Securing IoT Devices against Differential-Linear (DL) Attack Used on Serpent Algorithm

Cryptographic algorithms installed on Internet of Things (IoT) devices suffer many attacks. Some of these attacks include the differential linear attack (DL). The DL attack depends on the computation of the probability of differential-linear characteristics, which yields a Differential-Linear Connectivity Table ( DLCT ). The DLCT is a probability table that provides an attacker many possibilities of guessing the cryptographic keys of any algorithm such as Serpent. In essence, the attacker firstly constructs a DLCT by using building blocks such as Substitution Boxes (S-Boxes) found in many algorithms’ architectures. In depth, this study focuses on securing IoT devices against DL attacks used on Serpent algorithms by using three magic numbers mapped on a newly developed mathematical function called Blocker, which will be added on Serpent’s infrastructure before being installed in IoT devices. The new S-Boxes with 32-bit output were generated to replace the original Serpent’s S-Boxes with 4-bit output. The new S-Boxes were also inserted in Serpent’s architecture. This novel approach of using magic numbers and the Blocker Function worked successfully in this study. The results demonstrated an algorithm for which its S-Box is composed of a 4-bit-output that is more vulnerable to being attacked than an algorithm in which its S-Box comprises 32-bit outputs. The novel approach of using a Blocker, developed by three magic numbers and 32-bits output S-Boxes, successfully blocked the construction of DLCT and DL attacks. This approach managed to secure the Serpent algorithm installed on IoT devices against DL attacks.