Modifying the AES Algorithm by Improving the Add Round Key Stage

: This study offers a new adjustment to the Advanced Encryption Standard (AES) in order to assure a high degree of security. This is achieved by replacing the binary (XOR) operation with a new ( Xo ) operation in each add-round-key stage. The Xo operation generated an extra six randomly selected control keys determined by six state tables (2, 4, 6, 8, 10, and 12) produced from the addition operation in the Galois Field GF ( 2 2 , 2 4 , 2 6 , 2 8 , 2 10 and 2 12 ) in order to boost the algorithm's unpredictability. In the suggested method, an adversary requires at least (2 168 ) 10 probabilities of keys to break the message; hence, it improves the difficulty of the original AES against brute force attacks. also enhances the performance of additional security metrics, such as NIST tests, compared to the original AES. Consequently, this replacement, including the use of six keys in both the encryption and decryption processes, offers a new level of security and a higher degree of resistance to data breaches. The novelty of the proposed ( Xo ) technique lies in the construction of GF tables ( 2 6 , 2 10 and 2 12 ) to be used in the encryption and decryption process for the first time, as well as the approach utilized to create the code for it.

this approach, such as the fact that attackers may easily recover the plaintext.Researchers have tried to expand the key space by replacing the two states with tables with four states (0, 1, 2, and 3), as seen in [15].
This research suggests a new change to the key space of the AES algorithm, instead of the initial XOR operation in the add-round-key stage, which only works on two states (0 and 1), with a new (Xo) operation of six state tables (2, 4, 6, 8, 10, and 12) derived from the addition operation in GF (2 2 , 2 4 , 2 6 ,2 8 , 2 10 and 2 12 ).This is accomplished with the extra control key for these state tables.Though, this paper will make cryptography safer by maximizing the degree of difficulty that is present in each phase or round.This will ensure that information will remain private and kept confidential.This paper's remaining sections are structured as follows: sections 2 overview of relevant prior research; section 3 provide background on binary functions; sections 4 the suggested technique of AES development; section 5 offer its security metrics; followed by conclusions in section 6.

RELATED WORK
For modern encryption and decryption, most cryptographic algorithms rely on functions having two states (0, 1) [16].As a result, most algorithms employ the traditional logical operation (XOR), which is based on two states: simply (0, 1) and has various drawbacks, including being simple since attackers can readily understand it.Therefore, researchers sought to replace the two states with four (0, 1, 2, and 3).This section provides a summary of the associated literature on possible improvements to key distribution using state tables in the AES algorithm.In 2009 [17], he and colleagues published their work, which increased the security and key space of encryption algorithms by merging curve security approaches with quantum cryptography principles.This was done in order to boost the encryption algorithm's overall strength.In this particular piece of work, the adjustment focuses on making an adaptation to the underlying protocol by employing different bit tampering techniques.This is accomplished by employing four distinct states (0, 1, 2, and 3) rather than only two states (0, 1) in order to increase the unpredictability of the polarized angles utilized in quantum description.These polarized angles are encrypted using the four state tables.The plaintext is first converted into ciphertext by manipulation ciphers, which do this by modifying the actual state pattern of each character with the use of a logical operator (#).
In addition, a great number of experts have tried to introduce these four states into the Feistel block cipher structure, which includes DES and Blowfish.In 2010 [18], the researcher revealed a novel way of improving the efficiency of the DES algorithm by altering the predetermined XOR operation used during the sixteen rounds of the traditional Feistel algorithm.The (#) action is mostly dependent on the use of two keys.Each key is made up of a combination of four states (0, 1, 2, and 3) rather than the traditional two states (0 and 1).This update increases the protective strength and resilience of breaking techniques against attackers.In 2011 [19], the same method of increasing the complexity of the algorithm by employing the (#) operation with four-state tables was used in Feistel of Blowfish.This was done in order to raise the difficulty of the algorithm.Because it is not compactable to the hardware of computers that operate on 8 bits, the usage of the (#) operation in the Feistel can be considered to be its worst flaw.This operation works with just two bits at a time.
In 2013 [20], sub-byte transformation function encryption and decryption were performed using dual keys.The primary key uses a set of keys to create an S-box at random.The second important factor is the random distribution of the Sboxes, which leads to the generation of S-boxes with inverse relations to each other.As a result, using two keys led to an increase in complexity while simultaneously reducing the delay time inherent to the encryption and decryption procedures.In 2021 [21], this work presents a new modification referred to as "extended function" (E#) by altering the classic XOR operation used during the Add round key stage in the AES algorithm with the (E#), which is based on implementing multi-state tables created depend on addition in GF(2 n ) with n-dynamic sections of (1, 2, 4, and 8-blocks), used in the AES algorithm as a symmetric cryptographic method.By enhancing its complexity and unpredictability, it offers a new level of security against breaking approaches.

BACKGROUND OF BINARY FUNCTIONS
Modern encryption is built on the finite field GF(2 n ) and the binary function XOR used in encryption and decryption, such as the Vernam Cipher in Figure 1, to produce the cipher text by mixing the key stream (ki) with the plaintext (pi), producing a ciphertext (ci), and vice versa.Inside the finite field, the arithmetic operations are performed on polynomials (addition and multiplication) using the ordinary rules of algebra based on modular polynomial arithmetic.By far, the most common algebraic structure utilized in the development of cryptographic methods is finite fields [16].Based on this foundation, several new cryptographic systems have been developed, as described in [17].
Using state tables based on AND & XOR functions in encryption and decryption will add more security to the system due to the high randomness of the produced key or plaintext.Algorithms for cryptography depend on functions with four states [0, 1, 3, 4], as in Figure 2 [18].
The (#) function, which uses dynamic blocks (1, 2, 4, 8-blocks) and addition in GF(2 n ) to create multi-state tables, is added to the encryption algorithms for strengthening security, increasing the complexity of the ciphertext or key, and minimizing the encryption time [21].

THE PROPOSED AES DEVELOPMENT
It is crucial to enforcement the encryption algorithm from any form of assault.Therefore, this section presents a novel method for boosting the AES algorithm's security without increasing its computational burden.The enhanced proposal is exactly the same as the conventional AES method in the following sectors: key length, plaintext, number of rounds, operation on a byte, and number of stages in each round.However, it's different at the add round key phase, where the traditional XOR operation is swapped out by the suggested Xo operation to strengthen AES's security without adding any layers of complexity to the algorithm's computation.The new Xo function performs its work in encryption during rounds 10, 12, and 14 of the algorithm AES, taking into consideration the reverse order during decryption.
The newly introduced Xo operation results in the production of six keys rather than just one, together with a bit block of configurable size.As an element that is part of the range of the finite in GF (2 2 , 2 4 , 2 6 ,2 8 , 2 10 and 2 12 ), the block size is mapped to the values of 2, 4, 6, 8, 10, and 12 bits, respectively.The employment of blocks of bits with varied sizes has the dual purpose of increasing the unpredictability of the algorithms and boosting their overall efficiency.A binary block of two bits is utilized on a table that comprises four distinct states (0, 1, 2, and 3), while a binary block of four bits is employed to operate on a table that encompasses 16 states ranging from 0 to 15.Similarly, an eight-bit binary block is utilized to manipulate a table that encompasses 256 states ranging from 0 to 255.A decagonal block operates on a table comprising 1024 states, ranging from 0 to 1023.In contrast, a block with a bit size of twelve operates on a set of 4096 states, ranging from 0 to 4095.

Ki Pi
In Figure 3, notice the general structure of the AES algorithm and the location of the proposed function (Xo), where it is inside the add-round key stage and wherever it is repeated within the algorithm.
In order to regulate the quantity of bits and state tables, the novel (Xo) operation produced two supplementary keys (k1, k2) with a variable size (for instance, consider a size of 16 bits), divided into three parts with different sizes, generated in a dependent manner.The first key, k1, is extracted from plaintext.The second key, k2, is extracted from the original key, as depicted in Figure 4. Inside the function Xo, the key k1 is segmented into three parts as (k1_1, k1_2, k1_3).Also, the key k2 is segmented into three parts as (k2_1, k2_2, k2_3).The whole parts are considered inputs to the function Xo and are described as follows: -The first segment in both keys (k1_1 and k2_1) represents the first main state Figure 4 depicts the proposed Xo functionality, whereas the result is based on the intersection between row (k1_1, k1_2, k1_3) and column (k2_1, k2_2, k2_3) in the specified substate tables.Additionally, the same procedure used for encryption is repeated for decryption.The variety of tables containing more states is employed to increase the unpredictability of the process.The new suggested approach employs the function (Xo), which works on six variable block bit sizes: 2, 4, 6, 8, 10, and 12 based on the constructed state tables.The sizes of the keys (k1_1, k1_2, k1_3) and (k2_1, k2_2, k2_3) can take one of the values 2, 4, 6, 8, 10, or 12, which represent the six state tables used in this research.Also, it is significant to notice that only seven probabilities were employed in the division of the keys k1, k2, as samples in this research due to the enormous possibilities.An illustration of the key's specification of the Xo function is shown in Table 1.(1) where St4=Substate table, k1_1= Row in decimal, k2_1= Column in decimal.

THE MODIFIED ADD-ROUND-KEY STAGE OF AES
Algorithm 1 explains the Xo operation inside the add-round key phase inside the AES algorithm.Recall main states tables using addition operation on GF (2  ).based on the keys in 1 and 2.
5. Change the n-block keys chosen from 1 and 2 into a decimal number.

RESULTS DISCUSSION
In the present section, the proposed AES algorithm is compared to the original AES algorithm for encrypting texts using three indicators (complexity analysis, encryption time, throughout and NIST tests), as shown below.The algorithm is simulated and evaluated using Microsoft Visual Studio C++ 2019 on an Intel Core i9-12900H 2.90 GHz processor and 32.0 GB of RAM.

SECURITY COMPLEXITY ANALYSIS
By calculating the number of possible keys an attacker would need to use the original AES key with the extra six keys of the proposed AES, with six blocks of either (2, 4, 6, 8, 10,    the encrypted message with 64 bits, the paper can determine how hard the proposed technique is.The number of potential keys utilized for encryption/decryption is estimated by first determining the complexity of the famous AES algorithm using the binary operation XOR (0, 1) in the add-round-key stage, which is computed as stated in Equation ( 2) [21]: = 2 24 × 2 40 × 2 16 × 2 46 = 2 126    = (2 24 × 2 40 × 2 16 × 2 46 ) 10 = (2 126 ) 10  Consequently, the complexity of our suggested approach is calculated by using six keys, which utilized in the add-round-key stage with (2,4,6,8,10,12) distinct state tables.The total complexity of each cycle of our proposed method is computed using Equation (3).

Complexity=Plaintext × Key × six state tables
(3) = 2 24 × 2 40 × 2 16    5 demonstrate the results of comparing the suggested AES algorithm with the famous AES method in terms of computational complexity, showing how much more difficult the suggested AES algorithm is in one round and ten rounds than the standard one.

ENCRYPTION TIME AND THROUGHPUT
The encryption time is calculated using the amount of time needed to transform the plaintext into an unknown (ciphertext), which is another metric for evaluating the algorithm's performance [22].In this situation, the throughput metric is calculated as follows: Throughput=plaintext size (in kilobyte) ⁄ total encryption time (ms) According to Table 7, Table 8, and Figure 6, Figure 7, in this test using different text file sizes from 15 kb to 1200 kb, the computation times for the original and the suggested AES algorithms are identical in encryption time for some file sizes and higher for others in the decryption process.However, the results of the suggested method are more effective in terms of complexity evaluation against attacks, making it more challenging for an attacker to recover the clear-message from the proposed AES algorithm.

NIST TESTS ANALYSIS
The goal of an encryption algorithm is to make the binary output more unpredictable and random [23].Numerous encryption schemes, such as the NIST (National Institute of Standards and Technology), Diehard tests, and TestU01, can compute randomness.In this study, 15 statistical NIST tests are used to assess the unpredictability of binary sequences.Three encrypted files are evaluated using the original and new AES algorithms.In evaluating these encrypted files, the original AES failed to pass the p-values that were set to 0.01 in order to check that the output is random.While the suggested AES encryption algorithm passed all tests for these encrypted data, the values of the tests that failed the pvalue threshold will be discarded.The average p-value for these encrypted files is then determined and presented in Table 9.If the test results provide a p-value that approaches 1 asymptotically, the output should be fully random.A p-value of 0 indicates that the output was not generated at random [24] [25].The pass status shows that the p-value for these tests exceeds 0.001, indicating that the result is acceptable.According to Table 9 and Figure 8, the new technique passes these statistical tests, but the original AES fails the same tests.Therefore, the suggested AES is superior to the original AES in the majority of tests.

A
number of instances of these tables are presented in Tables 2-5 below.After specifying the three main state tables for both (k1_1, k1_2, k1_3) and (k2_1, k2_2, k2_3) inside the Xo function, new processing values are generated in a sequence base referred to as (St2, St4, St6, St8, St10, St12) to specify the needed sequence of substate tables as mentioned in the previous figure 3. The following equation explains the input values of the Xo function: the intersection of the plaintext with the key inside the substate table, where the intersection between row and column produces the ciphertext value.Ciphertext=Xo ((St4), k1_1 ∩ k2_1)

FIGURE 6 .FIGURE 7 .
FIGURE 6. -The encryption time and throughout table, where both have the same bit size but different decimal values.-The second segment in both keys (k1_2 and k2_2) represents the second main state table, where both have the same bit size but different decimal values.-The third segment in both keys (k1_3 and k2_3) represents the third main state table, where both have the same bit size but different decimal values.

Table 1 . -The keys specification of Xo function First main state table = k1_1 or k2_1/bits Second main state table = k1_2 or k2_2 /bits
Moreover, work was done in this study to create extra substate tables from the three main state tables (k1_1, k1_2, k1_3) and (k2_1, k2_2, k2_3) based on the six state tables(2, 4, 6, 8, 10, or 12).Therefore, there are: FIGURE 4. -The proposed Xo function specification

Algorithm 2: famous AES algorithm Input: -Original text message(pltx)128bits and key (k) 128bits Output: -Ciphertext 128bit 𝑩𝒆𝒈𝒊𝒏 1 .
The intersection of the row and column in the substate table index, to get the result as ciphertext orThe suggested AES algorithm is laid out in detail in Algorithm 2 below.Changed procedures are marked in blue, replacing the red one: The cipher key is used to generate the set of round keys (k n ) 2. Use the plaintext (pltx) for filling the state array (state) 3. *Generate six keys with n bits size each.
or 12)bit size and different state tables to decipher

Table 6 and
Figure