Strengthening AES Security Through Key-Dependent ShiftRow and AddRoundKey Transformations Utilizing Permutation

—AES (Advanced Encryption Standard) is a widely applied block cipher standard in the United States, used in various security applications today. Currently, there are numerous research endeavors aimed at making AES block ciphers dynamic to improve their security against contemporary strong attacks. The most common dynamic approach involves the dynamization of AES block transformations, including SubByte, ShiftRow, AddRoundKey, and MixColumn operations. The combination of these transformations has also been explored and proposed. However, to the best of our knowledge, the dynamic combination of AddRoundKey and ShiftRow transformations remains unexplored. Therefore, in this paper we introduce algorithms for generating key-dependent AddRoundKey and ShiftRow transformations based on permutations. Subsequently, these key-dependent transformations are applied to AES to create dynamic AES block ciphers. Security analysis and evaluation of NIST’s statistical criteria are performed, and the entropy of AES and dynamic AES is assessed. From our findings, it is evident that dynamic AES block ciphers can significantly enhance AES security and meet stringent randomness criteria, similar to AES.


I. INTRODUCTION
Along with the strong development of information technology, security risks and attacks are increasing in complexity.Therefore, cryptographic primitives are being widely used in various security domains nowadays [1,2,3].Substitution-Permutation Network (SPN) block ciphers [4,5,6] represent a prevalent category of block ciphers extensively applied in contemporary cryptographic scenarios.An SPN block cipher comprises three primary components: the substitution layer, which typically employs S-boxes [7][8][9][10]; the diffusion layer, commonly utilizing MDS matrices [11][12][13][14] (matrices derived from maximum distance separable codes); and the key addition layer.AES [15,16] belongs to the class of SPN block ciphers and serves as a block cipher standard established by NIST in 2001, originating in the United States.The AES round function incorporates three operations, namely key addition, substitution, and linear transformations.AES, one of the world's most widely used encryption algorithms, faces potential vulnerabilities that could be exploited by cryptanalysts.The simplicity of AES's mathematical structure and the threat of attacks such as algebraic attacks [17], linear attacks [8,18], and differential attacks [18,19], make its security a concern.Moreover, the advent of supercomputers and quantum computing poses further risks, necessitating increased key lengths for maintaining security.Therefore, researching various approaches to enhance the security strength of AES is crucial in the current scenario.
To enhance the resilience of block ciphers against modern, potent attacks, extensive research has been conducted to animate these cryptographic algorithms.Specifically, with the AES block cipher, there is a variety of approaches to dynamize the AES block cipher to enhance its security.Some of these methods center on incorporating S-boxes in AES that depend on a secret key [20][21][22][23][24][25], while others work on creating key-dependent MixColumn transformations for AES [26][27][28].Notably, there are studies exploring the dynamization of both AES's S-boxes and MixColumn [29], or the dynamization of all three transformations: S-Boxes, MixColumn, and ShiftRow, which have also received attention [30][31][32].Another current research direction is to make the XOR operation dynamic in AES [33,34].
For the dynamic S-box approach in AES, in their work [20], the authors introduced a method for generating S-boxes that depend on the encryption key and possess favorable algebraic characteristics, including non-linearity, BIC, and SAC.Furthermore, an alternative approach to produce Sboxes that rely on the encryption key in AES was introduced in [21].This method entails establishing a novel arrangement for the S-box through the use of a simulated key expansion algorithm.In [22], the authors introduced an innovative method for creating variable S-boxes by rearranging the S-box of AES.These adaptable S-boxes rely on a secret key and utilize an affine constant and an unconventional polynomial.For each additional key bit, a fresh S-box with rearranged values is produced, thus enhancing the intricacy of the algorithm.In [23], the authors presented an approach to create S-boxes that vary with the encryption key, employing a evolving approach.The evaluative experimentation of these key-dependent S-boxes was conducted, focusing on characteristics such as achieving a SAC, BIC, balanced output, non-linearity, and probabilities related to linear and differential approximation.In [24], the authors introduced four straightforward procedures for producing key-influenced Sboxes.To assess the quality of these S-boxes, they introduced eight standardized dissimilarity measurements.The authors outlined four methods for generating key-influenced S-boxes and scrutinized eight normalized dissimilarity measurements www.ijacsa.thesai.orgemployed to appraise the effectiveness of these key-dependent generation techniques.Furthermore, in [25], Murphy et al. introduced an approach for the differential cryptanalysis of key-influenced S-boxes, elucidating methods for performing cryptanalysis with the utilization of these S-boxes.
For the dynamic Mixcolumn approach in AES, in [26], the authors proposed a MixColumn transformation that depends on the encryption key, derived from the AES MDS matrix, using scalar multiplication on the rows of the matrix along with an extra -bit key.An idea presented in [27] includes the creation of a diffusion layer that relies on the encryption key, achieved through scalar multiplication and immediate exponentiation.In [28], the authors introduced a collection of binary matrices that can be employed to create dynamic matrices resembling AES and recursive MDS matrices.
For the approach of making multiple transformations dynamic in AES, in [29], the authors introduced dynamic Sboxes and novel MixColumn matrices that preserve favorable cryptographic characteristics when developing dynamic AES.In [30], an image encryption method rooted in symmetric cryptography was introduced.It utilizes transformations like MixColumns, ShiftRows, and SubByte, which are dynamically influenced by the encryption key.In [31], the authors presented a dynamic block cipher based on AES, in which AES parameters vary for each unique key.More precisely, the ShiftRows, the SubBytes, and MixColumns transformations adapt according to the key, leading to distinct behavior for every key.Extensive testing has verified the security of the proposed algorithm.In [32], a fresh and efficient AES algorithm, which is dependent on the key, is introduced.The authors have put forward an innovative approach to enhance the advanced encryption standard algorithm by employing dynamic sub-byte, mix-column, and shift rows operations to ensure secure communication.This novel work exhibits superior avalanche and strict avalanche effects when compared to the conventional AES algorithm.
In [33,34], the authors introduced innovative techniques that employ key-dependent XOR tables utilizing 3D chaotic maps.The authors utilized XOR tables that rely on the initial confidential parameters.In [34], they established a fresh MDS matrix, however, regrettably, this matrix does not qualify as an MDS matrix.Furthermore, their approaches in [31,32] still exhibit numerous weaknesses and shortcomings.
Based on our review of related works, to the best of our knowledge, we haven't come across any research that investigates the combination of animating both the ShiftRow and AddRoundKey transformations of AES.In this paper, we introduce algorithms for generating key-dependent AddRoundKey and ShiftRow transformations based on permutations.Subsequently, we apply these key-dependent transformations to AES to create a dynamic AES block cipher.We conduct security analysis and evaluate NIST's statistical criteria, as well as assess the entropy of AES and dynamic AES.Consequently, it becomes evident that dynamic AES block ciphers can significantly enhance the security of AES and meet rigorous randomness criteria, similar to AES.
The structure of the remaining part of the paper is as follows: Section II provides preliminaries.Section III introduces algorithms for generating key-dependent ShiftRow and AddRoundKey transformations based on permutations.Section IV adapts the AES block cipher using key-dependent ShiftRow and AddRoundKey operations.Section V is conclusion.

A. Introduction to Hadamard Matrices
A Hadamard matrix [35] of dimension , with the initial row elements represented as , can be designated in the following manner.

( )
Furthermore, a Hadamard matrix of size has the following form.

( )
where and are matrices, is even.

B. ShiffRow and AddRoundKey Transformations in AES
The ShiftRow operation in AES processes the state by left rotating the last three rows of the state with a varying number of rotation.Row 1 of the state remains unchanged, row 2 of the state left rotates by 1 byte, row 3 of the state left rotates by 2 bytes, and row 4 of the state left rotates by 3 bytes.
The AddRoundKey operation in AES performs a bitwise XOR between the state and a round key.The AddRoundKey operation is represented by a 4-bit XOR table as described in Table I.

A. Algorithm for Generating Key-Dependent ShiftRow
First, we analyze the diffusion capacity of active bytes (non-zero byte) through two rounds of AES.Fig. 1 represents the diffusion state of AES after the first round, with the initial state containing an active byte (indicated by the black cell).

Input State SubByte ShiftRow Mixcolumn
Fig. 1.Diffusion state of AES after the first round.
According to Fig. 1, after the SubByte and ShiftRow transformations in the first round, the number of active bytes in the state array remains at 1. Subsequently, during the MixColumn transformation, the number of active bytes becomes 4 due to the diffusion capabilities of the MDS matrix, and the number of active bytes is preserved when going through the AddRoundKey transformation.Thus, starting with 1 active byte, there will be 4 active bytes at the end of the first round.Fig. 2 shows the diffusion state of AES after the second round.

Input State SubByte ShiftRow Mixcolumn
Fig. 2. Diffusion state of AES after the second round.
From Fig. 2, we can observe that the role of ShiftRow is extremely important in propagating active bytes from column 1 to all four columns of the state array.This allows, through the MixColumn transformation, the maximum number of active bytes to be achieved, which is 16 bytes in the state array.

Remark 1:
The crucial point in designing the ShiftRow transformation is its capability to distribute active bytes from one column to all the remaining columns, ensuring that all four columns of the state array contain at least one active byte.
According to Fig. 2, the number of bytes rotated in each row of the state by the ShiftRow transformation in AES can be described as shown in Fig. 3. Therefore, as long as the number of bytes rotated in each row is distinct and falls within the range [0, 3], active bytes will undoubtedly be propagated to all four columns of the state.Based on these observations, we propose the idea presented in Algorithm 1 to generate key-dependent ShiftRow transformations while ensuring the propagation of active bytes as described above.

Algorithm 1. Key-dependent ShiftRow Transformation Generation via Permutation
Input: A secret key consists of ( ) bits; A state of size .Output: The new ShiftRow operation for AES depends on the key ; A new state ́.
Step 1: Take the first two bits of the key and convert them into an integer, denoted as .Take the next two bits of and convert them into an integer.If this integer is different from , assign it to ; otherwise, shift the key to the right by one bit until you obtain .Continue this process until you have four distinct integers: . Step 2: From the permutation ( ) obtained in step 1, left rotate the rows of the state as follows: left rotate bytes for row 1, left rotate bytes for row 2, left rotate bytes for row 3, left rotate bytes for row 4. The resulting state is denoted as ́.
Step 3: The left rotation operation as in step 2 is called KD_ShiftRow.The KD_ShiftRow operation will be used to replace the ShiftRow operation in AES.

B. Algorithm for Generating Key-Dependent AddRoundKey Transformations
From the original XOR table of AES (Table I), we have a remark regarding three essential Attributes that a XOR and .
From the XOR table of AES, denote the matrices as follows:
Remark 4. The matrices ( ) are Hadamard matrices.And the matrix is also a Hadamard matrix in the form ( ) .Therefore, the XOR table of AES is created from the Hadamard matrix , where row 0 and column 0 (bolded) of this XOR table are ordered according to the first row of matrix , meaning in the order 0, 1, 2, …, 15.
From Step 1: Take the first two bits of the secret key and convert these two bits into an integer, denoted as .Take the next two bits of and convert them into an integer.If this integer is different from , assign this integer to ; otherwise, shift the key to the right by one bit until is obtained.Do the same for the remaining bits until four distinct integers are obtained: . Step 2: Construct a permutation-based Hadamard matrix using the permutation ( ) obtained in step 1, which has the form: ́ ( ).

Step 3: Construct a new 4-bit XOR table based on the
Hadamard matrix ́ such that the elements in the first row and the first column of this new XOR table follow the order of elements in the first row of matrix ́.
Step 4: Reorder the rows and columns of the new XOR table so that both row 0 and column 0 of the new XOR table follow an increasing order from 0 to 15.
Step 5: Replace the regular bitwise XOR operation in the AddRoundKey transformation of AES with the new XOR operation determined by the new XOR table created in step 4. The result is the KD_AddRoundKey operation, which is used in place of the AddRoundKey operation in AES.
Remark 5. Since there are permutations of (0, 1, 2, 3), there will be a total of new XOR tables generated by Algorithm 2, corresponding to the number of KD_AddRoundKey operations obtained.
Example 2. Suppose that step 1 of Algorithm 2 yields the permutation ( ) ( ) .The resulting Hadamard matrix is as follows: In that case, the resulting new XOR table after Algorithm 2 is presented in Table II.From the three attributes of an XOR table as mentioned in Remark 3, we prove the accuracy of the new XOR table generated by Algorithm 1 with the following proposition.Comparing with the original XOR table of AES, it can be observed that the elements of the new XOR table have been replaced by a one-to-one mapping as follows: , , …, .This substitution is applied to all elements of the original XOR table, including both row 0 and column 0.

According to Attribute 3 of the original XOR table: if
, it always holds that and .
From the replacement operation, we also have the corresponding relationship: if , it always holds that and .Therefore, Attribute 3 of the new XOR table is satisfied.
On the other hand, rearranging the order of rows and columns of the new XOR table so that row 0 and column 0 of that XOR table are in increasing order from 0 to 15 will not affect the values in the XOR table.Therefore, all three properties are satisfied for the new XOR table.

C. Proposing the Combined Algorithm
In this section, we will propose a combined algorithm to generate both the key-dependent ShiftRow and AddRoundKey transformations for the AES block cipher.

Algorithm 3. Generating key-dependent ShiftRow and AddRoundKey transformations.
Input: A secret key consisting of ( ) bits; The original XOR table of AES.Output: A new 4-bit XOR table; New key-dependent ShiftRow and AddRoundKey transformations for AES.
Step 1: Take the first two bits of key and convert these two bits into integers, denoted as .Take the next two bits of and convert them into integers.If this integer is different from , assign it to ; otherwise, shift key to the right by one bit until you obtain .Repeat this process until you have four distinct integers: . Step 2: From the permutation ( ) obtained in step 1, for any arbitrary state , perform a left rotation on the rows of the state as follows: rotate row 1 to the left by bytes, rotate row 2 to the left by bytes, rotate row 3 to the left by bytes, rotate row 3 to the left by bytes.This left rotating operation is named KD_ShiftRow and will be used to replace the ShiftRow operation in AES.
Step 3: Following the same procedure as in step 1, with the next bits of the secret key after step 1, we obtain a permutation ( ).
Step 4: Construct a Hadamard matrix based on the permutation ( ) obtained in step 3, in the form of: ́ ( ).
Step 5: Construct a new 4-bit XOR table based on the Hadamard matrix ́, with the first row and column of the new XOR table containing elements in the same order as those in the first row of matrix ́.Rearrange the rows and columns of the new XOR table so that the first row and column follow an increasing order from 0 to 15.
Step 6: Replace the usual bitwise XOR operation in the AddRoundKey transformation of AES with the new XOR operation defined by the XOR table generated in step 5.The result is the KD_AddRoundKey operation, which is used in place of AddRoundKey in AES.

A. Implementation of Experiments
Execute the combined algorithm in Algorithm 3 to obtain two key-dependent transformations: KD_ShiftRow and KD_AddRoundKey.Then, use these two transformations to replace the original ShiftRow and AddRoundKey in AES.The resulting dynamic AES algorithm is denoted as ShiftAES.For experiment, we select the AES-128 block cipher with a XOR table of 4-bit.This led to the development of a keydependent dynamic block cipher algorithm, which we named ShiftAES-128 based on Algorithm 3. We implement these algorithms using C++ on an Asus K43SJ Laptop (Core i5-2430M, 500GB, HDD 6GB RAM, Nvidia Geforce GT 520M).

B. Security Analysis
In the realm of block ciphers, encompassing AES, the most potent threats manifest in the form of differential attacks [18,19], linear attacks [18,36], or their derivatives.In the case of differential attacks, attackers must rely on predefined differential patterns to execute their strategies.Our ShiftAES block cipher ensures the continuous alteration of differential patterns [17], contingent upon the encryption key.This www.ijacsa.thesai.orgdynamic behavior significantly enhances the security of the ShiftAES block cipher, as it becomes exceedingly arduous for potential attackers to compute the differentials required for launching attacks.
The use of the key-dependent ShiftRow operation makes it considerably more challenging for attackers as it conceals the exact rotation values applied in AES's KD_ShiftRow, rendering decryption significantly more difficult.Moreover, the utilization of key-dependent AddRoundKey operations will heighten the intricacy of key-related attacks [37].It disrupts the conventional property of XOR tables, where different inputs with the same difference yield an output difference of 0. The dynamic nature of the relationship between input differences, driven by the variable key, adds an additional layer of security to block ciphers that incorporate such elements.
Combining both KD_ShiftRow and KD_AddRoundKey makes the attacker's task significantly more challenging.In the case of AES, attackers know how ShiftRow and AddRoundKey work, they might collect a large number of plaintext/ciphertext pairs for differential or linear cryptanalysis attacks.This number of pairs could be very large, let's assume it's .However, with the ShiftAES algorithm, there can be 24 possibilities for KD_ShiftRow and 24 possibilities for dynamic XOR tables, which results in possible combinations for ShiftRow and AddRoundKey used in ShiftAES.In this scenario, the number of plaintext/ciphertext pairs required for an attack is not just but .This number, at first glance, may not seem significantly larger, but in reality, it's extremely huge and has practical implications.So, for the dynamic AES block cipher, an attacker needs to collect plaintext/ciphertext pairs that are 576 times more than in the case of regular AES.This is not an easy task in practice.
Furthermore, when the encryption/decryption switches to a different secret key, meaning different KD_ShiftRow and KD_AddRoundKey are used, the attacker might not have enough time to gather a sufficient number of plaintext/ciphertext pairs to carry out the attack.
Therefore, it can be seen that the proposed dynamic method can significantly increase the security of AES.Furthermore, as mentioned in the introduction, our proposed method is a novel approach, which may be highly beneficial for cryptography designers in designing secure dynamic SPN block ciphers.

C. Evaluating the Random Statistical Standards
In this section, we assess the random statistical standards according to NIST SP 800-22 [38] and Shannon Entropy criteria [39] of the AES and ShiftAES block cipher.
NIST SP 800-22 [38] has been developed to serve as the primary and extensively utilized means for evaluating the statistical randomness of random or pseudorandom number generators in the field of cryptography.NIST's set of randomness assessments encompasses a total of 15  For a given input sequence, every test computes a respective p-value, which is then compared to the significance level .Should , it is inferred that the sequence exhibits randomness, and conversely.
Entropy, also known as information entropy, is described as the degree of unpredictability concerning an individual's knowledge or the result of an experiment before it is observed, as well as the connected deterministic characteristics for forecasting its value.Higher entropy indicates increased uncertainty when forecasting an observation's value.Shannon entropy represents one category of information entropy developed by Shannon in [39].
1) Evaluate the shannon entropy change using the ENT tool: Shannon entropy is a vital indicator of randomness.In this section, we assess the alteration in Shannon entropy for the four datasets, namely LW, HW, AV1, and Rot, across each round of the DAES block cipher.This analysis aims to provide a comprehensive view of the randomness at each round.We utilized the ENT tool [40] to perform the evaluations and acquired the subsequent outcomes.
The results of the entropy evaluation are presented in Table III.The entropy evaluation results show that after three rounds, the entropy of data encrypted by both original AES and ShiftAES is approximately 8 bits/byte.This implies that both block ciphers achieve randomness properties with three or more rounds.

2) The evaluation results according to NIST SP 800-22:
We conducted an evaluation of the statistical tests for rounds 1, 2, ..., 10 of both AES and ShiftAES.Tables IV to VIII display the results of the randomness evaluation of AES and ShiftAES across 1, 2, 3, 4, and 10 rounds.www.ijacsa.thesai.orgThe results show that both the original AES and ShiftAES achieve randomness when they pass all the tests.For rounds fewer than four, both AES and ShiftAES still fail in some tests.From round 5 to round 10, both AES and ShiftAES block ciphers pass all tests.It means that the p-values of those tests are all greater than or equal to 0.01 from round 5 to round 10.Therefore, both block ciphers exhibit randomness when using four rounds or more.
Combining the evaluation results based on entropy and statistical tests from NIST SP 800-22, we conclude that the ShiftAES algorithm achieves randomness with a number of rounds greater than or equal to four and is equivalent to the original AES algorithm.

V. CONCLUSION
In this paper, we propose algorithms for generating keydependent AddRoundKey and ShiftRow transformations based on permutations.Subsequently, we apply these keydependent transformations to AES to create a dynamic AES block cipher.We conduct a security analysis and evaluate the statistical standards of NIST, assess the entropy of both AES and the dynamic AES (ShiftAES).Consequently, it is evident that the dynamic AES block cipher can significantly strengthen the security of AES and meets statistical randomness criteria similar to AES.This result is significant both in theory and practice, providing cryptographic researchers with a new method to improve block cipher security.Our future research direction involves further development of other dynamic algorithms to strengthen the resilience of SPN block ciphers against cryptanalysis.

STATEMENTS AND DECLARATIONS
Funding: No funding was received for conducting this study.
Financial interests: The author declare they have no financial interests.
Competing interests: The author have no competing interests to declare that are relevant to the content of this article.
Research Data Policy and Data Availability Statements: Data sharing not applicable to this article as no datasets were generated or analysed during the current study.

Fig. 3 .
Fig. 3.The number of bytes rotated in each row of the state by the ShiftRow in AES.

Example 1 .
If step 1 of Algorithm 1 results in the permutation ( ) ( ) , then the KD_ShiftRow operation obtained from Algorithm 1 will function as shown in Fig. 4.

Fig. 5
illustrates the diagram of encryption/decryption rounds in the ShiftAES algorithm.

TABLE I
0 www.ijacsa.thesai.orgIII.PROPOSING ALGORITHMS TO GENERATE KEY-DEPENDENT SHIFTROW AND ADDROUNDKEY TRANSFORMATIONS BASED ON PERMUTATION table must possess.www.ijacsa.thesai.orgRemark 3. Three essential Attributes of an XOR table  Attribute 1: Every row and column in the XOR table contains unique values within the range of 0 to 15.

Algorithm 2. Generating a new 4-bit XOR table and key- dependent AddRoundKey transformation based on permutation.
Remark 4, it can be seen that by permuting the matrices , new Hadamard matrices can be generated.Based on this idea, we propose Algorithm 2 to generate a new XOR table and key-dependent AddRoundKey transformation by permuting the matrices in matrix .

TABLE II .
THE NEW XOR TABLE GENERATED FROM ALGORITHM 1 Since the Hadamard matrix ́ is essentially a permutation of elements within a row of the original XOR table of AES, Atrribute 1 of the new XOR table is satisfied.www.ijacsa.thesai.org tests, which are outlined below.

TABLE III .
EVALUATION RESULTS OF ENTROPY FOR AES AND SHIFTAES

TABLE IV .
RANDOMNESS EVALUATION OF AES AND SHIFTAES OVER 1 ROUND

TABLE VI .
RANDOMNESS EVALUATION OF AES AND SHIFTAES OVER 3 ROUNDS