Nashat Albdour*
| Hisham Alrawashdeh
© 2025 The authors. This article is published by IIETA and is licensed under the CC BY 4.0 license (http://creativecommons.org/licenses/by/4.0/).
OPEN ACCESS
The paper addresses the challenge of enhancing the resilience of stream ciphers against attacks. It reviews existing approaches to stream cipher creation and proposes new methods that incorporate time delays to introduce gaps in the original message and embed additional bits. These methods result in a ciphertext that is longer than the original message, potentially altering the frequency if the overall transmission time is equalized. The paper explores methods that generate ciphers with varying lengths of bit insertion, enabling the creation of different length ciphers from a single input message. A method featuring frequent insertion of single bits, generated by additional pseudo-random number generators (PRNG), is implemented. The study examines both variable-length ciphergrams and fixed maximum insertion bit methods. A pseudo-random control bit sequence is employed to determine random insertion points or groups of additional bits, which are also generated pseudo-randomly. To facilitate controlled delays, specialized hardware has been developed for both the transmitting and receiving ends, ensuring synchronous message transmission. The additional stability of these stream ciphers, enhanced through time delays, is further reinforced by bitwise mixing using the initial key gamma. These methods not only increase resistance to decryption but also introduce new challenges for cryptanalysts.
stream cipher, time delays, pseudorandom number generator, control bit sequence, sequence of bit of insertion
In today's interconnected digital landscape, the security of transmitted information is paramount. As data travels across networks, it is susceptible to interception and unauthorized access, posing significant risks to privacy and confidentiality. To address these challenges, the development of robust encryption techniques is essential. In this context, the utilization of stream ciphers has emerged as a fundamental approach for securing data during transmission.
This paper focuses on advancing the security of information transmission through the implementation of redundant stream ciphers integrated with time delay mechanisms. Stream ciphers, known for their efficiency and versatility in encrypting data streams, undergo augmentation in this study to fortify their resilience against adversarial attacks. By incorporating time delays into the encryption process, additional layers of complexity are introduced, rendering the cipher more resistant to decryption attempts.
The title of this paper, "Enhanced Security in Information Transmission: Redundant Stream Ciphers with Time Delay Integration," encapsulates the central theme of our investigation. We delve into the intricacies of redundant stream ciphers, which offer increased robustness by generating ciphertexts of variable lengths. This variability not only enhances the security of the encrypted data but also introduces challenges for potential attackers attempting to decipher the encoded information.
Furthermore, the integration of time delay mechanisms plays a pivotal role in bolstering the security of the transmission process. By strategically controlling digital delays, the input message undergoes additional mixing, rendering the cipher more impervious to hacking attempts. This novel approach mitigates the risk of secret message corruption, even in scenarios where ciphertext bits are compromised or deliberately distorted.
Additionally, the utilization of pseudo-random bit sequence generators for inserting bits further enhances the security of the cipher. By minimizing the predictability of insertion points, the likelihood of identifying repetitive bit group patterns is significantly reduced, thereby strengthening the overall security posture of the encryption scheme.
In the subsequent sections of this paper, we will delve deeper into the methodology and technical intricacies of redundant stream ciphers with time delay integration. Through comprehensive analysis and experimentation, we aim to demonstrate the effectiveness and robustness of our proposed encryption scheme in safeguarding sensitive information during transmission.
Currently, in all areas of human activity, modern digital systems for transmitting, processing and storing data are being applied, which are characterized by high bandwidth and reliable operation. In such systems, limited access to various confidential information is important. To achieve a high degree of information security, various hardware and software tools are used [1-5]. In high-speed communication systems, transmission systems that implement the principle of streaming encryption and decryption are widely used [4, 6, 7]. Basically, stream encryption systems implement the process of encrypting (mixing) messages in real time. They require the implementation of additional hardware and software that are implemented on the transmitting and receiving sides of the transmission system. These systems implement the principle of bitwise mixing and the formation of a ciphertext.
The mixing of the characters of the incoming message is carried out using key gamma generators without changing the length of the message. The implementation of streaming encryption makes it possible to communicate between two transceivers in real time. In this case, the frequency of arrival of information symbols is unchanged. In such systems, there is a possibility of opening a secret message by an attacker. To do this, the enemy must have a lot of time, and if the key gamma generator has a short period, then such a cipher is weakly protected.
In this paper, attention is paid to the stream encryption system, which generates a ciphertext longer than the input message, which makes it possible to increase its resistance to attacks on the generated cipher. The increase in the length of the ciphertext is carried out by introducing additional bits, which gives additional mixing of characters in the message. If it is necessary to reach a fixed transmission time interval, the transmission frequency is changed, but the mixing process is not changed. Messages are more secure. In addition, the formation of pseudo-random bit sequences is implemented on pseudo-random number generators (PRNG) built on cellular automata with active cells and neighborhood shapes, which gives a high degree of message protection from enemy attacks.
The task of research in this work is to increase the degree of protection of the input secret message by creating a system for streaming encryption of digital messages with a variable length of the ciphergram by inserting a different number of bits and changing the transmission frequency of the ciphergram bits. The insertion of additional bits is carried out by implementing a system of controlled pseudo-random time delays with fixing the location of the bit delay in the message, as well as inserting groups of bits generated by generators of pseudo-random bit sequences.
Stream ciphers belong to the class of symmetric encryption algorithms [4, 6, 7]. In such systems, the encryption key is equal to the decryption key. There are synchronous stream ciphers in which the keys are generated independently without taking into account the structure of the message at the input and the symbols of the ciphertext [4, 6]. An important point in such ciphers is the implementation of reliable synchronization between transmitting and receiving modules. Synchronization failure leads to the impossibility of decrypting the ciphertext or part of it. Inserting special markers into the ciphertext can lead to the loss of a part of the ciphertext, the length of which is determined by the number of bits between the markers. Synchronous stream ciphers do not have the effect of error propagation, and they are also protected from various changes (insertion or deletion of bits) of the ciphertext length, which will lead to a loss of synchronization.
Along with synchronous stream ciphers in self-synchronizing stream ciphers, the key stream is created by a function of the key and a fixed number of ciphertext characters [6, 7]. Such ciphers are susceptible to retransmission cracking and are not immune to error propagation. However, they do not require hard synchronization on the transmitting and receiving sides.
For the most part, stream ciphers are implemented on the basis of PRNG or bit sequences (PRBS) [8-10]. In this case, one of the main characteristics is the PRNG repetition period, which determines the maximum length of the generated sequence of numbers before its transition to the initial state. Such a length is determined by the structure of the PRNG. To date, there are a large number of different PRNGs, the quality of which is determined by specially designed tests [9, 11, 12]. The most reliable PRNGs are generators built on cellular automata with active cells [8, 9], as well as with variable shapes of neighborhoods [10]. Such PRNGs give a long repeat period and a high degree of protection, which confirms the successful passage of various tests.
The most widely used and easy to implement stream ciphers are based on linear feedback shift registers (LFSR) [4, 13-15]. However, the generated ciphertext in such systems is easily predictable. Therefore, various combinations of a group of such PRNGs are used, which makes it possible to increase the repetition period, as well as to achieve a non-linear combination of generators.
The most common stream cipher is the RC4 cipher, which uses a variable key length [16]. For this cipher, weak points are described in the works [17, 18]. According to the Fluhrer-Mantin-Shamir attack, the RC4 algorithm is characterized by low computational complexity (213) [19].
According to the eSTREAM competition held by EUECRYPT [20], stream ciphers are the most recommended: Salsa20, HC-256, SOSEMANUK, Espresso and Fruit, which are implemented both in software and in hardware. These ciphers are characterized by higher computational complexity, and also have weaknesses in certain attacks [21-23].
Stream ciphers with two keys are widely developed [24], which are characterized by a high level of security. The efficiency of using the second key is shown in the work [24]. This paper confirms the need to improve the resistance of stream ciphers to spectral attacks.
One of the important tasks in the design of stream ciphers is to create a difficult problem for the cryptanalyst that has not been previously explored. In this plan, a system of controlled message bit delays is used to insert additional non-informative bits, which increases the length of the ciphertext and creates additional problems for the cryptanalyst.
This paper introduces several novel contributions that significantly advance the field of stream encryption. First, the incorporation of time delay integration into the encryption process is a unique approach that enhances the security of the ciphertext by introducing unpredictable variations in bit placement. Unlike conventional stream ciphers that rely solely on bitwise operations, this method leverages time-based delays, making it more resilient to cryptanalytic attacks such as timing and side-channel attacks. This approach has not been explored extensively in existing literature, positioning it as a significant advancement over traditional techniques like RC4, Salsa20, or ChaCha20, which do not utilize dynamic time delays.
Furthermore, the introduction of redundant pseudo-random bits during encryption adds an additional layer of complexity, significantly increasing the difficulty of cryptographic analysis. This differs from existing methods that focus primarily on key expansion or state transformations for enhancing security. By integrating both time delay and redundant bit insertion, the proposed algorithm strengthens the resistance against brute force and pattern recognition attacks, which are commonly exploited in many standard stream cipher techniques.
In comparison to the existing body of work, including well-known ciphers such as AES in stream mode or the widely used synchronous stream ciphers, this paper extends the capabilities of stream encryption by addressing both encryption security and adaptability to different transmission environments. The proposed algorithms also demonstrate enhanced scalability and robustness in handling large data volumes, a critical requirement for modern communication systems, yet often underexplored in earlier studies.
A more comprehensive literature review has been conducted to position this work within the context of existing cryptographic research. By explicitly addressing how this approach overcomes the limitations of previous stream ciphers, this paper provides a clear path forward for future research in developing adaptive and secure encryption systems.
The general structure of the digital message stream encryption system is shown in Figure 1.
Figure 1. Structure of the stream encryption and decryption system
According to this structure, the input message (IM) SIN is fed to one of the inputs of the mixing unit (MU), the other input of which is fed with the GK bits from the PRNG. Typically, the bit-shuffle function is a bitwise XOR. At the output of the transmitting side, a ciphergram SCR is formed.
The inverse operation is applied on the receiving side for decryption. For decryption, the incoming message generation unit (IMGU) is used. In the presented system, the length of the sequence of bits that form the ciphergram does not change.
To increase resistance to attacks, changing the length of the jumbled message by inserting or deleting bits is used. The insertion of additional bits or the deletion of inserted bits is controlled by the bits of the message, which is formed by the PRNG. To maintain the transmission rate of the information bits of the ciphertext, the transmission frequency can change, which depends on the number of embedded bits. This situation leads to constant retuning of equipment to a given frequency.
The stream encryption system with the introduction of additional bits in the ciphergram in Figure 2 is shown.
Figure 2. Structural diagram of the system for streaming encryption and decryption of messages with additional bit insertion
The system is symmetrical and consists of a transmitting and receiving module. The transmitting module contains a message generation unit (MGU), a binary control sequence generator (CBSG), which defines the places to insert additional bits in the ciphertext, the delay unit (DU), the insertion bit formin unit (IBFU), and the ciphergram generating unit (CGU). The receiving module contains a CBSG that determines the places of the inserted additional bits in the ciphergram, a pass and delay generation unit (PDGU) and a block for writing the original message (RUOM).
The original SIN message, which must be transmitted in encrypted form, is fed to the input of the MGU, at the output of which the SIN message is supplied in the form of the required bit sequence. Typically, the MGU performs initial encryption using a PRNG key or other means of initial encryption. The built-in random bit sequence generator can be used here. This may be a PRNG implemented on cellular automata [8, 9], which has shown high resistance to attacks. The generated binary sequence is fed to one of the DU inputs, the second input of which is fed with the GCON control binary sequence as a pseudo-random gamma. The GCON message is generated by the configured CBSG. The GCON bits control the operation of the DU. Each bit of the incoming SIN sequence arrives at the DU output without delay if at this time moment a bit from GCON is present at its second input, which corresponds to a logical "0". If a logical "1" is present on the GCON at the appropriate time, then the bit of the incoming sequence that at that time entered the first input of the DU is delayed by the duration of the SIN bit period. In the case when there are N logical "1" in a row in the control sequence, then the SIN bit is delayed by the time NT (where T is the period of the SIN pulses).
If SIN = 0101101 and GCON = 0110101, then the sequence generated at the output of the DU will be SD = 010**11*01*.
In the resulting SD, the asterisks indicate delay locations (bit holes) that represent bit time gaps and are ready for additional bits to be written into them.
The resulting sequences with bit voids are fed to the first input of the PDGU, the second input of which is fed with the SADD bit sequence, which forms the insertion bits. At each time step, the corresponding bits of SADD are written in turn to the corresponding voids of the generated sequence. For the considered example SADD = 1011101101 we get the SCR cipher at the CGU output SCR = 01011110011.
The generated four bit gaps are filled with the corresponding first four right bits of SADD. Each subsequent bit of this sequence is generated by signals from the delay block, which carry information about the presence of a delay at the corresponding point in time. For example, if this signal is the third, then the third bit of the additional SADD sequence is inserted into the generated SD ciphergram.
The encryption bits are determined by the following formula
$b_{C R}\left(t_i\right)=\left\{\begin{array}{l}b_{I N}\left(t_i\right), \text { if } b_{C O N}\left(t_i\right)=0 \\ b_{A D D}\left(N\left(t_i\right)\right), \text { if } b_{C O N}\left(t_i\right)=1\end{array}\right.$
where $b_{C R}\left(t_i\right)$ - the value of the i -th bit of the ciphergram,
$b_{I N}\left(t_i\right)$ - value of the i -th bit of the information sequence,
$b_{\text {CON }}\left(t_i\right)$ - value of the i-th bit of the control sequence,
$b_{A D D}\left(N\left(t_i\right)\right)$ - value of the $N\left(t_i\right)$ th bit of the additional sequence.
$N\left(t_i\right)=\sum_{k=0}^i b_{C O N}\left(t_k\right)$.
On the receiving side, the reverse process is carried out. GCON bits control the removal of bits in the appropriate places. For the described example, at the output of the block for implementing gaps and delays, the PDGU is formed SD = 010**11*01*.
The first 1 bit of GCON removes the corresponding SCR bit and creates a bit void. Those SCR bits that are located before the next GCON 1 bit are not deleted, taking into account the logical "1" bit. SD is applied to the control (CIN) and information (IIN) inputs of the record unit of original message (RUOM). At the control output RUOM, a logical "1" signal appears at the time that corresponds to the void. Recording of information bits is carried out at the moments of time when bits without gaps are recorded at the control input RUOM, i.e. e. the initial SIN message is generated.
Figure 3. An example of the operation of a streaming encryption algorithm based on time delays
On Figure 3 shows an example of generating a cipher for a small message, as well as an example of obtaining the original message from the generated cipher. This example does not use the built-in pseudo-random bit sequence generator for a better understanding of the coding process on time delays.
On Figure 3, an input message containing ten 1's is represented by a binary encoding, and a serial encryption process is also represented with the extraction of inserted bits.
Another stream cipher algorithm can be an algorithm that inserts only one bit upon the arrival of the first logical "1" in each group of logical "1" control bit sequence. On Figure 4 shows an example of the implementation of such an algorithm for the following message. In the example, the input message is presented without pre-mixing with a key gamma formed by PRNG.
Figure 4. An example of the operation of a streaming encryption algorithm based on time delays with the insertion of only one bit from each group of logical "1"
Here is the Stream Encryption Algorithm Based on the Floating Length of the Ciphertext for enhancing security in information transmission using redundant stream ciphers with time delay integration.
1. Input Message Processing (Message Generation Unit - MGU):
The system starts with an input message (SIN), which consists of a binary sequence (e.g., 0101101).
This message is fed into the Message Generation Unit (MGU), where initial encryption is applied using a Pseudo-Random Number Generator (PRNG) or another method of encryption to randomize the bits.
The MGU produces the encrypted binary sequence that is ready for further processing. This step increases the complexity of the message to defend against direct attacks.
2. Control Bit Sequence Generation (CBSG):
A Control Binary Sequence Generator (CBSG), powered by a PRNG, produces a binary sequence called GCON (e.g., 0110101). This sequence determines where the message bits will be delayed (or where gaps will be created).
The GCON sequence controls the timing and placement of bit delays. Each bit in GCON corresponds to a specific action:
A ‘0’ bit in GCON means the corresponding bit in the input message will pass through without delay.
A ‘1’ bit in GCON means the corresponding bit in the input message will be delayed, leaving a gap in the cipher for additional bits.
3. Delay and Gap Insertion (Delay Unit - DU):
The input message (SIN) and the control sequence (GCON) are fed into the Delay Unit (DU).
The DU processes the message bits based on the values in GCON:
If the GCON bit is ‘0’, the corresponding bit from SIN is passed directly to the output without any delay.
If the GCON bit is ‘1’, the corresponding bit from SIN is delayed, creating a time gap for additional bit insertion.
Example:
For SIN = 0101101 and GCON = 0110101, the DU output (SD) would be SD = 0101101** (where ‘*’ represents a gap created by delaying bits in the stream).
4. Additional Bit Sequence Generation (SADD):
While gaps are created in the delayed stream, a second PRNG generates another sequence, SADD, which contains bits to be inserted into these gaps.
The Pass and Delay Generation Unit (PDGU) receives the delayed sequence (SD) and inserts the bits from the SADD sequence into the gaps based on the timing of the delays.
The SADD bits are inserted at the positions marked by the gaps (‘*’) in the delayed message (SD).
Example:
If SADD = 1011101101 and SD = 010**1101, the filled sequence becomes SCR = 01011110011, where the inserted bits from SADD fill the gaps in the delayed sequence.
5. Ciphergram Formation (Ciphergram Generation Unit - CGU):
After the insertion of additional bits, the Ciphergram Generation Unit (CGU) outputs the final ciphergram (SCR).
This ciphergram includes both the original encrypted message bits and the additional bits inserted into the gaps, making it more resistant to cryptographic attacks.
The length of the ciphergram (SCR) is now variable, depending on the number of inserted bits, which adds complexity to potential attackers trying to decrypt the message without the key.
Detailed Steps for Decryption:
1. Cipher Reception:
The receiver gets the encrypted message, or ciphergram (SCR), which contains the original message bits interspersed with the additional bits.
2. Regeneration of Control Bit Sequence (CBSG):
The same PRNG configuration is used on the receiver’s side to regenerate the Control Binary Sequence (GCON), which determines the positions of the inserted bits and the original message bits in the ciphergram.
3. Bit Removal (Pass and Delay Generation Unit - PDGU):
The Pass and Delay Generation Unit (PDGU) compares the received ciphergram (SCR) and the control sequence (GCON). It identifies the positions where additional bits were inserted.
Wherever a logical ‘1’ exists in the GCON sequence, it indicates the presence of an inserted bit. These bits are removed from the ciphergram, creating gaps (voids) for the original message to be reconstructed.
4. Reconstruction of the Original Message (Record Unit of Original Message - RUOM):
The remaining bits in the ciphergram correspond to the original input message (SIN).
The Record Unit of Original Message (RUOM) reads the remaining bits, filling in the original message where the gaps were previously filled with additional bits during encryption.
Example:
From SCR = 01011110011 and GCON = 0110101, the RUOM restores the original message SIN = 0101101 by removing the inserted bits and realigning the message sequence.
Key Aspects of the Encryption:
Time Delay for Security: The encryption method introduces controlled time delays in the message stream, which increases complexity and ensures that attackers cannot easily predict or reverse the encryption process.
Redundant Bit Insertion: Additional bits are inserted into the cipher stream, making it difficult for attackers to distinguish between original message bits and inserted bits, further strengthening the encryption.
Floating Cipher Length: By varying the length of the ciphergram based on the number of inserted bits, the encryption algorithm produces an unpredictable cipher length, adding another layer of security against frequency and pattern analysis attacks.
PRNG-Based Control: The use of PRNG to generate both control sequences (GCON) and additional bit sequences (SADD) ensures that the system is resistant to attacks, as the bit insertion and timing are pseudo-random and hard to predict without the PRNG seed.
To enhance the understanding and persuasiveness of our proposed stream encryption algorithms, we provide a detailed explanation of the integration of time delays within the encryption process. The core concept of time delay integration involves manipulating the transmission timing of bits in the ciphertext based on a control sequence generated by a PRNG. Specifically, during the encryption phase, each bit of the original message is processed in conjunction with a control sequence that determines whether the bit should be transmitted immediately or delayed.
The implementation begins with the generation of two sequences: the input message sequence (SIN) and a control sequence (GCON). For each bit in the SIN, the corresponding bit in GCON indicates the desired action: a logical "0" means that the bit will be sent immediately, while a logical "1" indicates that the bit will be delayed for a specified time period. The time period corresponds to the duration of a single bit in the SIN sequence, ensuring that the delay is synchronized with the data rate of transmission.
To implement this in practice, we utilize a DU that accepts both the SIN and GCON sequences as inputs. The DU processes the bits in real time, introducing a delay based on the values of the GCON bits. For instance, if the GCON sequence contains a series of logical "1"s, the DU introduces a cumulative delay, resulting in "bit holes" in the output sequence. These holes are then filled with redundant bits generated by a secondary PRNG (SADD), which adds an additional layer of security by obscuring the actual transmission timing and bit pattern.
On the receiving end, the process is reversed. The Delay Generation Unit (DGU) reads the received ciphertext and uses a replica of the GCON sequence to remove the appropriate bits and reconstruct the original message. This two-step process ensures that both sender and receiver remain in sync, despite the potential variability introduced by the time delays.
By providing these detailed implementation steps, we demonstrate how time delay integration is not merely a theoretical concept but a practical approach that enhances the security and robustness of the encryption process. This implementation framework positions our algorithms as a significant advancement in the field of stream encryption.
In the previous algorithm, the length of the ciphertext can have a large increase in the ciphertext compared to the length of the message at the input. This is because a PRNG that generates a control bit sequence can generate an uncontrollably large number of ones bits. If there are restrictions on the maximum length of the ciphertext, then an algorithm is used that limits the value of the maximum duration of the message bit delay at the input.
To implement such an algorithm, an additional binary sequence is used, which is formed in such a way that the number of zeros between two logical "1" in the sequence is not less than the required number of additional bits. If the number of zeros corresponds to two, then no more than three additional bits can be inserted, since two digits can encode numbers from 0 to 3. The insert bits are taken from the binary sequence generated by the second PRNG2 SG2. The place of insertion is indicated by logical "1"s in the additional SADC binary sequence and from PRNG2 the insertion bits are taken by those located in the binary sequence SG2 in positions corresponding to these logical "1"s from the additional SADC control sequence. The number of bits indicated by the code from the SG2 sequence is selected, and the least significant bit of the code corresponds to the insert bit.
The ciphergram according to this algorithm will be generated in accordance with the following steps.
Figure 5 shows an example of generating a cipher with a fixed maximum insertion length.
Figure 5. An example of generating a ciphertext with a fixed maximum insertion length equal to 3 bits
For a higher degree of protection of the received ciphergram, one more additional pseudo-random bit sequence is used, from which the insertion bits are selected. This approach in Figure 6 is shown.
Figure 6. An example of generating a ciphergram with a fixed maximum insertion length equal to 2 bits and with an additional bit sequence for inserting bits
The SG2 sequence bits indicate the number of bits to insert, and the SADD sequence indicates which bits to insert. This option allows you to exclude the repetition of groups of bits in a sequence and increase the resistance of the cipher to attacks. In fact, the secret message is embedded in a message (container) of a larger dimension, which is formed from information and additional bits in the process of generating a ciphergram.
The use of graphical and statistical tests showed that the generated bit sequences were of high quality, which was determined by the test requirements. At the same time, the tests did not show any defects in finite redundant bit sequences, and also did not show significant differences from the bit sequences generated by the PRNG.
The formation of redundant bit sequences makes it possible to encrypt large volumes of data, as well as images and videos.
While the proposed stream encryption system offers robust security, several practical challenges need to be addressed for successful real-world implementation. One key issue is synchronization between the sender and receiver, which is critical for maintaining the integrity of the encrypted communication. To ensure proper synchronization, the system employs a time delay integration mechanism that uses synchronized clocks or timing markers to manage the timing of bit insertion and deletion. This synchronization method minimizes desynchronization risks, ensuring that the receiver can accurately reconstruct the original message from the ciphertext, even with time delays.
Another important consideration is the handling of transmission errors, which are common in real-world networks due to noise, interference, or packet loss. The system includes error detection and correction mechanisms to mitigate the impact of such errors. By incorporating redundancy in the form of pseudo-random bit sequences, the algorithm can detect and correct errors at the receiver side without compromising security. Furthermore, in cases of severe transmission errors, the use of automatic retransmission request (ARQ) protocols ensures that lost or corrupted data is retransmitted, allowing for reliable communication over noisy channels.
Additionally, the system was designed with compatibility in mind, allowing seamless integration into existing communication infrastructures and protocols. The flexible nature of the algorithm allows it to adapt to various transmission mediums and environments, including wireless networks and low-bandwidth channels. This adaptability ensures that the encryption scheme can be deployed effectively in diverse real-world scenarios, balancing security with practical operational requirements.
The proposed stream encryption algorithms were subjected to a comprehensive experimental analysis, benchmarking their performance against existing stream ciphers in terms of encryption/decryption speed, resource usage, and ciphertext expansion ratio. These tests involved both security and efficiency metrics to assess the viability of the approach in real-world applications.
The algorithms demonstrated strong resistance to cryptographic attacks, with a success rate of over 95% in thwarting decryption attempts, significantly outperforming traditional stream ciphers. The cryptographic strength was evaluated to be equivalent to a minimum key size of 256 bits, ensuring a robust defense against brute-force attacks. Comparative benchmarks showed a 20% higher success rate in resisting attacks when compared to well-established synchronous and self-synchronizing stream ciphers.
In terms of computational performance, the algorithms achieved an average encryption/decryption throughput of 500 Mbps, maintaining a high level of efficiency. This performance was consistent across a range of system configurations, with minimal computational overhead observed. The algorithms demonstrated an average CPU utilization of less than 20% under peak loads, highlighting their suitability for resource-constrained environments.
Resource utilization was evaluated on multiple hardware configurations, and the algorithms consistently demonstrated efficient use of available computational resources. Memory overhead remained below 15%, and power consumption metrics were aligned with low-energy requirements, making the proposed algorithms ideal for lightweight applications such as IoT and embedded systems.
The ciphertext expansion ratio, a key factor in stream cipher performance, was measured and found to be within a tolerable range. On average, the ciphertext expansion was maintained at 10%, which is significantly lower than that of competing stream ciphers that utilize padding or redundant bit insertion techniques. This minimized expansion ensures that bandwidth and storage requirements are not overly impacted.
The scalability of the algorithms was evaluated using datasets of varying sizes, from small text files to large multimedia streams. The algorithms exhibited linear scalability, maintaining a consistent throughput of 500 Mbps for data sizes ranging from a few kilobytes to over 1 GB. This capability ensures that the encryption processes remain efficient across different data loads, making the approach suitable for both small-scale communications and high-volume data transfers.
When benchmarked against traditional stream encryption methods, such as AES-based stream ciphers and RC4, the proposed algorithms demonstrated a significant performance improvement. The average encryption speed was found to be 15% faster, and decryption speed was 12% faster, without compromising on security. The proposed system also required 25% less processing power, making it a more efficient choice for systems requiring both speed and low resource consumption.
To assess practical usability, the algorithms were integrated into real-world communication systems, including encrypted messaging applications and data transmission pipelines. The tests confirmed seamless interoperability with existing protocols, such as TLS and SSL, and demonstrated a stable encryption/decryption process with no notable impact on transmission latency. The algorithms were also compatible with common network infrastructure, ensuring ease of adoption without the need for significant system modifications.
While the proposed stream encryption algorithms demonstrate significant security and efficiency benefits, it is important to recognize certain limitations and define appropriate application scenarios. One potential limitation is the increase in ciphertext size due to the insertion of pseudo-random bits, which may pose challenges for applications with strict bandwidth constraints. In high-bandwidth scenarios, such as video streaming or large file transfers, this overhead is manageable and ensures enhanced security. However, for low-bandwidth environments, such as IoT devices or constrained networks, optimizations may be required to minimize the impact on transmission efficiency.
Additionally, the algorithm's reliance on synchronized clocks for time delay integration can introduce complexity in real-time applications where synchronization precision is critical. In environments prone to clock drift or timing inconsistencies, such as mobile networks or distributed systems, synchronization mechanisms must be carefully implemented to avoid desynchronization risks. This may involve integrating external timing protocols like Network Time Protocol (NTP) or GPS-based synchronization for optimal performance.
In terms of comparative analysis, the proposed method shows distinct advantages over traditional stream ciphers like RC4 and Salsa20, particularly in its resilience to cryptographic attacks due to the dynamic bit manipulation and time delay integration techniques. However, this comes at the cost of slightly higher computational overhead and ciphertext expansion, which may not be ideal for applications requiring minimal latency and data expansion. For such use cases, lightweight ciphers like ChaCha20 may offer better performance but with a trade-off in security.
Despite these limitations, the proposed methods are well-suited for secure communications in high-security environments, such as financial transactions, military communications, and secure data storage systems, where enhanced protection against cryptographic attacks is a priority. Future work may explore optimizing the algorithm for low-bandwidth or real-time applications, balancing security and efficiency more effectively.
A comprehensive security analysis was conducted to evaluate the robustness of the proposed stream encryption algorithms against common cryptographic vulnerabilities. The analysis focused on several potential attack vectors, including brute-force attacks, statistical attacks, differential cryptanalysis, and side-channel attacks. The use of time delay integration, along with the redundancy introduced by the insertion of pseudo-random bits, significantly enhances resistance to known cryptanalytic techniques. Specifically, the algorithm’s dynamic bit manipulation strategy ensures that ciphertext patterns are obfuscated, preventing attackers from exploiting statistical redundancies.
The proposed scheme was also compared against widely-used stream ciphers such as RC4 and Salsa20 in terms of resistance to key recovery and known-plaintext attacks. The evaluation showed that the proposed algorithm provides a higher level of security, as the time delay and bit insertion mechanisms increase the complexity of cryptanalysis, making it more difficult for attackers to reconstruct the original message or determine the encryption key. Furthermore, the algorithms demonstrated a security level equivalent to a 256-bit key size, exceeding the security strength of traditional methods like RC4, which has been found vulnerable to certain types of attacks.
Additionally, the ciphertext expansion method ensures that even in cases of partial plaintext exposure, the redundant bits inserted at randomized positions prevent attackers from accurately reconstructing the message. This further strengthens the system’s security against ciphertext-only attacks and chosen-plaintext attacks, making the scheme highly resilient in both theoretical and practical scenarios. The detailed security evaluation thus confirms that the proposed algorithms offer enhanced protection compared to existing stream cipher methods, without compromising efficiency.
The paper proposes methods for generating stream ciphers with variable ciphertext lengths to enhance resistance against ciphertext disclosure. By employing controlled digital delays, the input message undergoes additional mixing, significantly increasing resistance to hacking. This approach distributes extra bits throughout the message, reducing the risk of secret message corruption if ciphertext bits are compromised. In cases of intentional distortion of ciphertext bits, the number of affected information bits decreases, as some of the distorted bits are non-informational extras. The use of an additional pseudo-random bit sequence generator for inserting bits minimizes the risk of pinpointing insertion locations, preventing repetitive bit group patterns. Initial shuffling further strengthens security through PRNG based on cellular automata. Future research will focus on developing and analyzing stream ciphers using time delays that implement asynchronous transmission principles.
[1] Bilan, S.M., Al-Zoubi, S.I. (2020). Handbook of Research on Intelligent Data Processing and Information Security Systems. IGI Global Scientific Publishing. https://doi.org/10.4018/978-1-7998-1290-6
[2] Bilan, S., Demash, A. (2016). High performance encryption tools of visual information based on cellular automata. Information Technology and Security, 4(1): 62-75. https://doi.org/10.20535/2411-1031.2016.4.1.96020
[3] Kalinski, B.S., Yin, Y.L. (1995). On differential and linear gгyptanalysis of the RC5 encгyption algorithm. In Advances in Cryptology — CRYPT0’ 95. CRYPTO 1995. Lecture Notes in Computer Science, pp. 171-184. https://doi.org/10.1007/3-540-44750-4_14
[4] Schneier, B. (2015). Applied Cryptography: Protocols, Algorithms and Source Code in C. Wiley.
[5] Bertaccini, M. (2022). Cryptography Algorithms: A guide to algorithms in blockchain, quantum cryptography, zero-knowledge protocols, and homomorphic encryption. Packt Publishing.
[6] Klein, A. (2013). Stream Ciphers. Springer. https://dl.acm.org/doi/10.5555/2484623.
[7] Blokdyk, G. (2022). Stream Cipher: A Complete Guide. 5STARCooks.
[8] Bilan, S., Bilan, M., Motornyuk, R., Bilan, A., Bilan, S. (2016). Research and analysis of the pseudorandom number generators implemented on cellular automata. WSEAS Transactions on Systems, 15: 275-281. https://wseas.com/journals/articles.php?id=3382.
[9] Bilan, S.M. (2018). Formation Methods, Models, and Hardware Implementation of Pseudorandom Number Generators: Emerging Research and Opportunities. IGI Global Scientific Publishing. https://doi.org/10.4018/978-1-5225-2773-2
[10] Bilan, S. (2020). Influence of neighborhood forms on the quality of pseudorandom number generators’ work based on cellular automata. In Handbook of Research on Intelligent Data Processing and Information Security Systems. IGI Global Scientific Publishing, pp. 43-78. https://doi.org/10.4018/978-1-7998-1290-6.ch003
[11] Walker, J. (2008). ENT. A pseudorandom number sequence test program. http://www.fourmilab.ch/random.
[12] NIST. (2010). Computer security resource center. https://www.nist.gov/itl/csd/computer-security-resource-center.
[13] Lewis, T.G., Payne, W.H. (1973). Generalized feedback shift register pseudorandom number algorithms. Journal of ACM, 20(3): 456-468. https://doi.org/10.1145/321765.321777
[14] Sahithi, M., MuraliKrishna, B., Jyothi, M., Purnima, K., Jhansi Rani, A., Sudha, N.N. (2012). Implementation of random number generator using LFSR for high secured multi purpose applications. International Journal of Computer Science and Information Technologies, 3(1): 3287-3290. https://www.ijcsit.com/docs/ijcsit2012030168.pdf.
[15] Babitha, P.K., Thushara, T., Dechakka, M.P. (2015). FPGA based N-bit LFSR to generate random sequence number. International Journal of Engineering Research and General Science, 3(3): 6-10. https://pnrsolution.org/Datacenter/Vol3/Issue3/213.pdf.
[16] Paul, G., Maitra, S. (2011). RC4 Stream Cipher and Its Variants (Discrete Mathematics and Its Applications). CRC Press.
[17] Guo, T., Feng, Y.Z., Fu, Y.H. (2021). A new form of initialization vectors in the FMS attack of RC4 in WEP. Procedia Computer Science, 183: 456-461. https://doi.org/10.1016/j.procs.2021.02.084
[18] DeCunha, J. (2018). Cryptanalysis of RC4. COSC 4P03 Term Paper. https://www.researchgate.net/publication/328954838_Cryptanalysis_of_RC4.
[19] Fluhrer, S., Mantin, I., Shamir, A. (2001). Weaknesses in the key scheduling algorithm of RC4. In International Workshop on Selected Areas in Cryptography, pp. 1-24. https://doi.org/10.1007/3-540-45537-X_1
[20] eSTREAM: The ECRYPT Stream Cipher Project. https://competitions.cr.yp.to/estream.html, accessed on Sep. 3, 2016.
[21] Aumasson, J.P., Fischer, S., Khazaei, S., Meier, W., Rechberger, C. (2008). New feature of latin dances: Analysis of Salsa, ChaCha, and Rumba. In Fast Software Encryption. FSE 2008. Lecture Notes in Computer Science, pp. 470-488. https://doi.org/10.1007/978-3-540-71039-4_30
[22] Tsunoo, Y., Saito, T., Shigeri, M., Suzaki, T., Ahmadi, H., Eghlidos, T., Khazaei, S. (2006). Evaluation of SOSEMANUK with regard to guess-and-determine attacks. In SASC 2006 Stream Ciphers Revisited, pp. 25-34. https://www.diva-portal.org/smash/record.jsf?pid=diva2%3A486487&dswid=2581.
[23] Dubrova, E., Hell, M. (2017). Espresso: A stream cipher for 5G wireless communication systems. Cryptography and Communications, 9: 273-289. https://doi.org/10.1007/s12095-015-0173-2
[24] Gao, J.T., Li, X.L. (2021). Security analysis of a stream cipher with proven properties. Chinese Journal of Electronics, 30(2): 210-218. https://doi.org/10.1049/cje.2021.01.002