Adaptive key generation algorithm based on software engineering methodology

ABSTRACT


INTRODUCTION
In the last years, the searching for strong security keys that stand against the hacker key-breaking methods has been increased sharply. Thus, the introduced studies, methods and algorithms aimed to obtain these types of keys for using in security algorithms. This is to produce a security level sufficiently acts against the attacks and hackers. Different approaches have been adopted to generate the security keys with high variation in long, sub-sequence and correlations [1,2]. At the other hand, software engineering methods have been combined with these approaches to increase the reliability of the generated security keys to resist the dominated attacks over numerous applications. One of these methods is the fault tolerance technique that is based on self-checking process to detect the happened faults [3][4][5][6][7][8]. The solution for the detected fault can be addressed throughout different ways depending on the utilized application.
Due to the importance of the security key management in the security research, many researchers have focused on proposing efficient algorithms. In [9], the authors provided a study on using software engineering for evaluating the security risks including identification system in humans using some image features that need software engineering for producing the reliable codes. In [10], a complete study for hardware security was introduced. This study included key points of using the techniques of software engineering in the key generation and management. Researchers of [11] considered the security of cloud computing in terms of authentication levels. The introduced method uses the software engineering in managing the keys used in authentication, in which the security was guaranteed. In [12], secure keys were produced for cryptography methods to be used in network communication. This field had an important data to be transferred and this was the reason behind providing it. In [13], the cyber-physical systems had been secured using the investigated method based on software engineering technology. The presented system worked at the physical layer to adapt the hardware components within the system. In [14], different practical software engineering developments for security systems were introduced. The study provided a deep-thinking way to tackle the problems of security in developing the used software.
The authors of [15] introduced a dynamic mechanism for generating the required security keys. This mechanism was based on genetic algorithm in addition to the use of software engineering technology. Moreover, multiple key generation method was proposed in [16]. These keys were employed in combination with the actions of sharing and backup for data. In [17], ciphering method of DES was combined with generated keys for securing the storage of data in cloud. The keys were generated based on a proposed algorithm that depended on software engineering. The authors of [18] presented design and implementation of key generation used for image security. The image security utilized the generated keys in coding of included components. In [19], memory efficient based multi key generation method was proposed. This method has been employed for securing the sensitive data transfer over IoT technology in the cloud environment.
At the other side, the authors of [20] utilized the OFDM subcarrier response systems for transferring important data in secure way. The used security keys were generated in high randomness to ensure the strong of them. In [21], the key generation method for multilevel quantization was provided. In addition, the pre-processing was also secured using the same method. These keys were generated using software engineering techniques. The researchers of [22] used the genetic algorithm in designing the key generation method that could guarantee high randomness. The enhanced random keys were produced for symmetric ones.
It is well known that the researchers of [9][10][11][12][13][14][15][16][17][18][19][20][21][22] worked hard for producing high quality security methods based on random generated keys. In this paper, an adaptive random key generation algorithm is proposed. The proposed algorithm adopts the self-checking process in fault detection as a part of fault tolerance technique to produce high randomness keys. The NIST tests are considered as a success threshold for self-checking process. The generated keys should pass the allocated thresholds to be adopted as valid keys. The proposed algorithm is evaluated in terms of performance and the obtained results prove the claim of this paper.

PROPOSD SOFTWARE ENGINEERING BASED METHOD
As mentioned above, the proposed method is based on software engineering process to produce high quality random security keys. In order to ease the reading flow, this section is divided into the followings. Figure 1 shows the structure of the key generation algorithm. It is clearly explained that the data block firstly enters to the SIGABA approach. This approach is built using five main polynomial equations to increase the randomness in choosing the seeds for shift register. SIGABA was produced in World War 2 to encrypt the transmitted messages as shown in Figure 2 [23][24]. The selected polynomial by the SIGABA approach with 32-bit is passed to the least forwarded shift register (LFSR). The LFSR is responsible on generating the key with 128-bit length. Figure 3 shows the structure of the adopted LFSR.  Figure 4(c).

Structure of the proposed algorithm
-The LFSR receives the seed equation and applies the adopted procedure to produce 128-bit key.
-The obtained key is tested using the self-checking procedure. This is done by checking the validity of the key in terms of randomness using NIST (frequency and serial) tests. The results are compared with the acceptable thresholds. In case the results are out of the expected values, the key is rejected and the loop returns to the first step of the proposed algorithm to generate new key. Otherwise, the resulting key is valid.

EXPERMENTAL RESULTS
In order to test the proposed algorithm of generating reliable security keys, different training generations for keys are performed. Figure 5 shows the run screen of the proposed algorithm that explain the procedure mentioned in section 2. It is noted that there are five polynomial equations that create five sequences of binary 32-bit. After applying the proposed algorithm, the testing results of NIST frequency and serial are appeared to accept the generated 128-bit keys as they pass the acceptable threshold ranges. Therefore, the generated key is valid. At the other hand, Figure 6 illustrates the second case study, where the NIST frequency test is passed, while the serial test is failed. In this case, the generated key is considered as invalid and rejected. According to the proposed algorithm, the key is regenerated from again following the same steps. The regenerated key is passed both NIST tests as shown in Figure 7. In this case, the generated key is valid and ready to be used in the security methods. Figure 6. Invalid generated key case study Figure 7. Valid regenerated key case study For more testing results, five examinations are performed for the proposed algorithm. The results of these examinations are shown Table 1. Table 2 explains the result analysis of all case studies including both NIST tests and the common couples of bits. All case studies are passed and produce valid keys, yet the case study number 5 is failed in the serial test. Thus, the proposed algorithm uses the software engineering based fault tolerance to regenerate the failed key. The regenerated key is also tested over the same NIST tests. The obtained regenerated key is shown in Table 3, while Table 4 lists the analysis of the new key and it well shown that the key is passed both tests.

CONCLUSION
An adaptive key generation algorithm based on software engineering process was proposed. This algorithm aimed to generate security keys of 128-bit with high randomness to ensure the accepted resilience against the attacks. The software engineering fault tolerance technique was used for checking the generated keys in terms of randomness based on NIST tests. These tests were employed as accepted threshold to be decided if the generated keys were valid or not. The proposed algorithm was tested over different case studies and the obtained results proved the validity of this algorithm in terms of generating reliable and random keys.