FPGA-based implementation of enhanced ZUC stream cipher based on dynamic S-box

Abstract

ZUC algorithm is a word-oriented stream cipher designed by the Data Assurance and Communication Security Research Center of the Chinese Academy of Sciences and standardized by the 3GPP (3rd Generation Partnership Project) organization to ensure the LTE (Long Term Evolution of radio networks) security and 5G (the fifth generation of cellular network technology). However, many studies in the literature have proven that the ZUC algorithm has certain weaknesses. The objective of this study is, improve the security of the ZUC algorithm, implement the improved version on an FPGA board, and then evaluate its performance. The design improvement is to replace the static S-boxes of the ZUC algorithm by a Dynamic S-box, which allows to generate a new keystream with each new execution of the algorithm and this by flipping just one bit in the initial values. We thus obtain the best robustness against cryptographic attacks. The new S-box, initialized by 256 ordered values [0,1,…,255] is permuted using the 2-D cat map. The parameters (u, v ri, rj) of the cat map (dynamic permutation key, Kp) are supplied by the feedback value of the LSFR at the end of the initialization phase. The system is implemented on a Xilinx XC7Z020 PYNQ-Z2 FPGA platform and its robustness is evaluated using many security tests. The use of a dynamic S-box surely increases the security against cryptanalytic attacks of the algorithm, compared to the use of a static S-box. Moreover, the proposed algorithm is robust against the main statistical attacks. It achieves acceptable hardware performance for use in real-time applications.