STUDIES ON STATISTICAL ANALYSIS AND PERFORMANCE EVALUATION FOR SOME STREAM CIPHERS

1) V. N. Karazin Kharkiv National University, Svobody sq., 6, Kharkiv, 61022, Ukraine 2) JSC “Institute of Information Technologies”, Bakulin St., 12, Kharkiv, 61166, Ukraine, gorbenkoi@iit.kharkov.ua, kuznetsov@karazin.ua, gorbenkou@iit.kharkov.ua, tvlad.tyma@gmail.com, lutsenko.maria.kh@gmail.com 3) Ivan Chernyakhovsky National Defense University of Ukraine, Povitroflotsky avenue, 28, Kyiv-049, 03049, Ukraine


INTRODUCTION
Today, due to intensive development and improvement of technology, society has more opportunities for social interaction, processing, and transmission of information that can serve the interests of individuals, corporations or states. Therefore, in today's world, knowledge in various fields of activity and a person's life plays an important role that requires multiple means of protection, provided service privacy policy in information and telecommunication systems.
Currently, in cryptography, there are several groups of cryptographic transformations, namely, symmetric and asymmetric encryption. The cryptographic primitives of symmetric encryption use cryptographic conversion methods for open text and the same secret key for cipher text (for example, block and stream algorithms), while cryptographic primitives for asymmetric encryption use a pair of keys that are interconnected [1]. Special attention has been paid to stream cryptographic transformations that are designed to protect information and telecommunication systems and technologies in most cryptographic applications, including generation of pseudorandom sequences, encryption for information and telecommunication systems, as well as for ensuring the confidentiality and integrity of information for cryptographic authentication protocols, electronic signatures and other services [2]. Implementation of international projects such as eSTREAM [3], NESSIE, CRYPTREC (in Japan) [4] proves this. They are aimed at the development and research of encryption algorithms that would provide a high level of cryptographic stability, high performance and function on various computing platforms. Because of these projects, national and international standards for cryptographic transformation were adopted.
The list of studied stream cryptographic transformation algorithms is shown in Table 1

GENERAL DESCRIPTION
One of the critical indicators of stream ciphers is cryptographic resistance -a maximum period generating pseudorandom sequences, as the availability period of a pseudorandom sequence is a significant drawback to the statistical random sequences. For example, if a cipher has a small generation period, then it is evident that its value may be easily predicted; hence, the sequence period should be large and much larger than the expected length of the open message [15].
For the experimental research of cryptographic properties, statistical tests were used, such as NIST STS [16] and DIEHARD [17], for values of output sequences.
They aim to verify the hypothesis of the random nature of the original sequence of the studied cryptographic algorithm that generates the data, which is not different in a statistical sense from some hypothetical "random" sequence.

NIST STS
The NIST STS package was designed during the AES competition for the study of random or pseudorandom numbers generators and is the most common tool for assessing the statistical security of cryptographic primitives. Using this package allows us to determine how closely the cryptographic algorithms are compared with the generators of "random" sequences, that is, with a high probability to confirm whether the resulting series is statistically safe.
The package contains 15 tests [18], but in reality, depends on the input parameters, 188 probabilities ( 1, 2,..., 188) are calculated that can be considered as the result of the work of individual tests. For statistical testing of pairs (the random key and initialisation vector), 100 sequences in length of 10 6 bits are generated. The mathematical expectation of the number of passed tests by the studied generator is shown in Tables 2 and 3, where: M -the evaluation of the mathematical expectation of the number of passed tests; S -the assessment of the average deviation of the results testing the number of passed tests.
Their high cryptographic properties confirm the given results of testing of different ciphers. In particular, all cryptographic transformations studied showed a large number of successfully passed tests: between 130 and 135 tests for probabilities ≥ 0.99, and from 186 to 188 for expectations ≥ 0.96 (except CRYPTMT, which received the result of 159). It is necessary to note high statistical parameters of the Strumok algorithm, which shows specific properties to the random bits generator. In particular, according to the results of Table 2, it is seen that formed pseudorandom sequences in their properties are not inferior to the world-known stream cryptographic algorithms.

DIEHARD
George Marsaglia proposed a set of the DIEHARD statistical tests in 1995. The DIEHARD is considered as a set of experiments with the most stringent criteria for the sequence properties and is intended to characterise the randomness (or lack thereof) in a sequence of integers formed by a specific pseudorandom sequence generator. A specific feature of the DIEHARD system is the practical orientation of the tests, that is, the basis of some criteria are not theoretical calculations of statistical safety assessment, but the evaluation of the results based on earlier author's practice tests.
In the program implementation of the DIEHARD, depending on the input data, 215 tests are included (the results are seen in Table 4). Even though the Sosemanuk cipher, based on the results of the distribution of probabilities for uniform, shows insignificant, but a little higher, unlike other ciphers, deviation from the uniform distribution, according to the results of the last test, it occupies a leading position. It should be noted that according to statistical analyses of the NIST STS package, KCipher-2 has a high position, but in the DIEHARD test, it takes the last place.
To test the algorithms the equipment with Intel Core i7-7700 3.6GHz processor was used (first level 64KB cache and second level 1024KB), 32GB DDR3 2133MHz RAM and OS Windows 10. By the chosen method of studying the speed of stream cryptographic transformation in this work, the following parameters are used: -the rate of encryption of a long sequence (1GB) without taking into account the time of setting the key and the initialisation vector (the results are shown in Table 5); -the speed of encryption of small data packets (40, 576 and 1500 bytes), taking into account the establishment of a particular value of the initialisation vector (the results see in Tables 6 -8); -the speed of initialisation key parameters (the key and the initialisation vector , the results can be seen in Table 9). The results obtained from encryption of long sequences, which are carried out for each algorithm on a key, are shown in Table 5. From the data in the table, it follows that stream ciphers have an undeniable advantage over blocks.
Among the stream algorithms, HC-128, Strumok-256 and Strumok-512 are the fastest.   Analysing the results presented in Tables 6-8, it should be noted that the advantage of the speed of encryption stream algorithms maintained for packets size of more than 40 bytes. For small packets, the time of internal state initialisation begins to play a significant part in the stream algorithms. As for the comparison of the speed of stream algorithms, it should be emphasised on the advantage of the SNOW2.0 and Strumok generators. According to the results of the studies presented in Table 9, it should be noted the advantage of the Salsa20 cipher. The HC algorithm, which showed good results of the speed, it has the shortest time of installation a key, but the time it takes to initialise the vector, is the most. The Strumok algorithm has average values for this criterion.

CONCLUSIONS
The symmetric stream ciphers play an essential role in the processes of cryptographic protection of information. They have a high speed of cryptographic transformation, especially for use with large encryption amounts of the input data.
The results obtained from comparative studies have shown that the stream algorithms significantly exceed block ciphers by the speed of encryption in large packets. Among the stream algorithms, the Strumok generator, whose structure is targeted at applications in a modern 64-bit computing system, has the advantage of giving the highest values. In particular, the Intel Core i7-7700 3.6GHz and OS Windows 10 have reached 16 -18Gbps encryption speeds.
With small encryption packets, the computational efficiency of the stream ciphers decreases, and for packets size of 40 bytes block ciphers become faster. When comparing the stream algorithms, the Strumok generator that stably shows a high encryption speeds has the advantage.
The study of the initialisation time of cryptographic algorithms didn't show the advantage of block or stream algorithms. And although with the increased size of processed data, the initialisation time plays a tiny part in the process of encryption, this parameter should also to be given attention. In particular, according to our research, the most significant advantage over the initialisation time has the Salsa20 cipher.
Generalising the results, it should be noted that the Strumok keystream generator in most cases showed better results. When implemented on a 64bit computing platform, it provides a tremendous speed of encryption and can be recommended for practical application in the modern information and telecommunication systems.