Lalu Prasad Lenka | Portfolio

Summer Internship @ ISI, Kolkata

Published Sep 16, 2016

Hello everyone, this is my first ever blogging experience and I am here to share my experience of summer internship at ISI, Kolkata and some technical details about my internship project.

I was in my second year and like many other sophomores, I was looking for some enriching summer internships or scholarship programs and thanks to Tworit bhai, we got to know about IAS Summer Research Programs and applied, three of us got selected, two at ISI Kolkata and one at IISc., Bangalore. Both being top two research institutes in India, we all were very delighted.

Coming to the internship, the experience at the ISI campus was unforgettable and really awesome. From the cleanliness, mesmerizing architecture & ambience ,well-stocked library to immensely knowledgeable professors with almost everyone having over 10 research publications in their field of study, it was clearly evident why it’s in top two of India. I was delighted to meet my guide Prof. Bimal K Roy. He was extremely organized and efficient with his tasks and was always super busy and I was super excited to work with him :).

Before writing technical details of my project, I would like to give brief introduction of Cryptography. It’s all about encrypting our data and keeping the decryption key a secret. It’s about making our encryption algorithm as close to randomness as possible. Cryptography is everywhere starting from sim cards in our mobiles, internet protocols, secured websites, internet banking, military, satellite broadcast, WEP in Wi-Fi etc. I worked mostly on famous block ciphers like DES, adopted as an encryption standard worldwide by NSA in 1976 & is one of the most famous and researched block ciphers of our time which went unbroken for 20 long years. AES supersedes DES & is now adopted worldwide. Originally based on Rijndael, it was selected by NIST in 1997 out of 15 competing algorithms for AES position after DES was broken. AES is used nearly everywhere, most familiar example is TLS in HTTPS.

On the first day of internship, I knew nothing about cryptography, hence considering my limited knowledge and skills in this field, my guide suggested me to implement some important algorithms in cryptography, to study and implement various classical ciphers and their cryptanalysis which I did in C++ and then I was instructed to study Shannon’s theory.

After this I studied about DES. Its encryption algorithm was quite complex which uses 16 rounds of Feistel network, S-boxes and the key schedule. I mainly worked the S-boxes i.e. Substitution boxes which is kind of mapping of specific input bit to equivalent output bits. In case of DES, it used 8 different S-boxes which all took 6-bit input and gave 4-bit output. This S-box adds mostly to the non-linearity of DES.

To find out weakness in DES S-boxes, firstly I was instructed to perform a Correlation test to find whether DES is weak towards attacks based on correlation of Input/Output. Then I thoroughly studied and implemented [Differential Cryptanalysis](https://en.wikipedia.org/wiki/Differential_cryptanalysis) and constructed the Difference Distribution Table for each of these S-boxes, I used Octave to implement all above and I got the strength sequence of DES S-boxes over differential cryptanalysis.

After successfully analyzing S-boxes of DES, My guide asked me to study and Implement AES. It has four layers & 10–14 rounds of substitution-permutation network based on key-length. AES is one of the finest encryption algorithms of our time, quite complex and powerful. Again I though studied them all but only focused on Byte Substitution layer of AES which had S-boxes. It uses only one S-box which is quite strong.

I had to study various cryptographic properties of Boolean functions like Non-linearity, linearity, correlation immunity, balancedness, algebraic degree, differential uniformity, Walsh transforms, ANF (Algebraic normal form),SAC(Strict avalanche criteria),Iterative periods etc. . All these are not mere terms but influential cryptographic concepts which I needed to completely understand to find weakness in AES if any.

I was then instructed to find the Non-linearity and Correlation Immunity of AES S-boxes and the final challenge was to design a better S-box. I studied & implemented Linear Cryptanalysis, constructed Linear Approximation Tables to work on DES S-box and AES S-box linearity.

After lots of hard work & research, I finally found one loop hole in AES S-box. It used two concepts –Inversion in Galois Field and Affine transformation, to carry out the mapping. I found weakness in period of its affine transformation(which is 4), I wrote a code to get the period of Affine transformation for different bit matrix and after testing many possible combinations I found the maximum period for AES was 16 and used it to construct my own S-box, thereby completing my project. My s-box has a better iterative period and is closer to satisfy SAC than AES S-box.

All the above things I did required tremendous effort, as I went through nearly 30–40 research papers and couple of books on cryptography, wrote multiple scripts in Python and Octave implement encryption algorithms, cryptanalytic techniques, to construct DDT & LAT and to check other cryptanalytic properties, all these to successfully complete my project and I am glad, I did it and impressed my guide enough to get his recommendation letter. Sorry for making it long, but I was asked to give details of my work too. Anyway, this internship had been extremely enriching and interesting, I enjoyed the challenges a lot, it demanded both academic and coding skills, to understand research papers and implement the same. I enjoyed the ambience, craze among students, professors and every other part of my Internship, It was great experience.

Lastly, to all juniors, summers are the time to intern! Internships are a stepping stone to opportunities and an external experience, Start applying for internships 3–4 months before you wish to join. Brush up all the core concepts and take guidance from your seniors. Showcase all your good projects and put them online (Github, bitbucket etc.). If you get selected for any internship & it gets tough, passion and patience play a key role during such challenging times. Give your best at what you’re doing. This will really impress your mentor and may urge him to shower you with additional accolades and future opportunities.

Thank you