from diehard, some NIST tests, and other tests developed by Brown and Bauer [28]. The authors generated three files of 10 Mb using PCS, CA-PCS, and AES ciphers. Then, they run the battery overs these files. Table II

B. Confusion and Diffusion Tests
This section presents the confusion and diffusion properties of the CA-PCS system in comparison with AES. A secure encryption system from statistical analysis, as stated by Shannon [29], has good confusion and diffusion properties (e.g., AES is a secure system). If the relation between the ciphertext and the secret key is hidden, then the confusion property is verified. In other terms, replacing one bit in the secret key has an impact on most of the bits in the ciphertext. If the relation between the plaintext and the ciphertext is masked, then the diffusion property is checked. In other words, changing one bit in the plaintext affect almost all the bits of the ciphertext. Fig. 3 shows the confusion property for CA-PCS compared to the AES. According to Fig. 3, the percentage of the changed bits in the ciphertext is approximately 50% for CA-PCS and AES. Concretely, the values for CA-PCS are between 0.40% and 0.61%, while the values for AES are between 0.36% and 0.61%. These values confirm that CA-PCS has better confusion property. Fig. 4 illustrates the diffusion property of CA-PCS and AES. The mean value of the percentages of changed bits in the ciphertext is nearly 50%. The values for CA-PCS are between 41% and 61%, and the values for AES are between 37% and 67%. Consequently, CA-PCS has better diffusion.

C. Encryption and Decryption Time of CA-PCS, AES and PCS
This part (Fig. 5) compares the encryption and decryption time of CA-PCS with the previously developed scheme PCS and AES. Fig. 5 shows that CA-PCS requires less time in the encryption process compared to PCS and AES. While the

D. Frequency Analysis
This part presents the frequency analysis of the outputs of CA-PCS and PCS. As mentioned in [2], the purpose was to have a ciphertext with blocks appearing with the same frequency, so that frequency analysis does not reveal any information about the plaintext. As CA-PCS is an improved version of PCS, the same objective persists. CA-PCS is different from PCS in all steps. The CA evolution is the first step of CA-PCS. Next, the ideal cardinality computation. Later, the insertion of blocks follows. The resulting intermediate output undergoes a permutation. While in PCS, the ideal cardinality is computed in a way to have blocks to add or remove. The objective of CA-PCS design is to provide better confusion and diffusion, in addition to resistance to some attacks like linear and differential attacks. Fig. 6 represents the frequency analysis performed on the outputs of CA-PCS and PCS for the same plaintext. Fig. 6 shows that frequency analysis will never divulge any information. As a result, frequency cryptanalysis is impossible.

E. Cryptographic Properties of the Ruleset Used in the CA Evolution
This section presents the cryptographic properties, namely, nonlinearity, algebraic degree, correlation immunity, resiliency, and balancedness, of the CA ruleset {30, 90, 150, 30, 180, 45, 90, 150}. It is applied alternately on the CA cells in the evolution step. In this section, to study the ruleset, an example of 8 cells is considered. Tables III to VII shows the variation of the cryptographic properties with iterations.

F. Brute-Force Attack
In a brute-force attack, the attacker tests each possible key to get a comprehensible plaintext from the transformation of the ciphertext [1]. The key length is considered the security parameter that provides the security level of the studied system. This attack needs more time and resources to get the right key when the key length is high. It can be impossible unless an attacker has a quantum computer. If the level of security desired is for the near term, then a symmetric key of at least 128 bit is used. The key should be of at least 256 bit to reach long term security. Since the AES has three versions, AES-128, AES-192, and AES-256, both security levels can be satisfied. PCS, from [2], has a secret key of size greater than 256 bit. Also, CA-PCS has a secret key of at least 256 bit. Unless an attacker has a quantum computer, he cannot get the secret key to decrypt to an intelligible plaintext. Table VIII summarises the security level of AES, PCS, and CA-PCS.

G. Linear and Differential Attacks
Linear attack analyzes the linear approximations of the plaintext, the ciphertext, and the secret key [30]. It is a knownplaintext attack, while differential attack studies the differences between plaintexts and ciphertexts [31]. It is a chosen-plaintext attack. A cipher should be robust against the linear and differential attacks. The confusion property, which is satisfied using the nonlinear parts of the system, is necessary to resist these types of attacks. In general, S-Boxes are responsible for this purpose. But, other primitives, like nonlinear cellular automata, can lead to the same results. In CA-PCS, the ruleset used to evolve the CA has high nonlinearity, and maintain the balancedness. These features make these attacks difficult for a cryptanalyst.

VII. CONCLUSION
In this article, an enhanced version of PCS, a previously developed encryption scheme, is proposed. The proposed system, called CA-PCS, makes use of cellular automata to increase the security level of the design. Precisely, the ruleset used provides satisfying results in terms of cryptographic properties, randomness tests, confusion, and diffusion properties. Linear and differential attacks are difficult to achieve because of the high non-linearity and the high algebraic degree provided by the ruleset. Also, the balancedness and the randomness produce resistance to statistical cryptanalysis. Moreover, CA-PCS is robust against brute force attacks. Besides, the performance of CA-PCS is better than PCS and AES. In future work, the authors will extend the proposed scheme to ensure authentication.