Round Key Generation Algorithm Used in Symmetric Block Encryption Algorithms to Ensure the Security of Economic Systems

In the article, round keys used in strong cryptographic algorithms to ensure information security in financial systems are developed. It is also important in devices that use cryptographic algorithms. The developed round keys provide secure communication between devices and are adapted for use in IoT devices. The degree of randomness of the sequences generated using the key and initialization vector was evaluated. It has been shown to pass all 15 NIST statistical tests. The developed round keys meet the cryptographic requirements and are described to be used to ensure the security of data transmission, storage, and processing.


INTRODUCTION
The cryptographic requirements used to protect the financial system in each country are the main guiding principles of the system's regulators.Weak architecture of the financial system, or more precisely data exchange systems, can create uncertainty in operational efficiency.Certain minimum requirements are defined for the management of symmetric cryptographic keys used for financial transactions.Typically, one of the most important such requirements is the design of round keys.
In banking and financial systems, the widely used symmetric block cipher for encryption is the Advanced Encryption Standard (AES).AES is a symmetric encryption algorithm that supports key sizes of 128, 192, and 256 bits.GOST 34.12-2018, AES has been adopted by the governmentes and is considered secure for protecting sensitive information.It has become the de facto standard for encryption in many industries, including banking and finance, due to its robustness and efficiency.When it comes to key sizes, AES-256 is the most commonly used in banking and financial systems.AES-256 refers to AES with a 256-bit key, providing a high level of security against brute-force attacks.
The main expansion process usually consists of the following steps: 1. Seed Key: A seed key, provided by the user or automatically generated, is the starting point for generating additional rounds of keys.

Key table:
The original key is rotated using a key table algorithm that generates round subkeys for each round of encryption.The key table includes operations such as bit shifts, nonlinear S-boxes, shifts, and XOR operations.

Duplications and subkeys:
The key table algorithm is executed for each round of encryption and generates unique round keys for each round.Round keys are usually of a fixed size and are used to be XORed with the plaintext or previous ciphertext at each encryption step.
Round key generation is an important step in the symmetric block encryption process, ensuring the uniqueness and security of the encryption.
It's worth noting that encryption systems used in banking and financial institutions typically involve more than just the choice of a block cipher.They incorporate additional security measures such as secure key management, secure protocols, and other cryptographic mechanisms to ensure the confidentiality and integrity of sensitive data.Choosing round keys in block cipher algorithms is an important step that requires consideration of security, randomness, and key strength.Cryptographic standards generally provide guidelines and specifications for the generation and use of round keys for specific algorithms.One of the most common round key generation algorithms for symmetric block ciphers is key-encryption-based key expansion.8 of which are verified and not used for encryption.It was launched as a national standard in the United States in 1977.It has now been superseded by AES (in 2002), but 3DES, based on full DES, continues to be used worldwide (e.g. in s/MIME standards, ANSI X9. 17).In the cryptographic analysis of the algorithm, the concept of weak key was introduced for the first time, and it is related to the property of the key table consisting of the matching of rotating keys in different encryption rounds, and the problem of the weak key table of the DES algorithm was considered in detail.
GOST 28147-89-is an encryption standard published in the USSR in 1990.Current standard of the Russian Federation.The number of types is 32, the length of the algorithm block is 64 bits, and the key length is 256 bits.Each round key is 32 bits long.The partial key generation process divides the 256-bit key into 32-bit blocks into 8 blocks: k 1 , k 2 ,. ....k 8.At each step, a corresponding partial key is used.GOST 28147-89 does not specify the methods of generation of S-blocks, it is only said how to present S-blocks [4].It uses a 256-bit key, secret S-blocks, and pseudo-random numbers to ensure cryptoresistance.GOST 28147-89 does not provide a specially recommended method of manufacturing keys.This can lead to the generation of weak keys that threaten the security of encryption, or to the insufficient use of random material to generate keys.The shortcomings and other limitations of GOST 28147-89 keys emphasize the need to use more modern and reliable encryption algorithms [5,6].
"Kuznechik" (GOST 34.12-2018) -this algorithm represents a significant update and development of the previous standard GOST 28147-89.Algorithm block length is 128 bits, key length is 256 bits.It also uses a round key similar to GOST 28147-89.The key is used directly in the data encryption and decryption process [7]."GOST 34.12-2018, " also known as "Kuznechik, " is a Russian cryptographic algorithm.Key generation in financial systems using Kuznechik typically follows a standard procedure: 1. Randomness: A secure random number generator is used to generate a random key seed.

Key expansion:
The key seed is then expanded into a full cryptographic key using an approved key derivation function or algorithm.
3. Key protection: The generated key is typically stored securely, such as in a hardware security module (HSM), to prevent unauthorized access.
Currently, there are no known attacks that "Kuznechik" can completely break.However, encryption algorithms are always susceptible to new attacks and cryptanalysis.Given the rapid development of cryptography, it is important to monitor the development of new attacks and update algorithms and keys accordingly.
AES (Advanced Encryption Standard) -the length of the input and output blocks in the algorithm is 128 bits, the length of the encryption key is 128, 192 or 256 bits.
In banking and financial systems, the most commonly used symmetric block cipher is the Advanced Encryption Standard (AES).AES supports key sizes of 128, 192, and 256 bits.It has been extensively analyzed and is considered secure against various cryptographic attacks.The preference for key size depends on the specific security requirements and regulations of each institution.All permutations used in encryption aim to implement the principles of spread and propagation.In the standard, depending on the length of the block and the key, the number of stages (rounds) is set from 10 to 14.The encryption procedure includes both the procedure of generation of stage keys and the loading of stage keys for conversion to ciphertext (transition to plaintext) of length corresponding to the number of stages.Converting the ciphertext to the original text is carried out by performing the operations in the inversion (reverse) manner.To date, AES is among the ciphers with high crypto-resistance.[9] It uses a special algorithm known as key expansion or key table to generate keys.n financial systems, the key generation process for the Advanced Encryption Standard (AES) typically involves the following steps: Determining the key size: AES supports key sizes of 128, 192, and 256 bits.The desired key size should be determined based on the security requirements of the financial system.A longer key size generally provides stronger security but may have implications for performance and compatibility.
Generating a random key: A secure random number generator (RNG) is used to generate a random key of the chosen key size.The RNG should be cryptographically secure and gather entropy from various sources to ensure the randomness of the key.Commonly used RNGs include hardware RNGs, operating system-provided RNGs, or dedicated cryptographic libraries.
Protecting the key: Once the random key is generated, it needs to be protected to prevent unauthorized access.The key should be stored securely in a trusted key management system or hardware security module (HSM) that provides physical and logical protections against unauthorized access, tampering, and extraction.Access controls and authentication mechanisms should be implemented to restrict key usage to authorized entities.
Key backup and recovery: It is crucial to establish a robust key backup and recovery mechanism to ensure the availability of the key in case of system failures, disasters, or key loss.Regularly backing up the key and securely storing the backups in separate locations is important to prevent data loss and maintain business continuity.
Key rotation and retirement: To maintain the security of the financial system, key rotation should be implemented periodically.This involves generating new keys and replacing the existing ones.The frequency of key rotation depends on the security policies, industry standards, and regulatory requirements.Retiring and securely disposing of old keys is also important to prevent potential vulnerabilities.
It is essential to follow industry best practices and compliance requirements when performing AES key generation in financial systems.This includes using trusted cryptographic libraries, secure key storage mechanisms, and adhering to established standards and guidelines.Additionally, regular security audits, vulnerability assessments, and monitoring should be conducted to identify and address any weaknesses in the key generation and management processes [10,11,12].
It's important to note that the specific implementation details of key generation may vary across different financial systems and organizations, as they may have additional security measures or protocols in place to protect the keys [13].
It's important to note that the specific implementation details of key generation may vary across different financial systems and Here, ( )*-"+" sign means autocorrelation is equal to 0 when strict avalanche efficiency ( ) = 1 conditions are met ( ( ) = 0),and "-" sign means autocorrelation is not equal to ( ( ) ≠ 0),.
( ) * = 0, for this to be ( ( ) = 0), condition ( ) = 0, i.e. = 0is fulfilled, ( ) * = 1, for this to be ( ) = 0, condition ( ) = 1, i.e. = 1 is fulfilled [12].Random key generation is also used in hardware in addition to computers.Therefore, the development of a light and fast generation algorithm is one of the urgent issues in cryptography.Lightweight cryptographic algorithms are important in the IoT because they allow for secure communication on devices with limited processing power and memory.These devices, such as sensors and actuators, often have limited resources and cannot handle the computational demands of traditional cryptographic algorithms.Lightweight algorithms provide a balance between security and performance, making them suitable for use in IoT devices.They are used to secure data transmission, storage, and processing [14,15].

DATA AND METHODOLOGY
Analysis and empirical research methods were used during this research.Also, key generation methods are used for symmetric block cryptographic methods of ensuring information security in financial systems [16].
1. Symmetric block cryptographic algorithms for ensuring information security in financial systems and their analysis; 2. Use of round keys in S-blocks used for symmetric block ciphers; Crypto-algorithms, in particular block symmetric encryption algorithms DES, AES, GOST 28147-89, GOST 34.12-2018, respectively, use keys generated according to a predetermined rule with a length of 56,128,192,256 bits.However, not all keys generated according to the rules set by standard algorithms may be resistant to various cryptoattacks organized by a cryptanalyst monitoring the open communication network in order to decrypt.For example, if the sequence of bits that make up the key consists only of zeros or ones, or if not, a combination of zeros and ones is formed by repeating with a fixed period, then this type of keys is considered to be invulnerable.Because in this type of bit sequence, there is a possibility to know in advance the mathematical regularity of periodic repetition of zero and one elements that make up this sequence.In that case, it is not appropriate to use the generated bit sequence as a secret key for symmetric encryption algorithms [17][18][19].So, based on the above considerations, we propose a round key generation algorithm for symmetric block encryption algorithms.K -secret key, 0 -the first 64 bits of the 256-bit key; 1 -the second 64-bit part of the 256-bit key; 2 -the third 64-bit part of the 256-bit key; 3 is the fourth 64-bit part of the 256-bit key; -initialization vector; 0 -the first 64-bit part of the 256-bit initialization vector; 1 -the second 64-bit part of the 256-bit initialization vector; 2 -the third 64-bit part of the 256-bit initialization vector; 3 -the fourth 64-bit part of the 256-bit initialization vector; Rotation -mixing function; -a non-linear replacement function; -a function to add elements of two arrays by 2 modules; 0 , 1 , 2 , 3 , 4 -constant numbers (constant values); -non-linear reflection (byte replacement -S block); -non-linear replacement replaces the following 8-bit array elements with the corresponding 8-bit values in the following sblock.−reflection performs addition (⊕) modulo 2 on two 64-bit array values.
Lightweight cryptography of various structures, key sizes, and block sizes were chosen.A wide range of differences in key size, block size, and rounds were realized as essential for analysis goals.A total of 39 different ciphers of 13 families shown in Table 4.These candidates are expected to be selected as a replacement of the traditional standards [20,21].

ANALYSIS AND RESULTS
The values of 64-bit length k_i generated using the above-mentioned key and initialization vectors are in the following sequence.This process can be continued as desired.Any number of these 64-bit array values can be used for encryption algorithms (for cases where the round key is of different lengths, for example, 128 bits, 192 bits, 256 bits, etc.).Using this algorithm, the number of sequences required for NIST statistical tests was generated and the degree of randomness was evaluated using this test.Below are the results of the evaluation in NIST tests [22,23]: Also, as part of the algorithm design, modern ciphers increase their security (confusion and diffusion) through the repeated execution (n times) of a simple round function.In block ciphers, the input and output of the round function are equal to the cipher block size in general.As a standard rule, increasing the number of rounds n increases the security level, while decreasing the number of rounds would play a significant role in shortening the execution time of the encryption and decryption, which is one of the essences of lightweight cryptography.In this project, the range interval of the number of rounds of the studied algorithms is [24], as shown in Figure 2.Among the five ciphers with the largest number of rounds, the Katan-Ktantan family is designed with the highest, while the Ace-64-128 and TinyJambu families are with the least among the smallest 10 [25-27,28].
Example: Let's observe how the values of the arrays created by changing the values of the key and initialization vector given above change.K=1c0636190b1260233b3512 5f1e1d0e2ff0e0d0c0b0a09080 7060504030201000 In both examples, it can be seen from the results of NIST tests that the sequences generated by the algorithm satisfy the conditions of randomness [13].
It can be seen from the table that the quality indicators of the analyzed algorithms and the newly developed algorithm are compared in the diagram below.The comparison result [12] was analyzed based on the literature and our own results.The results of the analysis solve the problem of developing circular switches for the selected S-box

CONCLUSION
This paper makes an analysis of panel data of 193 countries between a decade (2008-2018 years) to provide an estimation of the link between EGDI and GDP growth rate.We document that EGDI has a negative and statistically significant effect on GDP, although its sub-indexes have different effects on GDP.So, although both TII and OSI decrease GDP, on the contrary, HCI has positive impact on GDP.Moreover, our macroeconomic variables in the models remained stable and had a significant effect on GDP.Both inflation rate and unemployment rate influence negatively on GDP, whereas the taxes to revenue as % of GDP, agriculture and industry sectors have a positive effect on GDP.However, it is important to note that while estimates show that the higher the improvement in EGDI, the lower GDP growth rate, they should not be treated as improvement in the e-government index worsens the economic situation of the country.These results suggest that if the government implements policies aimed at developing an e-government system, it also should be ready for the decline in GDP growth rate.

Figure 1 :
Figure 1: General cryptographic requirements for the proposed s-block

Figure 3 :
Figure 3: NIST test results of key generation in the design of durable S-blocks and images of random numbers generated in different iterations

Table 1 :
Comparison of evaluations of different S-blocks in terms of general cryptographic requirements they may have additional security measures or protocols in place to protect the keys.The state-of-the-art encryption algorithms as a result of research are presented in Table1above, comparing the values obtained from the evaluation of S-blocks to the general cryptographic requirements.

Table 2 :
Characterization of the proposed s-block in terms of general cryptographic requirements

Table 3 :
Block Ciphers as a relative reference

Table 4 :
The evaluation was performed using NIST tests, and the results are shown below

Table 5 :
Comparison of evaluations of different S-blocks in terms of general cryptographic requirements