Modified 128-EEA2 Algorithm by Using HISEC Lightweight Block CipherAlgorithm with Improving the Security and Cost Factors

128-EEA2 (Evolved Packet System Encryption Algorithm 2) is a confidentiality algorithm which is used to encrypt and decrypt block of data based on confidentiality key. This confidentiality algorithm 128-EEA2 is based on the AES-128 which is the block cipher algorithm of 128 bit in CTR mode. In this paper, we are going to replace the AES-128 block cipher algorithm by HISEC block cipher algorithm for two reasons such as reducing cost and ameliorate security factor.


INTRODUCTION
Beyond 2006, the 3GPP (third generation partnership project) introduced the second set of 4G/LTE cryptographic algorithms 128-EEA2 and 128-EEI2 for confidentiality and integrity respectively. This second set is based on the AES-128 (Advanced Encryption Standard) block cipher algorithm in CTR (Counter Mode) which provide confidentiality to EPS in LTE network [1]. The necessity of the confidentiality protected mode in LTE cryptographic algorithm EEA2 is to create a mask of data before encrypting it that will save time because it run quickly through using the bitwise operations. Based on study [2], AES-128 has drawbacks in its view design and need to improve. Apparently, AES-128 was released before more than a decade whereas the technology was changing year by year. So, with the recent new technology and emerging of huge applications like big data's applications in addition to the applications have run with 64-bit and a lot of other applications, it has become a necessity for designing a new contemporary algorithm for the current demands. Especially young Rijndael that has faded and its sun had set as it has been believed by many researchers. Therefore, AES-128 can be replaced by HISEC lightweight block cipher algorithm to improve the security and decreasing the cost.

LTE CONFIDENTIALITY ALGORITHM EEA2
Ghizlane ORHANOU in 2010 inferred that the confidentiality protected mode is necessary in LTE cryptography algorithm EEA because there are some advantages of using this type of ciphering algorithm such as creating a mask of data before encrypting it which this operation is saving time in running time  [3]. In Figure (1) below represents the EEA in Encryption/Decryption operations [8]. Figure 1. Encryption/Decryption Operation by using EEA [3].
The AES-128 algorithm encrypts each counter block that is obtained in 128 bits of keystream. And each counter block is divided into two parts, the most significant bits and the least significant bits of 64 bits in each. The most significant 64 bits are initialized, as presented before and the least significant 64 bits are initialized by setting zero value to all bits. The least significant 64 bits is part of the counter T is incremented by one mod 2 64 to generate subsequent counter blocks, each result is formed in another 128 bits of keystream.
The role of AES-128 () function is to perform AES-128 encryption under the control of the confidentiality key.The TRUNC () function is responsible of truncating the final output of the operation of AES-128 encryption to the same length as the last plaintext block and then returning the most significant bits. The Figure (2) shows the EEA encryption/decryption mechanism.  The number of rounds is different according to AES-128 key length. Table 1 represents the size of key, size of block and the round number how they differ with different rounds: Rijndael

PROPOSED LIGHTWEIGHT ALGORITHM (HISEC)
HISEC used the same characteristics of PRESENT but different method for bit permutation. The structure of HISEC algorithm looks like the structure of feistel with some modifications [9] [10] [16]. The HISEC is constructed from sixty-four bits and eighty-bit size of the key and there are fifteen rounds in each round, there are operations like: Substitution box, Bit permutation, XOR, Rotation and key update. Moreover, there is XOR between the cipher text and key in the last round. The HISEC have four layers as following: • First Layer: in this layer, the 64-bit plaintext is XOR with the 64-bit key. The plaintext divides into two parts. Each part is 32-bit and the results after XOR of each part will be as inputs to the second layer (Substitution box). • Second Layer: this layer is the most important layer. It produces the confusion property and it gives the nonlinearity to the algorithm. It has 16 4-bit S-boxes and divides them into two parts, each part 8 S-boxes. The output of this layer will be as inputs to the third layer (bit permutation). Also, this  Table 2. • Third Layer: This layer produces the diffusion which is also important part for any strong encryption algorithm. This method of bit permutation applies on two sides and each side is 32-bit. • Fourth Layer: this layer applies the rotation and XOR operations on both sides. First of all, rotate the left 32-bit and then XOR with right 32-bit. The result will keep in left 32-bit. The next step is to rotate the right 32-bit and XOR with new left 32-bit and the result will keep in right 32-bit.
The key schedule details of updated key procedures in [18]. The Figure (5) shows all layers of HISEC in details.

SECURITY DISCUSSION
The important tool is cryptanalysis that it can measure the security of any algorithm. Differential, integral and boomerang attacks are applied in this paper for both algorithms (AES-128 and HISEC).

Differential Cryptanalysis
The minimum active S-box is the most robust way to check the resistance against differential attack [13] [14] [15]. Table 3 explains in term of different cryptanalysis that HISEC is safer than AES algorithm.

Integral Cryptanalysis
This another attack that the designer should consider it when he designs an algorithm. Building distinguisher table is the significant step in this attack. After building that table, it can know the round that attack can reach [14]. Table 4 shows the HISEC is stronger than AES-128 algorithm regarding of integral cryptanalysis.

Boomerang attack
Knowing the active S-boxes number in every step is the first stage to amount this attack. While the second step is to calculating the prospect of recognizer of Boomerang attack. Depending on [15] [18], such attack can reach round 5 with probability of 2 -48 . Moreover, we calculated the distinguisher probability of boomerang for AES-128 as following: • In the fourth round there are 25 active S-boxes and in the second round there are 5 active S-boxes.
• Applying equation (1) in order to get the probability.

COST DISCUSSION
This cost is also significant part for designing algorithm. The cost calculation details in [16][17] [18]. The Table (6) shows that the cost of HISEC algorithm is less cost than AES-128.

CONCLUSION
This paper tries to exchange AES-128 algorithm with HISEC algorithm. Also, the dissection of differential, integral and boomerang attacks are shown for AES-128 and HISEC against. The analysis showed that HISEC is more secure than AES-128 algorithms. Moreover, we calculated the cost of HISEC in GE and we compared it with AES-128 algorithm. The comparison showed that the cost of HISEC is less than AES-128 algorithm. Theoretically and from the results above, it can use lightweight block cipher algorithms to secure LTE/4G. Finally, this paper opens the door for deep research to use lightweight algorithms to secure LTE/4G. Our future works, implement the HISEC lightweight algorithm in hardware to verify the results.