A ciphertext inherits some properties of the plaintext, which is considered as a source of vulnerability and, therefore, it may be decrypted through a vigorous datamining process. Masking the ciphertext is the solution to the problem. In this paper, we have developed a new block cipher technique named Vaccine for which the block size is random and each block is further divided into segments of random size. Each byte within a segment is instantiated using a dynamic multiinstantiation approach, which means (i) the use of Vaccine does not produce the same masked outcome for the same given ciphertext and key and (ii) the options for masking different occurrences of a byte is extremely high. Two sets (100 members in each) of 1K long plaintexts of natural (borrowed from natural texts) and synthesized (randomly generated from 10 characters to increase the frequency of characters in the plaintext) are built. For each plaintext, two ciphertexts are generated using Advanced Encryption System (AES-128) and Data Encryption Standard (DES) algorithms. Vaccine and two well-known masking approaches of Cipher Block Chaining (CBC), and Cipher Feedback (CFB) are applied separately on each ciphertext. On average: (a) the Hamming distance between masked and unmasked occurrences of a byte using Vaccine is 0.72 bits higher than using the CBC, and CFB, and (b) Vaccine throughput is also 3.4 times and 1.8 times higher than the throughput for CBC and CFB, correspondingly, and (c) Vaccine masking strength is 1.5% and 1.8% higher than the masking strength for CBC and CFB, respectively. KeywordsCyber Security; Masking and Unmasking Ciphertext; Variable-Block Cipher Vaccination; Masking Strength
[1]
Henk C. A. Van Tilborg,et al.
Fundamentals of Cryptology: A Professional Reference and Interactive Tutorial
,
1999
.
[2]
Dirk Fox,et al.
Advanced Encryption Standard (AES)
,
1999,
Datenschutz und Datensicherheit.
[3]
Johannes Wolkerstorfer,et al.
A Universal and Efficient AES Co-processor for Field Programmable Logic Arrays
,
2004,
FPL.
[4]
Kuo Tsang Huang.
A Novel Structure with Dynamic Operation Mode for Symmetric-Key Block Ciphers
,
2013
.
[5]
William Stallings,et al.
Cryptography and Network Security: Principles and Practice
,
1998
.
[6]
François Charot,et al.
Efficient Modular-Pipelined AES Implemenation in Counter Mode on ALTERA FPGA
,
2003,
FPL.
[7]
Serge Vaudenay,et al.
Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS
,
2002,
EUROCRYPT.
[8]
Shashi Phoha,et al.
Dynamically reconfigurable AES cryptographic core for small, power limited mobile sensors
,
2016,
2016 IEEE 35th International Performance Computing and Communications Conference (IPCCC).
[9]
H. Feistel.
Cryptography and Computer Privacy
,
1973
.
[10]
Bruce Schneier,et al.
Cryptography Engineering - Design Principles and Practical Applications
,
2010
.
[11]
Antonino Mazzeo,et al.
An FPGA-Based Performance Analysis of the Unrolling, Tiling, and Pipelining of the AES Algorithm
,
2003,
FPL.