A NEW CHARACTER-LEVEL ENCRYPTION ALGORITHM: HOW TO IMPLEMENT CRYPTOGRAPHY IN AN ICT CLASSROOM

It is evident that the society in which we live will demand more and more qualified and specialized positions in the different branches of engineering. Now we are in a highly digitized world in which information is continuously transmitted through data communication networks with the expectation of security and confidentiality. Students who are in their last year at high school face the problem of deciding their professional future. Therefore, there is a wide field of research for them in cryptographic techniques. In this work we have developed, together with a group of high school students, a cryptographic algorithm with substitution and transposition techniques as described by Feistel (1973) in order to create a more comprehensive knowledge about what they have been studying in their ICT subjects. In most cases the teaching methods are based on the teachers' own vision, as well as on the absence of knowledge of alternative methods and/or the impossibility of applying them physically in the classroom. With the active and cooperative methodology put forward in this work, objectives such as hard work, autonomous and collaborative learning and the exchange of knowledge have been absolutely fulfilled. Achieving them requires replacing traditional methods so that the student can adapt to new work challenges. A group of students, only three of whom finished, were voluntarily provided with the mentoring service in which the algorithm was designed. As a result, we were able to program in Python as a final project a symmetrical character-level encryption algorithm we've referred to as Azrael. Our findings indicate a demand for future endeavours to take into account the need for more project-based work in ICT classrooms. The exchange of ideas between teacher and students has been the driven force behind the success of this activity.


Introduction
The protection of information has garnered much attention in recent years despite being a concern of companies and governments since time immemorial.Cryptography is an art and science.It is a playing major role in every information and security division.The main aim of the cryptography is protecting the data from unauthorized users (Zaidan et al., 2010).Encryption techniques occur or used by using shifting -positions held by units of plaintext are shifted according to a regular system-and substitution -units of plaintext are replaced with ciphertext, according to a fixed system-techniques, as well as mathematical operations (Hannan & Asif, 2017).
The modern design of symmetric encryption algorithms is block ciphers -encrypt a group of plaintext symbols as one block-and is based on the concept of iterative product ciphering (Bard, 2009).Shannon (1949) analysed product encryption and suggested that improving security involved replacement and transposition operations.Iterative product ciphers perform the encryption process in multiple stages, known as rounds, each of which uses a different subkey derived from the original key (Even & Goldreich, 1985).Iterative product encryption algorithms are based on the concepts of confusion (trying to hide the relationship between clear text, ciphertext and key by substitution) and diffusion (trying to spread the influence of each symbol of the original message among the ciphered message by permutations), which are combined to give rise to so-called product ciphers (Biham & Dunkelman, 2012).
These techniques basically consist of splitting the message into blocks of a certain size and applying the encryption function to each of them.Product encryptions using only substitutions and permutations are called substitution-permutation networks (Feistel, 1973).A substitution-permutation (SP) network takes a block of plain text and a key and applies several rounds of substitution transformations followed by transposition operations (Shannon, 1949).
The basic components of these symmetric key algorithms are the S-boxes (substitution boxes) and the P-boxes (permutation boxes).An S-box replaces a small block of text with another in a one-to-one transformation.A secure S-box should ensure that changing a single input symbol changes at least half the output symbols (Hoffstein, Pipher & Silverman, 2008).A P-box performs a permutation or transposition of all symbols and feeds the S-boxes of the next round.A secure P-box will have the property that the output symbols of any S-box are distributed in the next round among the largest number of S-boxes (Hoffstein et al., 2008).
The transformation process in each round is controlled with a subkey derived from the original key (Figure 1).This paper presents how an algorithm using a SP network has been implemented in Python.Finally, in order to determine the degree of student satisfaction, they were given a final survey.From their answers it can be deduced that the students have recognised the extra effort it has meant for the teacher and themselves to achieve the objective proposed.

AIMS
Taking as our starting point the knowledge acquired in the last two years of computer science (on classical substitution and transposition techniques), we have successfully designed a symmetric key block cipher unit that we named Azrael that operates in groups of symbols of variable length, called blocks, applying an invariant transformation to them.When encrypting, Azrael takes a block of plain text as input and yields a block of the same size of encrypted text.The exact transformation is controlled by a second input, the secret key.

Design
The designed algorithm is a symmetrical encryption cipher implemented to use dynamic substitution and permutation boxes.This means that the blocks into which the plain text or the cryptogram is divided are variable in length.
The algorithm takes as input a text of length n and divides it into blocks of equal size as the key used.The default key is a random string of ten symbols.Interestingly, each time the program is run, a new password is generated, so you are guaranteed not to repeat the same key again.That key is then fragmented into two subkeys (K1 and K2), so that they are used to divide each block into two parts (Lo, left and Ro, right) of the same length as the subkeys.
Each subkey will operate in one transposition and one substitution over Lo and Ro in each input block.Then, L and R fragments will rotate twice to ensure that the K1 and K2 subkeys act on both parts.

Second Round
Round 2 consists on a substitution over L1 and a permutation over R1, both controlled by the subkey K2.Now, both fragments exchange positions before entering the following boxes (Figure 2, Stage 2).

Third Round
In the third round, the fragment L2 is subjected to a transposition and the fragment R2 to a Vigenère substitution, both ruled by the subkey K1 (Figure 2, Stage 3).

Fourth Round
The fourth round involves a replacement of fragment L3 and a permutation of fragment R3, managed by subkey K2, just before undergoing a new exchange of positions and regenerating the block again, which will already have the same length as the original password used (Figure 2, Stage 4).
The whole regenerated block is then subjected to a new substitution, managed by the original key, to introduce further confusion (Figure 2, last substitution).
Finally, to avoid that two identical blocks of plain text can be encrypted in the same way, a transposition, controlled by the entire original key, is carried out on the complete cryptogram, thus achieving the greatest possible diffusion in the encrypted message (Figure 2, last transposition).
The result is a cryptogram with enough confusion and diffusion so that obtaining plain text without the original password is not trivial.The diagram of the algorithm implemented in Python to encrypt a plain text is as follows (Figure 2).

Source Code to Encrypt
The source code of the program azrael.py, which works according to the scheme in Figure 2, is as follows:

Encrypting with Azrael
Once the program and its two modules just described above are written (downloadable from http://bit.ly/azraelcode), it is only needed to run the module azrael.pyand enter the plaintext.The key will be randomly chosen and the ciphertext is then obtained: Plaintext: In a village of La Mancha the name of which I have no desire

Source Code to Decrypt
We have designed Azrael as a symmetric encryption system; therefore, it is enough to invert the process in order to decode a ciphertext obtained with this algorithm.The source code of the program azrael_de.py,which works according to the scheme in Figure 2 in reverse order, is as follows:

Decrypting with Azrael
When azrael_de.py is executed the program will ask for the encrypted text and password that was used to encrypt the original message.Then, the plaintext will be shown: Ciphertext: aPWqPXCaUhcvLbEWVR8oj8RmWkdaxxggHRMTFLL8LÇseHzwwBqM8ALcTcPRc Key: NMgBDCZUX4 Plaintext: In a village of La Mancha the name of which I have no desire

Project Assessment
At the end of the project, all the students, including those who left the project, completed a final survey to assess the adequacy of the effort required.From the data gathered in this survey, it can be deduced that most of them considered they had to work harder (Figure 3).
They were also asked if they thought that this methodology of cooperative learning on a project basis was the most appropriate for this purpose.The answered questions about this teaching-learning method can be seen on Figure 4.
They were finally asked about their preferences regarding the method they preferred to be assessed in the subject and why among the following: continuous evaluation, work-group exams and co-evaluation (Table 1).
From the data gathered in this survey, it can be seen that the most popular method of evaluation by tutorized students was continuous evaluation and then work-group tests.Regarding this last method, students think they established a sense of responsibility among their members, since the score depended on all of them.

Conclusions
As a result of the new educational evaluation focused on students and their development, we have seen the need to define a tutorial project, of a voluntary nature, to evaluate teamwork through a formative evaluation, so that students can be convinced of their level of competence with feedback techniques (Pachler, Daly, Mor & Mellar, 2010).
The project used as a framework was the coding in Python of an encryption program that introduces enough confusion and diffusion into the cryptogram so that obtaining the clear text without the original password is not trivial.
For its design we have only used transpositions and substitutions operations, which have been learned by the students in their classes.Although the two operations may be simple to break separately, their combination as product encryption creates enough complexity to find a solution easily.
The coded program shows students how to achieve a practical application from the different theoretical knowledge they acquire during their training.Even though the algorithm is simple, it uses the same methodology as other strong encryption algorithms, such as AES.
It is very important to note that Azrael does not use secure S-boxes, which will be the next implementation we will be made in a new project in the ICT classroom, so it should only be used as an educational tool, not to encrypt sensitive information.
In this paper we have come to the conclusion that while project work introduces a very interesting methodology, it is also true that the current school system is not prepared for it.The same curricula continue to be used, with increasingly shorter times, and this means extra work that not all students can do.However, despite the fact that only three students finished the project, the general feeling was one of success in having achieved an objective that seemed impossible for them.
In conclusion, we can assure that the development of the mentoring project has been a success.Students have been left with a great feeling of achievement working in teams because they have felt themselves an essential part of their own training.

Figure 1 .
Figure 1.General scheme of a SP network

Figure 3 .
Figure 3. Students' opinion about the degree of effort with the activity

Table 1 .
Preferred Methods of Assessment