Reversible Cellular Automata Based Cryptosystem

Abstract

The increasing reliance on telecommunication technologies across various domains has raised concerns surrounding data security and privacy during transmission. In response to these concerns, this study introduces a different approach to cryptographic algorithm construction, utilizing cellular automata (CA). The idea involves designing an encryption algorithm based on a specific class of one-dimensional CA, incorporating elementary evolution rules specifically constructed to establish a reversible system, thereby enhancing information preservation and security. The encryption process involves forward iteration of the system, while decryption employs backward iteration, both processes being based on the same rule. Classified as a symmetric key cryptosystem within the stream cipher framework, the proposed algorithm was implemented using a Field Programmable Gate Array (FPGA) device (XILINX Spartan3E) at the hardware-level, complemented by software applications developed using the C# programming language. Testing on the experimental findings was conducted to check the efficacy of the proposed algorithm in ensuring information security and randomness, confirming its viability for practical encryption applications.

1. Introduction

The digital transformation of society is fundamentally reshaping the usage of computer systems. A vast array of services is frequently accessed by a significant number of individuals who maintain connectivity to the Internet. Nonetheless, a persistent threat looms in potential attacks that may lead to the compromise, alteration, or destruction of valuable data.

The expanding attack surface is largely attributed to the increase of interconnected devices, many of which possess inadequate security measures or lack any form of protection, with a majority being managed by individuals lacking sufficient awareness. Consequently, the likelihood of successful attacks has significantly risen, providing cybercriminals with lucrative opportunities. Moreover, the geographical boundaries for launching an attack have become virtually nonexistent. Cyberattacks also put state infrastructure at risk. A recent security incident targeted Romanian Parliament databases which resulted in a large amount of data being stolen [1].

Beyond the field of computer science, there are further concerns. Various application areas rely substantially on computer equipment or digital services, underlining the crucial need of cybersecurity. Critical infrastructures, including electricity grids [2], robotics, healthcare [3], and e-health [4], are increasingly vulnerable to cyberattacks. A recent incident targeted the Romanian hospital IT infrastructure containing patient’s medical data [5]. A continual evolution of measures is necessary to successfully combat the increasing risk of data transmission resulting from the constantly evolving environment of information systems and the rise of new technologies such as blockchain and the Internet of Things (IoT) networks [6].

Over the past few decades, advancements have been made in cryptographic techniques. Algorithms such as the Advanced Encryption Standard (AES) [7,8], RSA [9] and Elliptic Curve Cryptography (ECC) [10] have become the standard algorithms of modern cryptography, providing frameworks for securing data in various applications, from online banking to personal communications. These methods rely on complex mathematical principles and computational hardness assumptions, making it difficult for unauthorized entities to decipher the encrypted information without the correct keys. However, the landscape of cybersecurity is constantly evolving, and so are the threats and attacks that target cryptographic systems. Cyber adversaries employ increasingly sophisticated techniques to breach security measures. Continuous improvements in cryptanalysis techniques challenge the security of existing algorithms. For instance, advancements in differential and linear cryptanalysis have led to vulnerabilities in certain block ciphers and hash functions previously considered secure [11]. These evolving threats underscore the necessity for developing alternative encryption methods that can withstand the risks of both current and future attacks. The exploration of hardware-based encryption solutions, such as those using Field-Programmable Gate Arrays (FPGA), are promising directions for research. These innovative approaches aim to enhance the security, efficiency, and resilience of cryptographic systems, ensuring robust protection of data. By leveraging parallel processing capabilities, FPGA can perform complex cryptographic computations much faster than traditional software implementations [12].

The purpose of this work was to design and construct a stream cipher algorithm, which is one of the fastest encryption algorithms available [13]. A defining attribute of these type of ciphers is their encryption of data in real-time, eliminating the need for data storage within the system’s memory, thereby enhancing encryption speed [14]. This process relies on a secret key shared solely between involved parties and an algorithm typically represented as a sequence generator. Leveraging these components, stream cipher algorithms are able to generate extensive sequences of apparently random bits, known as keystream sequences, which serve as pseudorandom sequences required in cryptography.

The research is divided into six sections, as shown below. The next part provides a general overview of cellular automata concepts and discusses how a specific type of reversible CA can be used for stream encryption. Section 3 introduces the proposed encryption method and describes its software and hardware implementations, as well as an analysis of experimental findings for both approaches. Section 4 and Section 5 focus on testing the suggested algorithm, including statistical and graphical analyses, as well as discussions of the experimental results. Finally, Section 6 summarizes the findings and potential directions for future research extensions.

2. Cellular Automata and Cryptography

2.1. Cellular Automata Overview

A cellular automaton functions as a finite dynamical system, comprising an array of cells, each typically evolving its current state based on a rule [15]. These cells may connect to their neighbors in various configurations and can be arranged in different dimensions [16]. Evolution rules dictate when a cell may update its state, considering not only its current state but also those of neighboring cells.

The theory of cellular automata is diverse, and the interactions between the component cells are capable of producing a variety of structures with unexpected behaviors. Elementary cellular automata (ECA) represent a simple yet powerful class of computational models. These systems are characterized as one-dimensional, featuring two potential states (usually ‘1’ and ‘0’) and a neighborhood radius of one. In the scenario of two-state, three-neighborhood cellular automata, the state update of the (i)th cell can be expressed as a function of the present states of the (i − 1)th, (i)th, and (i + 1)th cells, as in Equation (1):

c_i(t + 1) = f (c_i−1(t), c_i(t), c_i+1(t)).

(1)

The combinational logic used in a two-state, three-neighborhood cellular automaton is represented by the symbol f in the equation above. There are eight alternative combinations of the cell states that can result in eight different neighborhood configurations for this kind of cellular automaton. Furthermore, there are 256 distinct mappings to the next state, each corresponding to a distinct rule.

Moreover, the boundary conditions need to be specified, which applies to the marginal cells. These cells can either be linked (forming cyclic boundary) or set to a fixed value (such as “0” also known as null-boundary) [17]. Null-boundary conditions are extensively used in many cellular automata-based applications, notably in hardware designs, because they allow the outermost cells to be connected to ground (‘0’).

2.2. Cellular Automata for Cryptographic Applications

The initial concept of a stream encryption algorithm based on cellular automata systems was introduced by Wolfram [18]. In his approach, cellular automata were utilized to perform message encryption, by employing a one-dimensional cellular automata and rule 30 to generate sequences of pseudorandom numbers. During each generation, communications were encrypted and decrypted by directly integrating them in the cellular automata states.

Research in the area of cryptographic applications based on different variations of cellular automata is in continuous evolution. The parallel nature of these systems allows for simulation and implementation of different types of encryption techniques. Various combinations between cellular automata and other concepts are successfully being developed. For instance, the study shown in [19] suggests using elementary and chaotic cellular automata to construct cryptographic services with applications in file security.

Research has been conducted on the theory and applications of reversible cellular automata in order to address this problem [20]. One such work, described in [21], looked into the mathematics underlying the functioning of various types of cellular automata in order to examine the reversibility problem for symmetric linear cellular automata with null boundary conditions.

Several studies have investigated the application of reversible cellular automata in cryptographic algorithms. Notable works presented in [22,23] reside in applying image encryption using RCA as the basis of the algorithms in order to send them in a secure way over different communication networks. Additionally, the study presented in [24] explored the theory and application of reversible cellular automata with implementation over different configurations of central processing units (CPU) at software level revealing the performance and security assured in each case.

With the increasing advance of technology nowadays like blockchain [25], IoT, and quantum computing [26], the dynamic nature of cellular automata allows them to be integrated in these systems where they can provide a variety of functions including data security. The study proposed in [27] presents a method of developing a structure for random number generation using quantum cellular automata for cryptographic purposes.

The versatility of CA systems, particularly in the area of cryptography, is proof of their adaptability and robustness in securing information. Cellular automata exhibit unique properties such as reversibility, rule-based computation, and dynamic evolution, making them an attractive choice for cryptographic applications. These automata can serve as the foundation for designing encryption algorithms that provide both complexity and efficiency.

3. Proposed Encryption Algorithm: Materials and Methods

This subchapter focuses on the practical implementation of the proposed RCA encryption algorithm, spanning both software and hardware domains. Starting from theory to application, a detailed breakdown is presented of the selected RCA encryption algorithm. This includes an overview of its rule-based functioning, attributes, and dynamic evolution. The objective is to explore how this RCA algorithm can be integrated into practical computational architectures for effective security of data.

3.1. Fundamentals of the Proposed Algorithm

Classes of CA with reversible cell state transitions are called reversible cellular automata (RCA). This suggests that a cell’s prior state may be retrieved using information about both its present state and the states of the cells nearby. Reversible cellular automata preserve information integrity as opposed to conventional cellular automata, whose one-way transitions may cause irreversible information loss. Therefore, they are appropriate for cryptography applications where state transition reversibility is essential. RCA are usually composed of selecting rules that meet specific criteria, like injectivity or surjectivity, to guarantee reversible state transitions. Figure 1a,b presents two simple examples of reversible rules. They are basically elementary rules whose behavior makes them capable of recovering their initial state.

Despite the simplicity of cell interactions in cellular automata, they can display diverse behaviors. Some CA demonstrate reversibility, indicating the preservation of processed information, facilitating both forward and reverse iterations. In cryptographic contexts, the need for numerous reversible rules with complex behavior arises. Nevertheless, only a small percentage of elementary cellular automata rules can be reversed, just six of 256 having this property [28]. For this reason, it is not possible to encrypt data using these basic reversible rules. Specialized classes of reversible rules have been created especially for this purpose in order to get around this restriction.

This research presents an encryption algorithm solution based on a set of rules particularly created to provide a reversible system. For this particular class, as shown in Figure 2, an extra dependency was introduced: instead of just one step back, a rule depends on two steps. The idea of a reversible rule will therefore be composed of two elementary rules.

When a reversible cellular automaton is in state ‘0’, the second rule is applied, and the first rule determines the state transition when the central cell was in state ‘1’ at step t − 1. In contrast with the functional equation of an elementary cellular automata, in this special class of reversible rules the next configuration of a cell is determined by the linear combination of the two previous configurations as presented in Equation (2):

c_i(t + 1) = f (c_i(t − 1), c_i−1(t), c_i(t), c_i+1(t)).

(2)

The principle behind constructing the reversible rule enables the calculation of a rule set with knowledge of just one value. For this, one rule (R₁) can be chosen to be applied in case of a cell state being ‘1’ and then to determine the second one (R₂), for state ‘0′, by using Equations (3) and (4) presented below, where r stands for radius of the neighborhood considered for a cell:

R₂ = 2ⁿ − R₁ − 1.

(3)

n = 2^{2 * r + 1}.

(4)

Based on previous statements, a reversible rule consisting of two elementary rules, namely 137 and 118, was selected for the cryptographic system presented in this paper. The choice of particularly Rule 137/118 was based on the principle of constructing a reversible rule which states that for a first rule chosen to be applied in case of a cell being in the state of ‘1’ the second one applied for a cell being in the state of ‘0’ is calculated using Equations (3) and (4) presented above. Another important aspect considered in choosing the set of rules for the proposed algorithm was based on the behavior of the two rules when used independently. We considered as viable options the rules in which independent evolution produces the longest possible cycle length. For this we designed an application which allowed as to test rule evolution starting for various initial states and to check the length of the produced cycle. After this analysis, we obtained different types of results like the following: one rule in the set with long cycle length but the other cycle length of only a few states, both rules with small cycle length, rules with long cycle length for only a few initial configurations. Out of these results the rule 137/118 presented a relatively high cycle length for both cases and for the majority of initial states. This contributed to our decision to choose these two rules to implement in the system. Figure 3 provides a graphical representation of the state transition process based on the selected reversible rule.

A key characteristic of this kind of cellular automata is that the same rules are used for both the forward and backward processes. Reversible rules within this category require that the initial state of the cellular automaton comprises two consecutive configurations, denoted as q0 and q1, as the reversible cellular automaton operates based on two steps backward.

In this process, configuration q0 is set at random and plaintext is set by embedding it into the cellular automaton’s starting state configuration (q1). The use of a random initial state resides in the working principle of a reversible cellular automaton (RCA) which relies on the state of the cells in two stages, the current one (at time t) and the previous one (at time t − 1). This feature is necessary in order to allow the reconstruction of an initial state after the evolution of RCA in one direction. Without using the two stage-based evolution, the states through which the RCA evolved in the process of encryption (forward iteration) could not be retraced; thus, it will not be possible to restore the plain text.

The initial state in the proposed algorithm consists of two configurations q0 and q1. While the state q1 is set with the plaintext, the state q0 has to be set with a configuration to allow the evolution of the RCA as previously described. Since there are no constraints of setting this q0 state we chose to set it randomly, with the purpose of meeting the RCA working principle. Moreover, for a reversible cellular automaton, if the initial configuration is chosen at random among all possible configurations, then the same uniform randomness continues to hold for all subsequent states. Thus, it would appear like almost all initial configurations which evolve pseudo-randomly or chaotically. Making a change to the initial state of a reversible cellular automaton may cause changes to later states to propagate irregularly but unboundedly, or to spread quickly, this being confirmed by Wolfram studies on one-dimensional reversible cellular automaton rules. When run on a finite array of cells, starting from a small seed of random cells an RCA tends to fluctuate between ordered and chaotic states.

The process of encryption involves iterating the cellular automata forward by a predetermined number of generations using a reversible rule that serves as the secret key. The two final configurations generated during encryption must be kept secret in order to avoid an attacker from gaining access to the encryption rule. There are two possible approaches to handling the information that is derived from the encryption procedure. The more secure method incorporates this information into the encryption key and presumes that it will be kept private. The disadvantage of this method is that key changes are required after every encryption and transfer to the receiver.

Another option is based on the Vernam algorithm [29] and it requires encryption of the final configuration. This method involves performing a logical XOR operation on the final configuration and some predefined data which will become part of the system secret key. Figure 4a,b shows the encryption and decryption procedures. The final result comprises two configurations: encrypted data (q_n−1) and the final data (q_n).

In the case of encryption, starting from the initial state, a number of iterations are made through the RCA to evolve to a new set of cell states which helps forming the ciphertext and the data for the next process. The number of iterations made throughout the encryption process, denoted as n − 1, as presented in Figure 4, is only used for depiction purposes of the RCA state’s evolution. The number of iterations (n) performed in the encryption process is chosen as part of the system parameters and it does not imply that making one more step after n − 1 stages that the initial state will be recovered. This is due to the working principle of the RCA and the rules used for the state’s evolution. As the initial state of the system is set at random and for each encryption step different initial data are used, this leads to the fact that within each encryption step the formed cycle length (number of RCA states) is different. Therefore, setting a number n of iterations to be made, that remains unchanged for all steps, means that the resulting state is not the penultimate state in the cycle formed in the respective step. Thus, after applying n iterations in an encryption step, you may not reach the final stage of the cycle or if the chosen value for n is large enough you may pass the cycle length.

The decryption process necessary to recover original data means performing the steps made for encryption, this time in reverse order, using the same secret rule and number of generations. While during the encryption process the seed of the system is comprised by random initial data (a randomly generated state of the RCA) and next by the plaintext incorporated also as a state of the RCA in the opposite process of decryption, the seed of the system is composed also of two states but this time with different meaning. The first state in this second process is composed of the Final data, which is determined by an XOR operation between encrypted final data and the key. The second state consists of the ciphertext which will be processed by the system in order to revert it to its original form.

In concordance with the stream cipher theory employed in the proposed cryptosystem, successive blocks for each character of the message are used to perform encryption and decryption. The final set of data produced in the previous stage is used as the starting point for the next block’s random data. This method ensures that the initial state for each character is different, given that the random initial state will be determined by the previous character encryption process. This also allows for two of the same characters in a sequence to be differently encrypted. Another advantage of this consists of reducing the processing needed for encryption, provided by the fact that random initial data must be generated only for the first block. Encryption and decryption processes using successive blocks method are depicted in Figure 5 and Figure 6 below.

The stream encryption procedure can be defined as follows.

• Generate random initial data (first state of the RCA);
• Set the second state of the RCA to plaintext to be encrypted
• Evolve the RCA state for a predetermined number of generations (n steps)
• Save the state n − 1 as encrypted data
• Perform the XOR operation between state n (final data) and the key to obtain encrypted final data for the next block.

Regarding the decryption process the procedure is the same with the exceptions of the components that form the seed of the system, consisting of the final data (Fd_n) and the ciphertext which needs to be processed.

The algorithm is intended to execute an equal number of generations for the process of encryption and decryption, under the condition that the private key (comprising the reversible rule and the key for XOR operation) remains unchanged. Identical operations are conducted in both processes, with the sole distinction lying in the initial data supplied to the system (either random initial data or final data alongside the cipher or plaintext).

The development of both software and hardware solutions was performed in order to test rigorously the proposed encryption method. Beginning with software implementation allowed for thorough testing and evaluation of the algorithm’s correctness. After achieving positive results and ensuring the algorithm’s viability, the development moved to hardware implementation on FPGA due to their exceptional capability for parallelization, a characteristic that aligns seamlessly with the intrinsic nature of cellular automata systems. Leveraging the FPGA parallel processing power, we aimed to further optimize the encryption method’s performance as a robust and efficient cryptographic solution.

3.2. Software Implementation

The following chapter presents the software application developed to test the proposed reversible cellular automata encryption method, serving as a fundamental tool for analyzing the theoretical basis of RCA utilization in cryptography. This software application represents an important component of the research, facilitating the exploration and validation of the RCA encryption algorithm’s efficacy and practical applicability. Through design and implementation, the software enables simulation of various encryption scenarios, under different parameters.

The cryptographic process simulation areas provide a range of features that allow for different setups of the reversible cellular automaton to be used as the main part of the algorithm. Figure 7 presents the software interface used for testing and simulation of the proposed system.

The application provides functionalities regarding both the process of encrypting as well as decrypting the different data provided, as input directly into the application interface or from a file, also selected from inside the software.

The system is configured as an 8-bit symmetric system, where each character undergoes transformation into ciphertext by directly incorporating its ASCII representation into RCA as the second initial state (q1). The first state comprises randomly generated initial data generated within the simulation window. The window is organized into five primary sections: system parameters’ configuration, initial data, encrypted data, decrypted data, and encryption information, all of which are elaborated upon in detail below.

The reversible cellular automata parameters are defined within the System configuration section, offering controls to input the necessary settings for the encryption system. The starting state of the RCA needs to be set with either manually input or automatically produced random initial data, or with the encrypted final data, depending on the desired operation. For encryption, the Encrypted final data field is automatically populated with the value from the last character, which can subsequently be utilized for decryption. In either process, an 8-bit secret key must also be provided.

In this section the set of two rules which form the reversible rule must be also provided along with the number of generations to be made within the RCA. The selection of the reversible rule can also be made by inputting the first rule and then calculating the second one by pressing button R2. To assure that all conditions of execution are met, verification and restrictions were implemented for each data field (correct set or rules, inputting only 0 and 1 for initial states and only eight values along with the verification that all required fields for an operation are completed).

Data to be processed for encryption can be inserted into Initial data section manually or from a file in case of larger messages. During this process, the reversible cellular automata states for each block used are displayed in the left panel (Encryption information). This information can be used to check the correct evolution of the algorithm. The result of data encryption is displayed in the Encrypted data section which also allows saving to text file format. This result can be then decrypted in order to check if the initial information can be recovered (with the result being shown in the Decrypted data section).

Although the proposed algorithm presented in this study is based on a set of reversible rules, namely 137 and 118, the software application was developed to allow simulation of any set of rules that have the ability to form a reversible system. Thus, by choosing the first rule of the set, the second corresponding rule can be calculated automatically by pressing R2 button with the help of Equations (3) and (4).

Figure 7 presented above provides a sample of data converted to ciphertext then back to the original form. In this case the reversible rule used was 137/118 with random generated initial data. The selection of steps to be performed was chosen to illustrate the cellular automata states obtained for each character, along with the seed for each block. Below is a summary of the configuration steps needed for the encryption or decryption process:

Step 1: 

Select a reversible rule (predefined or custom)

Step 2: 

Specify the number of RCA generations

Step 3: 

Complete random initial generated data (for encryption) or input encrypted final data (for decryption)

Step 4: 

Input the encryption/decryption key

Step 5: 

Upload data (plain or ciphertext) then choose the appropriate process.

A controlled environment is provided by the software application developed for this study. It allows for examination of the behavior of the reversible cellular automata cells’ evolution and its usage as a cryptographic solution. Before moving on to the implementation on FPGA systems, this step was required to test and validate the proposed theory. Implementation of the algorithm at hardware level allows it to achieve more performance due to the parallel processing and security provided by the FPGA board, thereby developing a complete cryptosystem.

3.3. Hardware Implementation

Reversible cellular automata, the core of the system, are characterized by their decentralized computing behavior and individual evolution driven only by local interactions. This property of cellular automata makes it easier to process information encoded in the states of the cells in parallel. Because of this, the hardware component used has to facilitate parallel processing, which is required to achieve higher speed and bandwidth and enable real-time encryption.

Because of their versatility, FPGA boards offer many advantages for developing cryptographic algorithms [30]. The chosen cryptosystem’s hardware component, a Nexys 2 board (FPGA type Spartan3E-500), is responsible for handling the encryption and decryption of data received from a PC that is running the software. The entire cryptosystem block diagram is presented in Figure 8 below.

The hardware system’s main elements are the dencryption module and the receiver and transmitter, which handle communication. Communication is enabled using the RS232 serial interface at a band rate of 9600. To properly direct data, additional modules were used. The dencryption module handles both the encryption and decryption processes. Inside this block, the RCA along with the reversible rule 137/118 are implemented. The initial configuration is received at the start of communication on RID(7:0) input and steps(7:0) input. Due to the fact that both encryption and decryption are similar, the only difference being in the formation of the RCA seed, the structure of this module does not have to be changed when performing either of the processes. This leads to efficiency in resource utilization.

The initial configuration bytes are sent to the correct inputs through the dmux1_4 components. The first byte represents random initial data; the second one is the number of steps continuing with the data to be processed.

After a character is processed, the final data (q_n) is encrypted using a secret key made up of the states of the eight switches on the board by applying a logical XOR operation. The process’s output is referred to as encrypted final data. The outcome is then stored in a register (reg8) so that it can be used as random data in the following step. Both the intermediate data in between the blocks and the first random generated data received from the PC are saved in the reg8 module. This is done by using the multiplexer (mux2_1) placed at the register’s input.

Different internal control signals appear in the architecture due to the usage of intermediate components (dmux1_4, mux2_1, reg8) between the input and the processing module unit. A control module was designed with the purpose of ensuring correct internal data routing by producing inputs to multiplexing units based on monitoring of a signal (rx_Ready) generated by the receiver module.

Figure 9 presents the communication interface designed to send and receive data between the computer system and the FPGA board. In this figure, plaintext is sent to be processed into ciphertext. Generation of random initial data used as part of the seed is done either automatically by pressing the Generate Rid button or by manually inputting it. Another step consists of choosing the number of generations to be performed. The field of encrypted final data (Efd) will be populated with the information of the last encrypted charter as in the case of the software application presented above. The same initial data were chosen for this process in order to verify the correct functionality of the hardware system implementation.

A decryption process starting from the previously generated result was conducted to check the hardware configuration design for error in recovering the original data. During the decryption process, which can be selected by checking the Decrypt checkbox in the System parameters’ area, the random initial data is no longer necessary as the seed of the system now consists of Encrypted final data (Efd) and the ciphertext to be processed. However, the number of generations made for encryption must be the same in this reverse procedure. The result of the decryption process is shown in Figure 10, below.

By using the global clock signal of the FPGA board, both transmitter and receiver modules are correctly synchronized in order to achieve the necessary communication rate. The system’s security is increased by performing an XOR operation on the data that is collected at the final stage of each block and configuring the key using board switch states.

An FPGA was used to implement the proposed encryption technique, and the circuit’s overall performance was evaluated. The obtained results were as follows:

• Minimum period: 4.640 ns (maximum frequency: 215.529 MHz)
• Minimum input arrival time before clock: 2.044 ns
• Maximum output required time after clock: 6.854 ns.

Following the implementation of the algorithm, the data on the area and logic utilization for all modules, including communication and internal processing units, were analyzed and the results are presented in

Table 1. Review of system resource usage.

Resource	Used	Available	Area (%)
Number of slices	195	4656	4
Number of slice flip flops	118	9312	2
Number of 4 input LUTs	384	9312	4
Number of bonded IOBs	24	232	10
Number of GCLKs	1	8	12

.

Each character of the message is encrypted using successive blocks, which offers security and makes it easier to identify any processing issues that might arise. An error in one phase will spread across the system since each block feeds data to the one after it. Nevertheless, these mistakes are easily found by looking at the block where the fault first appeared, which is indicated by the place where incorrect data were produced.

The usage of reconfigurable hardware enhances the efficiency of the proposed cryptographic algorithm, as it enables parallelization through the FPGA board [31]. Additionally, it increases security of the encryption by introducing challenges in accessing data from the FPGA chip and hardware resources.

4. Testing and Results

This chapter focuses on the process of rigorous testing of the encryption algorithm to assess both its performance and the randomness of its output. A robust evaluation of encryption schemes is essential to ensure reliability and effectiveness in safeguarding information. Testing of the complete cryptosystem was carried out on a desktop system running the communication software with the FPGA hardware module, whose configuration is based on an Intel i5 processor with 14 cores and 32 GB of RAM memory. Figure 11 below displays the whole cryptosystem created for this research.

The performance of the encryption method was evaluated using the National Institute of Standards and Technology (NIST) Statistical Test Suite [32]. This suite comprises a series of statistical tests specially designed to analyze various aspects of randomness and quality in the output generated by cryptographic algorithms. By subjecting the algorithm’s output to these standardized tests, we aimed to analyze quantitatively its adherence to statistical randomness properties. This assessment is essential to check that the algorithm’s output exhibits no discernible patterns or biases that could compromise its security. The produced ciphertexts should resemble random data, making them resistant to cryptanalysis and ensuring confidentiality.

A sequence’s randomness can be evaluated using a variety of statistical techniques. These tests seek to identify non-randomness in a sequence and produce a test statistic value based on that information. The probability that a perfect random number generator would generate a less random sequence than the one under study is expressed by the p-value, which is computed using the value of the statistic being tested. A p-value less than α indicates non-randomness, whereas a p-value larger than or equal to α indicates randomness, where α represents the selected significance threshold for the tests.

For this study, a significance level of α = 0.01 was chosen. With the α set at 0.01, it is anticipated that approximately one sequence out of every 100 sequences will be rejected. If a p-value equals or exceeds 0.01, it indicates that the sequence can be potentially random with a confidence level of 99%. To evaluate our proposed algorithm’s encryption performance, approximately 100,000 bits were generated, then divided into ten separate bitstreams. These were analyzed as 10 streams, each containing 10,000 bits.

Table 2. Results of statistical testing (NIST Suite of Tests).

NIST Statistical Test	p-Value	Proportion (Pass Rate)
Frequency (monobits)	0.739918	10/10
Block frequency	0.122325	10/10
Runs	0.739918	9/10
Longest run	0.739918	10/10
Rank	0.122325	9/10
FFT	0.122325	10/10
Non-overlapping template	0.000439	9/10
Overlapping template	0.739918	10/10
Linear complexity	0.911413	10/10
Serial 1	0.350485	10/10
Serial 2	0.213309	10/10
Universal	undefined	undefined
Approximate Entropy	0.000199	9/10
Cumulative Sum (forward)	0.534146	10/10
Cumulative Sum (reverse)	0.534146	10/10

outlines the results of the statistical tests.

Key properties, such as uniformity, scalability, and consistency that may indicate a sequence’s randomness, are assessed by the National Institute of Standards and Technology tests. According to the obtained results, the sequence appears to have the potential for randomness.

To investigate the original text’s rate of diffusion over the ASCII interval, graphical representations of the experimental results (ciphertext) were produced. The graphs show the original data distribution across ASCII intervals on the left side and the encrypted data distribution on the right side. Remarkably, the encrypted data distribution is constant over all intervals, indicating that the encrypted text is uniformly distributed over the ASCII interval. The outcomes are presented in Figure 12a,b below.

The avalanche effect is an important characteristic of cryptographic algorithms. It refers to the phenomenon where a slight modification in the input (for instance, flipping a single bit) results in a substantial change in the output, with a significant portion of the output bits being altered. To illustrate this, we performed tests on the proposed algorithm starting from the same plaintext and changing a single bit in the random initial data to check how this affects the result of the encryption.

Table 3. Results of minor alteration in initial data.

Plaintext = 01001101 Key = 10010111 Rid = 01011101	Plaintext = 01001101 Key = 10010111 Rid = 01011100	Plaintext = 01001101 Key = 10010111 Rid = 01011001
Initial state 1 (Rid): 01011101	Initial state 1 (Rid): 01011100	Initial state 1 (Rid): 01011001
Initial state 2: 01001101	Initial state 2: 01001101	Initial state 2: 01001101
Generation1: 10101010	Generation1: 10101011	Generation1: 10101110
Generation2: 10110010	Generation2: 10110000	Generation2: 10111110
Generation3: 01110101	Generation3: 01110011	Generation3: 01101101
Generation4: 00101101	Generation4: 00101101	Generation4: 00001001
Generation5: 00000010	Generation5: 00000100	Generation5: 01110010
Generation6: 00101010	Generation6: 00100011	Generation6: 10010110
Generation7: 01111101	Generation7: 01110001	Generation7: 10001001
Generation8: 10101101	Generation8: 10111000	Generation8: 01001001
Generation9: 10001010	Generation9: 10111101	Generation9: 01110110
Generation10: 01110010	Generation10: 01111111	Generation10: 11010010

presents the results of test instance where we considered 10 generations of RCA evolution.

In each case, the values of the bits composing the ciphertext (Generation 9) present substantial changes to one another. These clearly demonstrate that even a minimal alteration in the input leads to a considerable change in the resulting ciphertext, even for a low number of generations.

The algorithm was designed to function according to symmetric encryption concepts, thus it employs a private key for both the encryption and decryption processes. In order to make the cryptosystem more secure to attacks, the used key encompasses a series of components, namely, the reversible rule used in the RCA, the key for the XOR operation, and the number of generations used to produce the ciphertext. The key space is thus composed of 2⁸/2 reversible rule possible combinations (because a reversible rule is composed of two elementary rules), 2⁸ possible key combinations used for logical XOR operation and a number x representing the number of generations. Thus, a brute force attack would require 2⁸/2 × 2⁸ × x permutations to determine the key of the system. Another strength of the algorithm is its resilience to block cryptanalysis, as each block’s encryption and decryption processes use different seeds. Consequently, analyzing one block does not compromise the security of other blocks, ensuring that cryptanalysis of a single block does not reveal any information about the other blocks.

Differential cryptanalysis is one of the techniques used for assessing the security of an encryption algorithm. It involves examining the differences between ciphertexts that are obtained for plaintext that differ in some specific way (usually a randomly selected value) using the same keys. In the context of the proposed method, it will allow checking of whether the text message can be securely encrypted with the selected algorithm. Typically, differential cryptanalysis can be measured based on the number of the bits change rate. For this, two ciphertexts are created by encryption for two plaintexts, which differ by the random initial data value, but using the same keys. The test results on the number of the bits change rate of the encryption process on two sequences are presented in Figure 13.

In the case of the analyzed sequences, the obtained values indicate almost equal distribution of 1′s and 0’s after the encryption process This means that in the context of the analyzed algorithm, the obtained ciphertext does not allow for the effective use of differential cryptanalysis methods.

In terms of encryption speed of the cryptosystem, we performed an execution time analysis by running the algorithm several times under different conditions. The results, presented in Figure 14 below, show that the algorithm achieves an average execution time of 3.283 s, with a minimum execution time of 2.6 and a maximum of 4.5 s.

A comparative analysis of execution time related to other similar algorithms is presented in

Table 4. Comparative analyses of execution time.

Algorithm	Execution Time (Avg)	Execution Time (Min)	Execution Time (Max)
Proposed algorithm	3.283	2.6	4.5
[33]	3.533	2.7	4.7
[24]	4.238	3.4	5.2

below.

Performance of the algorithm, in terms of security, could be analyzed using the avalanche effect which must be greater than 50% for a good cryptographic algorithm. If the avalanche effect is high, then the algorithm has the capability to resist potential attacks. The avalanche effect for the proposed algorithm and other algorithms [34] is shown in Figure 15 below.

The proposed algorithm has an avalanche effect higher than 47 percentages, which means the algorithm has a high response to a slight change in key or plain text. In terms of security assured by a cryptographic algorithm, specific characteristics like confusion and diffusion must be present in the produced data. The confusion technique makes the relation between the key and ciphertext more complex and non-linear in nature. In the proposed algorithm, the output of each step depends on the previous output and the selected key. This results in different generations of ciphertext for the same data in each step thus preventing linear cryptanalysis attacks. The diffusion method ensures that any patterns in the plaintext, such as redundant bits, will not appear in the ciphertext. This property is achieved through the reversible cellular automata chaotic evolution of the states, which alter the plaintext incorporated as initial data.

The evaluation of encryption algorithms encompasses a multilateral approach that assesses both theoretical properties and practical implications. By subjecting the algorithm to testing methodologies like statistical analysis and practical experimentation, we gain valuable insights into its performance, output randomness, and suitability for real-world applications.

5. Discussion

The results obtained from the NIST Statistical Test Suite and practical experiments provide valuable insights into the algorithm’s properties. One key observation is the algorithm’s ability to produce output that exhibits statistical randomness, as demonstrated by passing of the statistical tests. This suggests that the algorithm can generate ciphertexts that are indistinguishable from random data, which is a fundamental requirement for ensuring secure communication.

According to NIST standards, a sample size of 10 sequences is usually required for each statistical test to pass with a minimum of eight. Given these guidelines and the previous illustrated tests outcomes, it can be concluded that the algorithm produces data with the potential of being random.

The combination of the two components which form the secret key of the system, that is the elementary rules which form the reversible rule along with the key used to encrypt the final data produced at each step, makes the system more secure to attacks. Moreover, based on the working principle of the reversible cellular automata which allows for encryption to be performed by forward iteration and decryption by backward iteration, the plaintext is recovered starting with the last character to the first one.

Stream encryption algorithms are currently developed across different types of systems. Reference [21] presents a symmetric image encryption technique based on reversibility of cellular automata with radius 3 focusing on the mathematics behind the problem and on how this can be applied in cryptography.

Another example of an encryption algorithm based on cellular automata rules 90 and 150 is presented in Reference [35]. The proposed algorithm was based on combing the two rules in a certain order to achieve a maximum cycle length. Although the output produced of the algorithm proved to hold good cryptographic properties, the encrypted data were sensitive on the number of iterations made through the cellular automata. The property applied to the current algorithm, of calculating the next state based not only on the neighbor’s state but also on the previous state (in step t − 1), solves the problem related to the number of generations made in the cellular automaton by providing another level of randomness in choosing the applied rule for a cell.

A large part of the currently developed encryption algorithms based on reversible cellular automata is being analyzed and implemented only as a software solution, thus losing the most important property of cellular automata that is the capability of parallelization. Starting from the software application developed for this study, which was only used as a step necessary to test the theory of the proposed algorithm, a hardware implementation on a structure that facilitates parallel computation (FPGA board) was developed, thus being able to achieve increased speed and efficiency of a complete cryptosystem in terms of security.

The proposed algorithm, based on reversible cellular automata (RCA), utilizes simple operations such as bitwise XOR and CA state transitions, which are computationally efficient. These operations have low complexity and do not require extensive computational resources or memory as presented in Table 1 (only 4% of device resources are used). This efficiency makes the algorithm well-suited for resource-constrained environments like Internet of Things (IoT) devices, where lightweight cryptography is essential for maintaining security without imposing heavy computational demands.

The proposed cryptosystem was designed and implemented using Field Programmable Gate Arrays (FPGAs) as the hardware solution, due to the parallel nature of cellular automata evolution, which aligns with the capabilities of these devices. However, different solutions and measures can be applied in order to reduce the hardware dependence in order to make the algorithm more versatile for different applications, like lightweight cryptography needed in IoT devices. A potential solution could be the use of parallel optimization of program instructions using genetic algorithms as presented in [12] and eventually using reconfigurable computing. The software implementation of the algorithm could be updated based on this technique to benefit from computational speed assured by modern processors’ multicore technology, thus reducing the hardware dependence.

In addition to leveraging the inherent strengths of reversible cellular automata for cryptographic applications, it is advantageous to consider integrating it with other advanced cryptographic techniques, such as public-key infrastructure (PKI) and quantum key distribution (QKD). This hybrid approach can significantly enhance the overall security, versatility, and scalability of the cryptographic system. Combining RCA with PKI can provide robust security by leveraging the strengths of both techniques. PKI can facilitate secure key distribution and management, while RCA can efficiently handle data encryption and decryption. This integration of the two methods can simplify key management and improve the system’s scalability. Integrating RCA with QKD also represents an important approach that can give future-proof of the cryptographic system against the emerging threat of quantum computing. QKD provides a secure method for distributing cryptographic keys, leveraging the principles of quantum mechanics. This integration can create a versatile cryptographic framework capable of addressing both classical and quantum threats.

Quantum computing poses significant challenges to many current cryptographic algorithms, primarily through Shor’s algorithm, which can efficiently solve the integer factorization and discrete logarithm problems, and Grover’s algorithm, which provides a quadratic speedup for brute-force search. While RCA encryption is not directly based on integer factorization or discrete logarithms, vulnerabilities may appear as no system is completely secure. To ensure the continued robustness of our RCA encryption algorithm in the face of advancing quantum computing technologies, several measures can be taken. One such possible solution is represented by integrating key management solutions, especially quantum key distribution which can create the premises of addressing quantum threats. Another solution is based on the quantum cellular automata theory which combines cellular automata states with quantum mechanics concepts [36].

One way to integrate cellular automata with quantum concepts like photon spin is to consider a hybrid system where the state of each cell in the automaton is influenced not only by its immediate neighbors but also by the quantum properties of the particles involved. In this context, photon spin could be treated as an additional attribute of each cell, similar to its state. When a photon interacts with the cellular automaton, its spin could influence the state transitions of nearby cells according to certain rules. For example, the spin of a photon could determine the direction in which the state of neighboring cells propagates. The act of “reading” the photon’s spin could then correspond to observing the resulting state of the cellular automaton, potentially causing changes in subsequent interactions. The change of cells state, when a “reading” of transmitted data is attempted, would alter the information thus protecting it from potential attacks. The benefits in terms of assuring RCA encryption system security for the future make this a potential research direction.

Addressing energy efficiency and sustainability represents an important aspect, especially in today’s eco-conscious landscape. The hardware design and implementation are based on FPGAs, first because of their parallel processing capabilities but also because they can be more energy efficient than CPUs or GPUs. FPGAs reduce the need for multiple clock cycles and thus the associated power consumption. Dynamic power management strategies also allow minimization of energy consumption during low-usage periods or when cryptographic tasks are not required. For instance, the static power consumption of the FPGA board is around 50 mW. To better illustrate this, an energy consumption analysis was performed on the cryptosystem during the encryption and decryption processes on different data lengths with the results being illustrated in

Table 5. Results of minor alteration in initial data.

Data Size (Bits)	Power Consumption (mW)
10,000	75.28
15,000	89.54
50,000	193.48

below. These values were obtained with the help of the Xilinx Power Estimator (XPE) tool.

Sustainable practices and green technologies that could further reduce the environmental impact may include using renewable energy sources. For instance, due to the low energy consumption and the FPGA board capabilities to function using a battery, the system could be powered using a solar panel system.

6. Conclusions

The proposed solution devised as an alternative to traditional cryptographic system leverages the dynamic properties of cellular automata, where seemingly straightforward evolution rules give rise to complex and chaotic behavior. Reversible cellular automata offer a good premise for secure communications with practical implementations in cryptography, due to their unique attributes of reversibility and information preservation, requiring minimal computational resources.

To evaluate the algorithm’s effectiveness, it was implemented and tested on hardware, which produced positive results in terms of data security. The system’s security is ensured through the use of distinct modules for encrypting each character, each initialized with different random data. Consequently, encrypting the same message multiple times will produce, for each case, a different ciphertext result.

Regarding future goals of development, research will continue by focusing on developing the system block cipher version to encrypt multiple bytes simultaneously. Additionally, enhancements will be made by exploring alternative methods for generating random initial data [37], drawing inspiration from cellular automata theory to be used in the random initial state generation. Another research direction will explore the practical aspects of integrating RCA with PKI and QKD across different platforms. This will involve designing and testing hybrid cryptographic protocols that leverage the strengths of each technique, assessing their performance, security, and feasibility.