System and method for generating a symmetrically balanced output

Abstract

Disclosed are a system and method for generating a symmetrically balanced output to accomplish a plurality of predefined properties. The method comprises a step of receiving a plurality of registers with B bits, an expression length, and a plurality of operators through a receiving module. The method then includes a step of generating a random expression population through a random expression population generation module. Further, the method includes the step of computing a fitness value of the random expression population through a fitness function module. The method then includes the step of providing registers with B bits if a plurality of output bits are having an equal number of 1s and 0s through a conditional module. The conditional module performs mutation in the operators if the output bits are not having an equal number of 1s and 0s.

Claims

1. A computer-implemented method for generating a symmetrically balanced output to accomplish a plurality of predefined properties, the method comprising steps of: receiving a plurality of registers with B bits, an expression length, and a plurality of operators through a receiving module, wherein the expression length is a number of terms in a combined function, wherein the combined function comprises at least one of a plurality of logic gates configured to strengthen a plurality of hash algorithms, a plurality of stream ciphers and a round function module of block ciphers: generating a random expression population through a random expression population generation module; computing a fitness value of the random expression population through a fitness function module; and providing the registers with B bits if a plurality of output bits have an equal number of 1 s and 0s through a conditional module, wherein the conditional module performs a mutation in the operators if the output bits do not have an equal number of 1s and 0s.

2. The method according to claim 1, wherein the mutation in the operators is performed by changing a combination of at least one of the plurality of logic gates, the registers and a plurality of variables.

3. The method according to claim 1, wherein the method further comprises the step of utilizing a hamming distance of output string to compute a distance between at least two strings of equal length.

4. The method according to claim 1, wherein the predefined properties comprise balancedness, resiliency, non-linearity, propagation, immunity, and symmetricity.

5. A system for generating a symmetrically balanced output to accomplish a plurality of predefined properties, the system comprises: a processor; and a memory to store machine-readable instructions that when executed by the processor cause the processor to: receive a plurality of registers with B bits, an expression length, and a plurality of operators, wherein the expression length is a number of terms in a combined function, wherein the combined function comprises at least one of a plurality of logic gates configured to strengthen a plurality of hash algorithms, a plurality of stream ciphers and a round function module of block ciphers; generate a random expression population; compute a fitness value of the random expression population; and provide the registers with B bits if a plurality of output bits have an equal number of 1 s and 0s, wherein a mutation in the operators is performed if the output bits do not have an equal number of 1s and 0s.

6. The system according to claim 5, wherein the mutation in the operators is performed by changing a combination of at least one of the plurality of logic gates, the registers and a plurality of variables.

7. The system according to claim 5, wherein the machine-readable instructions, when executed by the processor, further cause the processor to utilize a hamming distance of output string to compute a distance between at least two strings of equal length.

8. The system according to claim 5, wherein the predefined properties comprise balancedness, resiliency, non-linearity, propagation, immunity, and symmetricity.

9. A device in a network, comprising: a non-transitory storage device having embodied therein one or more routines operable to generate a symmetrically balanced output to accomplish a plurality of predefined properties; and one or more processors coupled to the non-transitory storage device and operable to execute the one or more routines, wherein the one or more routines include: a receiving module to receive a plurality of registers with B bits, an expression length, and a plurality of operators, wherein the expression length is a number of terms in a combined function, wherein the combined function comprises at least one of a plurality of logic gates configured to strengthen a plurality of hash algorithms, a plurality of stream ciphers and a round function module of block ciphers: a random expression population generation module to generate a random expression population; a fitness function module to compute a fitness value of the random expression population; and a conditional module to provide the registers with B bits if a plurality of output bits have an equal number of 1s and 0s, wherein the conditional module performs mutation in the operators if the output bits do not have an equal number of 1s and 0s.

10. The device according to claim 9, wherein the mutation in the operators is performed by changing a combination of at least one of the plurality of logic gates, the registers and a plurality of variables.

11. The device according to claim 9, wherein the one or more routines includes utilizing a hamming distance of output string to compute a distance between at least two strings of equal length.

12. The device according to claim 9, wherein the predefined properties comprise balancedness, resiliency, non-linearity, propagation, immunity, and symmetricity.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) In the figures, similar components and/or features may have the same reference label. Further, various components of the same type may be distinguished by following the reference label with a second label that distinguishes among the similar components. If only the first reference label is used in the specification, the description applies to any one of the similar components having the same first reference label irrespective of the second reference label.

(2) FIG. 1 illustrates a network implementation of the present system and method for generating a symmetrically balanced output to accomplish a plurality of predefined properties, in accordance with an embodiment of the present subject matter.

(3) FIG. 2 illustrates a block diagram of the present system for generating a symmetrically balanced output to accomplish a plurality of predefined properties, in accordance with an embodiment of the present subject matter.

(4) FIG. 3 illustrates an exemplary structure of the present system for two variables of n bits, in accordance with at least one embodiment.

(5) FIG. 4a illustrates an exemplary diagram of the chaining of randomization, in accordance with at least one embodiment.

(6) FIG. 4b illustrates an exemplary view of the hamming distance of output vectors, in accordance with at least one embodiment.

(7) FIG. 4c illustrates a conceptual diagram of the lower and upper halves of the bit string, in accordance with at least one embodiment.

(8) FIG. 5 illustrates a flowchart of the present method for generating a symmetrically balanced output to accomplish a plurality of predefined properties, in accordance with at least one embodiment.

(9) FIG. 6 illustrates an exemplary view of a modified key expansion for 14 round AES, in accordance with at least one embodiment.

(10) FIG. 7 illustrates an exemplary view of the proposed modification in RC4 scheme, in accordance with at least one embodiment.

DETAILED DESCRIPTION

(11) Systems and methods are disclosed for generating a symmetrically balanced output to accomplish a plurality of predefined properties. Embodiments of the present disclosure include various steps, which will be described below. The steps may be performed by hardware components or may be embodied in machine-executable instructions, which may be used to cause a general-purpose or special-purpose processor programmed with the instructions to perform the steps. Alternatively, steps may be performed by a combination of hardware, software, and firmware.

(12) Embodiments of the present disclosure may be provided as a computer program product, which may include a machine-readable storage medium tangibly embodying thereon instructions, which may be used to program a computer (or other electronic devices) to perform a process. The machine-readable medium may include, but is not limited to, fixed (hard) drives, magnetic tape, floppy diskettes, optical disks, compact disc read-only memories (CD-ROMs), and magneto-optical disks, semiconductor memories, such as ROMs, PROMs, random access memories (RAMs), programmable read-only memories (PROMs), erasable PROMs (EPROMs), electrically erasable PROMs (EEPROMs), flash memory, magnetic or optical cards, or other type of media/machine-readable medium suitable for storing electronic instructions (e.g., computer programming code, such as software or firmware).

(13) Various methods described herein may be practiced by combining one or more machine-readable storage media containing the code according to the present disclosure with appropriate standard computer hardware to execute the code contained therein. An apparatus for practicing various embodiments of the present disclosure may involve one or more computers (or one or more processors within a single computer) and storage systems containing or having network access to computer program(s) coded in accordance with various methods described herein, and the method steps of the disclosure could be accomplished by modules, routines, subroutines, or subparts of a computer program product.

(14) The present invention discloses a system and method whereby a true random system that produces the symmetric balanced output that fulfills the properties such as balancedness, resiliency, non-linearity, propagation and immunity (BaReNPI). The cryptographic functions of the computer are improved and such improvements change conventional function generators. The technical solution provided by the present invention is pertaining to the function generator can be applied for any cryptographic algorithms for more robust algorithm. The present system considers the hamming distance of output string. Further, the present system outputs a combined function comprising of logic gates which helps the hash algorithms, stream ciphers and round function module of block ciphers to be more robust. Further, the present invention provides the function generator which can be utilzied for key generators.

(15) Typically, algorithms such as DES, AES and other block ciphers use fixed round functions. However, the present invention uses BaReNPI true random system for better avalanche effect. Moreover, stream ciphers which use pseudo random number generator are vulnerable to attack. Therefore, uses of the present BaReNPI true random system in stream ciphers makes the ciphers more robust.

(16) Although the present disclosure has been described with the purpose for generating a symmetrically balanced output to accomplish a plurality of predefined properties, it should be appreciated that the same has been done merely to illustrate the invention in an exemplary manner and any other purpose or function for which explained structures or configurations could be used, is covered within the scope of the present disclosure.

(17) Exemplary embodiments will now be described more fully hereinafter with reference to the accompanying drawings, in which exemplary embodiments are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. These embodiments are provided so that this disclosure will be thorough and complete and will fully convey the scope of the invention to those of ordinary skill in the art. Moreover, all statements herein reciting embodiments of the invention, as well as specific examples thereof, are intended to encompass both structural and functional equivalents thereof. Additionally, it is intended that such equivalents include both currently known equivalents as well as equivalents developed in the future (i.e., any elements developed that perform the same function, regardless of structure).

(18) Thus, for example, it will be appreciated by those of ordinary skill in the art that the diagrams, schematics, illustrations, and the like represent conceptual views or processes illustrating systems and methods embodying this invention. The functions of the various elements shown in the figures may be provided through the use of dedicated hardware as well as hardware capable of executing associated software. Similarly, any switches shown in the figures are conceptual only. Their function may be carried out through the operation of program logic, through dedicated logic, through the interaction of program control and dedicated logic, or even manually, the particular technique being selectable by the entity implementing this invention. Those of ordinary skill in the art further understand that the exemplary hardware, software, processes, methods, and/or operating systems described herein are for illustrative purposes and, thus, are not intended to be limited to any particular name.

(19) Specific details are given in the following description to provide a thorough understanding of the embodiments. However, it will be understood by one of ordinary skill in the art that the embodiments may be practiced without these specific details. For example, circuits, systems, networks, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail to avoid obscuring the embodiments.

(20) The term “machine-readable storage medium” or “computer-readable storage medium” includes, but is not limited to, portable or non-portable storage devices, optical storage devices, and various other mediums capable of storing, containing, or carrying instruction(s) and/or data. A machine-readable medium may include a non-transitory medium in which data can be stored, and that does not include carrier waves and/or transitory electronic signals propagating wirelessly or over wired connections. Examples of a non-transitory medium may include but are not limited to, a magnetic disk or tape, optical storage media such as compact disk (CD) or versatile digital disk (DVD), flash memory, memory or memory devices.

(21) FIG. 1 illustrates a network implementation 100 of the present system and method for generating a symmetrically balanced output to accomplish a plurality of predefined properties, in accordance with an embodiment of the present subject matter. Although the present subject matter is explained considering that the present system 102 is implemented on a server, it may be understood that the present system 102 may also be implemented in a variety of computing systems, such as a laptop computer, a desktop computer, a notebook, a workstation, a mainframe computer, a server, a network server, and the like. It will be understood that the present system 102 may be accessed by multiple users through one or more computing devices 104-1, 104-2 . . . 104-N, collectively referred to as computing unit 104 hereinafter, or applications residing on the computing device 104. Examples of the computing device 104 may include but are not limited to, a portable computer, a personal digital assistant, a handheld or mobile device, smart devices, and a workstation. The computing devices 104 are communicatively acccessible to the present system 102 through a network 106.

(22) In one implementation, the network 106 may be a wireless network, a wired network or a combination thereof. The network 106 can be implemented as one of the different types of networks, such as an intranet, local area network (LAN), wide area network (WAN), the internet, and the like. The network 106 may either be a dedicated network or a shared network. The shared network represents an association of the different types of networks that use a variety of protocols, for example, Hypertext Transfer Protocol (HTTP), Transmission Control Protocol/Internet Protocol (TCP/IP), Wireless Application Protocol (WAP), and the like, to communicate with one another. Further, the network 106 may include a variety of network devices, including routers, bridges, servers, computing devices, storage devices, and the like.

(23) FIG. 2 illustrates a block diagram of the present system 102 for generating a symmetrically balanced output to accomplish a plurality of predefined properties, in accordance with an embodiment of the present subject matter. In an embodiment, the predefined properties comprise balancedness, resiliency, non-linearity, propagation, immunity, and symmetricity. The system 102 may include at least one processor 202, and a memory 204. The processor 202 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, and/or any devices that manipulate signals based on operational instructions. Among other capabilities, the at least one processor 202 is configured to fetch and execute computer-readable instructions stored in the memory 204.

(24) The memory 204 may include any computer-readable medium known in the art including, for example, volatile memory, such as static random access memory (SRAM) and dynamic random access memory (DRAM), and/or non-volatile memory, such as read-only memory (ROM), erasable programmable ROM, flash memories, hard disks, optical disks, and magnetic tapes. The memory 204 may include modules 205.

(25) The modules 205 include routines, programs, objects, components, data structures, etc., which perform particular tasks or implement particular abstract data types. In one implementation, the modules 205 may include a receiving module 206, a random expression population generation module 208, a fitness function module 210 and a conditional module 212.

(26) In one implementation, the receiving module 206 receives a plurality of registers with B bits, an expression length, and a plurality of operators. In an embodiment, the expression length is a number of terms in a combined function. In an embodiment, the combined function comprises the logic gates to strengthen a plurality of hash algorithms, a plurality of stream ciphers and a round function module of block ciphers.

(27) The random expression population generation module 208 generates a random expression of the population. The fitness function module 210 computes a fitness value of the random expression population. The conditional module 212 provides registers with B bits if a plurality of output bits are having an equal number of 1s and 0s. The conditional module 214 performs mutation in the operators if the output bits are not having an equal number of 1s and 0s. In an embodiment, the mutation in the operators is performed by changing a combination of at least one a plurality of logic gates, the registers and a plurality of variables. The present system 102 utilizes a hamming distance of output string to compute a distance between at least two strings of equal length.

(28) FIG. 3 illustrates an exemplary structure 300 of the present system for two variables of n bits, in accordance with at least one embodiment. The present system outputs a combined function 310 which includes logic gates to help the hash algorithms, stream ciphers and round function module of block ciphers to be more robust. The expression for the proposed combined function generator 304 is given as:
ƒ.sub.c=.Math.ƒ.sub.i.sup.L  (1)
where, i represents the number of logic gates; L represents the expression length 302 (Number of terms in the combined function ƒ.sub.c) and .Math. represents the random combination 308.

(29) To emphasize the randomness in such combined function generator 304, the above equation (1) is further expressed in terms of N input variables' randomness in the selection, as shown in equation 2.
ƒ.sub.c(V.sub.1,V.sub.2. . . ,V.sub.N)=.Math.ƒ.sub.i.sup.L[rand (V.sub.1,V.sub.2. . . ,V.sub.N)]  (2)

(30) FIG. 4a illustrates an exemplary diagram 400 of the chaining of randomization, in accordance with at least one embodiment. The structure is shown in the FIG. 3 can be expanded as the function generator can be used for any N variables of n bits each as shown in FIG. 4. Let F.sub.2 is the finite field of two elements {0,1} and ⊕ is any operation of the field F.sub.2. N variables are used and each variable is considered to be a n bit vector v={v.sub.1, v.sub.2, . . . , v.sub.n}. In the further discussion each variable V.sub.i is considered as a binary vector v.

(31) The Hamming Weight of such a binary vector v is given by following equation 3:
wt(v)=Σ.sub.i=1.sup.nv.sub.i  (3)

(32) Proposition 1: A combined function ƒ.sub.c using n bit variables and generating an output v.sub.o of n bits is symmetric iff

(33) $\underset{i=1}{\overset{n}{.Math.}}{v}_{o_i}=\frac{n}{2}$
where, v.sub.o.sub.i∈{0,1}.

(34) For any number of variables of n bits, the bit patterns follow a bell-curve of normal distribution and the standard deviation from the mean is very low. Therefore, just analysing n/2 combinations of the bit patterns the original bit information can be achieved. Therefore, if the present system constructs to randomize the operations in the function level, each iteration provides the same bitsums and therefore hard to detect the function patterns.

(35) Proposition 2: Let n be an odd integer and v.sub.o is the output of the combined function ƒ.sub.c, ƒ.sub.c is the random symmetric function iff 0 is added in the least significant bit (LSB) of the variable.

(36) $\begin{array}{cc}\underset{i=1}{\overset{n}{.Math.}}{v}_{o_i}=\frac{n}{2},\forall n\mathrm{is}\mathrm{even}& \left(4\right)\end{array}$

(37) and

(38) $\begin{array}{cc}\underset{i=1}{\overset{n}{.Math.}}{v}_{o_i}+\mathrm{LSB}\left(0\right)=\frac{n}{2},\forall n\mathrm{is}\mathrm{odd}& \left(5\right)\end{array}$

(39) Let .sub.N the set of all symmetric random combined Boolean functions onN variables of all the functions from F.sub.2.sup.N into F.sub.2 where F.sub.2.sup.N={(V.sub.1, V.sub.2, . . . , V.sub.N)|V.sub.i∈F.sub.2}.

(40) Any combined function ƒ.sub.c∈.sub.N of L terms is expressed as a polynomial which is basically termed as Algebraic Normal Form (ANF) of the function and given as:
ƒ.sub.c(V.sub.1,V.sub.2, . . . ,V.sub.N)=⊕λ.sub.u(Π.sub.i=1.sup.Nrand (V.sub.i).sup.u.sup.i).sup.L,λ.sub.u∈F.sub.2u∈F.sub.2.sup.N and L∈   (6)
with λ.sub.u=⊕ƒ.sub.c(v),vu,∀V.sub.i={v.sub.i.sub.1,v.sub.i.sub.2, . . . ,v.sub.i.sub.n}  (7)
where, (v.sub.i.sub.1,v.sub.i.sub.2, . . . ,v.sub.i.sub.n)(u.sub.1,u.sub.2, . . . ,u.sub.n)iff ∀i,j,v.sub.i.sub.j≤u.sub.i.  (8)

(41) For any random combined function ƒ.sub.c∈.sub.N generated by the present system is expressed by a binary bit vector of length 2.sup.N. This vector is comprised of all the values ƒ.sub.c(y), y∈F.sub.2.sup.N

(42) The degree of function ƒ.sub.c is denoted by deg (ƒ.sub.c) and computed as the maximal value of the weights of the output vector v.sub.o.sub.i given as:

(43) $\begin{array}{cc}\mathrm{wt}\left(v_{o_i}\right)=\frac{n}{2},\mathrm{such}\mathrm{that}{\lambda }_u\ne 0& \left(9\right)\end{array}$

(44) Any function e∈F.sub.2.sup.N, φ.sub.e denotes the linear function in .sub.N:xe.x, where (.) is the dot operation of two vectors. The sequence of Walsh functions W.sub.k: [0,1].fwdarw.{−1,1}, k∈ is defined as below:
W.sub.k(ƒ.sub.c)=(−1).sup.Σ.sup.j=0.sup.∞.sup.k.sup.j.sup.v.sup.j+1  (10)

(45) Following the equation 10, the Walsh coefficient of ƒ.sub.c∈.sub.N in point e∈F.sub.2.sup.N is given as:
W.sub.e(ƒ.sub.c+φ.sub.e)=(−1).sup.Σ.sup.j=0.sup.∞.sup.v.sup.j+1.sup.+e.x  (11)

(46) The series of values for the Walsh coefficients W.sub.e(ƒ.sub.c+φ.sub.e), e∈F.sub.2.sup.N forms the Walsh spectrum S of the function ƒ.sub.c. The Walsh spectrum S of an N-variable combinational logic function actually represents the function itself.
∀a∈F.sub.2.sup.N,W(ƒ.sub.c+φ.sub.e)=Σ.sub.w=0.sup.N(−1).sup.v.sup.wP.sub.w(wt(a))  (12)

(47) Where, P.sub.w is the Krawtchouk polynomial of degree w given as:

(48) $\begin{array}{cc}{P}_w\left(i\right)=\underset{k=0}{\overset{w}{.Math.}}\left(\begin{array}{c}i\\ k\end{array}\right)\left(\begin{array}{c}N-i\\ w-k\end{array}\right){\left(-1\right)}^k& \left(13\right)\end{array}$

(49) The equation 12 and equation 13 represent the symmetric feature of the Walsh transformations of ƒ.sub.c.

(50) The output of ƒ.sub.c depends on the weight of its input vectors. As a result, ƒ.sub.c corresponds to a function g.sub.c: {0, 1, . . . , n}.fwdarw.F.sub.2 such that ∀x∈F.sub.2.sup.N, ƒ.sub.c(x)=g.sub.c(wt(x)). The sequence g.sub.c(ƒ.sub.c)=(g.sub.c(0), g.sub.c(1) . . . , g.sub.c(n)) for n-bit vector is considered as simplified value vector of ƒ.sub.c. To establish the relation between simplified value vector and arithmetic normal form the equation of 6 can be rewritten as shown in Equation 13.
ƒ.sub.c(V.sub.1,V.sub.2, . . . ,V.sub.N)=⊕λ.sub.ƒ(j)Γ(Π.sub.i=1.sup.Nrand (V.sub.i).sup.u.sup.i).sup.L  (14)
=⊕λ.sub.ƒ(j).sub.j,N  (15)

(51) where, λ.sub.ƒ(j), u└F.sub.2.sup.N and L∈, j={1, . . . , N}. .sub.j,N is the elementary polynomial of degree j with N variables. The coefficients of arithmetic normal form of ƒ.sub.c is represented by n-bit vector, λ(ƒ.sub.c)={λ.sub.ƒ (0), λ.sub.ƒ (1), . . . , λ.sub.ƒ (N)}, called as simplified vector of ANF of ƒ.sub.c.

(52) Following the equation 15, for a given x of weight, .sub.j,N contains

(53) $\hspace{1em}\left(\begin{array}{c}j\\ k\end{array}\right)$
nonzero monomials. The expression of binomial coefficients modulo a prime number is given by Lucas Theorem. Given two integers, r and s and their -adic representations, r=Σ.sub.i=0.sup.kr.sub.i.sup.i and, s=Σ.sub.i+0.sup.ks.sub.i.sup.i, by Lucas theorem, following equation is obtained.

(54) $\begin{array}{cc}\left(\begin{array}{c}r\\ s\end{array}\right)\equiv {\Pi }_{i=0}^k\left(\begin{array}{c}{r}_i\\ s_i\end{array}\right)\mathrm{mod}& \left(16\right)\end{array}$

(55) For =2, the present system obtains get:

(56) $\left(\begin{array}{c}r\\ s\end{array}\right)\equiv 1$
mod 2 iff supp(s).Math.supp (r) i.e. sr which means that ∀i, s.sub.i≤r.sub.i. Following values are obtained for g.sub.c and λ.sub.ƒ as below.
g.sub.c(i)=⊕(.sub.k.sup.i) for, k=0,1, . . . ,i  (17)
λ(k)=⊕λ.sub.ƒ(k),ki  (18)

(57) Further, the present disclosure describes the properties of the present BaReNPI True Random System. Balanced property of the BaReNPI True Random system generates combined function ƒ.sub.c exists if its simplified value vector g.sub.c follows the following condition.
∀0≤i≤N,g.sub.c(i)=g.sub.c(N−i)1, where is sum over F.sub.2  (19)

(58) Trivial balanced functions exactly correspond to symmetric functions. Therefore, the combined function ƒ.sub.c verifies the condition D.sub.1ƒ.sub.c=1 signifying the all-one vector. Functions with D.sub.1ƒ.sub.c=1 do not really exist for even values of n because for any vectory such that wt(v)=n/2, The D.sub.1ƒ.sub.c can be calculated as:
D.sub.1ƒ.sub.c=ƒ.sub.c(v)ƒ.sub.c(v+1)=g.sub.c(n/2)g.sub.c(n/2)=0  (20)

(59) The above trivial balanced function property also corresponds to the odd case of trivial partitioning whereas the even cases represent the affine functions. Finding the patterns of the simplified value vector g.sub.c of the combined function ƒ.sub.c leads to the set of the n binomial coefficients for balanced symmetric function.

(60) The resiliency of cryptographic functions is another important characteristic for designing robust and efficient algorithms in cryptography. The correlation between the output of the generated function and a small subset of its input variables leads to the correlation attack. A given symmetric balanced combined function ƒ.sub.c of N variables are m-resilient if it remains balanced when any m input variables are fixed and remaining (n-m) bits are altered. There is no upper or lower bound on the order of resiliency of such functions; the function is more resilient if m is higher. The property of resiliency is related to the weights of the restrictions of the f.sub.c to some subspaces.

(61) ∀f.sub.c∈.sub.N and any affine any subspace ⊂F.sub.2.sup.N, the restriction of f.sub.c to is the function given as:
: .fwdarw.F.sub.2  (21)
xf.sub.c(x),∀x∈  (22)

(62) where, f can be determined by the with a function of dim () variables.

(63) The subspace is spanned by k canonical basis vectors and its supplementary subspace is . The restrictions of f.sub.c to and to all its cosets are given by a+ where, a∈. When f.sub.c is symmetric and balanced, is represented as: =s.sub.1, s.sub.2, . . . , s.sub.k and f.sub.a+ becomes symmetric and balanced too. Moreover, for all s∈, the following equation can be expressed.
f.sub.a+(s)=ƒ(a+s)=g.sub.c(wt(a)+wt(s))  (23)

(64) which depends upon the weight of s when a is fixed. The simplified value vector and the simplified ANF vector can be deduced from f.sub.c as given below.

(65) $\begin{array}{cc}{\mathrm{��}}_{c_{f_{a+\mathrm{��}}}}\left(i\right)={\mathrm{��}}_c\left(i+\mathrm{wt}\left(a\right)\right),\forall i,0\le i\le k& \left(24\right)\end{array}$
(i)=⊕λ.sub.ƒ(i+j),∀i,0≤i≤k and jwt(a)  (25)

(66) Nonlinearity is an important design characteristic for cryptographic functions used in cryptographic algorithms to prevent different types of correlation or linear attacks. In our proposed combined function generator, this feature depends on the output vectors in v.sub.o.sub.i.Math.v.sub.o.sub.i is also considered as the affine transformations of the functions generated from the present BaReNPI true random system.

(67) FIG. 4b illustrates an exemplary view 401 of the hamming distance of output vectors, in accordance with at least one embodiment. The nonlinearity is calculated by the hamming distance between two affine transformations. For example, two output vectors are: v.sub.o and u.sub.o of 8 bits each. As shown in FIG. 1, the hamming distance between the two vectors=6. Therefore, the non linearity of the function is 6. To generalize the concept of the nonlinearity of such a function ƒ.sub.c is given as:
.sub.ƒ.sub.c=Σ.sub.i,j=1.sup.nv.sub.o.sub.i≠u.sub.o.sub.j,v.sub.o.sub.i and u.sub.o.sub.j are output vectors  (26a)

(68) Moreover following the Equation 11, the non-linearity of present BaReNPI true random system is also related with the Walsh transformation as:

(69) 0$\begin{array}{cc}\mathrm{��}{l}_{f_c}=2^{n-1}-\frac{1}{2}\max .Math.W_{f_c}\left(e\right).Math.& \left(26b\right)\end{array}$

(70) Propagation characteristics are determined by the cryptographic properties of the derivatives of the functions generated by BaReNPI true random system. All derivatives of the combined functions that output from the SGFR are linearly equivalent when they have a fixed Hamming weight of n/2. Our function ƒ.sub.c of N variables generated from the proposed BaReNPI True Random System satisfies the propagation criterion of degree k and order m if any affine function obtained from ƒ.sub.c by keeping m input bits constant satisfies the propagation criterion of degree k.

(71) Let ƒ.sub.c∈.sub.N and let x,y∈F.sub.2.sup.N be such that

(72) $\mathrm{wt}\left(x\right)=\mathrm{wt}\left(y\right)=\frac{n}{2}.$
then, D.sub.xƒ.sub.c and D.sub.yƒ.sub.c are linearly equivalent. This signifies a linear permutation μ of F.sub.2.sup.N such that D.sub.xƒ.sub.c=D.sub.yƒ.sub.c∘, where ∘ is composite function. The permutation μ exists on {1, 2, . . . , N} such that y=μ(x). Since, ƒ.sub.c is symmetric and balanced, the present system obtains:

(73) $\begin{array}{cc}\begin{array}{c}{D}_y{f}_c\left(\mu \left(a\right)\right)=f_c\left(\mu \left(a\right)\right)f_c\left(\mu \left(a\right)+y\right)\\ =f_c\left(a\right)f_c\left(\mu \left(a\right)+\mu \left(x\right)\right)\\ =f_c\left(a\right)f_c\left(\mu \left(a+x\right)\right)\\ =f_c\left(a\right)f_c\left(a+x\right)\\ =D_x{f}_c\left(a\right)\end{array}& \left(27\right)\end{array}$

(74) Let k be an integer, 1≤k≤n−1, V.sub.l=v.sub.i.sub.1, v.sub.i.sub.2, . . . , v.sub.i.sub.n−k and ε.sub.k=v.sub.n−k+1+ . . . +v.sub.n. Then the restriction of D.sub.ε.sub.kƒ.sub.c to all affine subspaces y+V, y∈v.sub.i.sub.1, v.sub.i.sub.2, . . . , v.sub.i.sub.n−k is given by:
g.sub.y:V.fwdarw.F.sub.2  (28)
xD.sub.ε.sub.kƒ.sub.c(a+y)  (29)

(75) Equations (28) and (29) are also symmetric functions of (n−k) variables and, weight is n/2. Moreover, their simplified value vectors and ANF vectors are given for all 0≤i≤n−k by:

(76) $\begin{array}{cc}{g}_{c_{g_y}}\left(i\right)=g_c\left(i+\mathrm{wt}\left(y\right)\right)g_c\left(i+k-\mathrm{wt}\left(y\right)\right)& \left(30\right)\end{array}$
λ.sub.g.sub.y(i)=λ.sub.ƒ(i+j)λ.sub.ƒ(i+j),  (31)

(77) Let ∈V.sub.l. then for any z=a+y with a∈V, then the following equation is obtained.
wt(z)=wt(a)+wt(y)  (32)
wt(z+ε.sub.k)=wt(a)+wt(y+ε.sub.k)=wt(a)+k−wt(y)  (33)

(78) Thus, ∀a∈V,

(79) $\begin{array}{cc}{D}_{{\mathrm{.Math.}}_k}{f}_c\left(a+y\right)=f_c\left(a+b\right)f_c\left(a+{\mathrm{.Math.}}_k+y\right)=\mathrm{wt}\left(a\right)+\mathrm{wt}\left(y+{\mathrm{.Math.}}_k\right)=\mathrm{wt}\left(a\right)+k-\mathrm{wt}\left(y\right)={\mathrm{��}}_c\left(\mathrm{wt}\left(a\right)+w\left(y\right)\right)\left(\mathrm{wt}\left(a\right)+k-w\left(y\right)\right)& \left(34\right)\end{array}$

(80) Equation. 18 signifies

(81) ${\mathrm{��}}_{c_{g_y}}$
also follows the symmetric property which means that partial derivatives of function generator outputs are also propagated with the propagation features. To calculate simplified ANF vector of

(82) ${\mathrm{��}}_{c_{g_y}},$
the ANF of ƒ.sub.c is decomposed as given below.
ƒ.sub.c(a+b)=⊕.sub.u∈F.sub.2.sub.n−k⊕.sub.v∈F.sub.2.sub.kλ.sub.u,vΠ.sub.i=1.sup.n−ka.sub.iu.sup.iΠ.sub.j=n−k+1.sup.n−kb.sub.j.sup.v.sup.j,∀(a,b)∈(V,V)   (35)

(83) Then, for any y∈V and a∈V, the following equation is obtained,

(84) $\begin{array}{cc}{\mathrm{��}}_{c_{g_y}}\left(a\right)=D_{{\mathrm{.Math.}}_k}{f}_c\left(a+y\right)={\oplus }_{u\in F_2^{n-k}}{\oplus }_{v\in F_2^k}{\lambda }_{u,v}{\Pi }_{i=1}^{n-k}{a}_i^{u_i}\times ({{\Pi }_{i=1}^k\left(y_{i}1\right)}^{v_i}{\Pi }_{i=1}^k{y}_i^{v_i}& \left(36\right)\end{array}$

(85) The present disclosure further discusses the correlation immunity characteristics exhibit by our proposed generator's outputs. Considering each of the N input variables V.sub.i as n bit binary vector V.sub.i={v.sub.1, v.sub.2, . . . , v.sub.nj}i=1, 2, . . . , N, for the combined symmetric and balanced function ƒ.sub.c, ƒ.sub.c is correlation immune if:

(86) $\begin{array}{cc}\mathrm{Prob}\left(f_c=v_i\right)=\frac{1}{2},1\le i\le n& \left(37\right)\end{array}$

(87) The set of all correlation immune functions of N variables of n bits each is denoted by CI.sub.N.sup.n. Further, the weight of correlation immune function ƒ of our proposed generator is given by:

(88) $\begin{array}{cc}a=\mathrm{wt}\left(f_c\right)=\frac{n}{2},f_c\in {\mathrm{CI}}_N^n& \left(38\right)\end{array}$

(89) Let, ƒ.sub.c.sup.u and ƒ.sub.c.sup.l be the upper and lower halves of equal length n/2 for our function generator's outputs as shown in FIG. 3. As, ƒ.sub.c∈CI.sub.N.sup.n,

(90) 0$\mathrm{wt}\left(f_c^u\right)=\mathrm{wt}\left(f_c^l\right)=\frac{n}{4}.$
If there are k places out of n/4 1's in the ƒ.sub.c.sup.u where the corresponding positions in reverse of ƒ.sub.c.sup.l, denoted as (ƒ.sub.c.sup.l).sup.r, do not match. Therefore, the number of bits match with respect to 1 for the function is given as:

(91) $\begin{array}{cc}{M}_1\left(f_c^u,{\left(f_c^l\right)}^r\right)=\frac{n}{4}-k& \left(39\right)\end{array}$

(92) Following the Equation 23, assumed that there are k places out of n/4 1's in the ƒ.sub.c.sup.u where the corresponding positions in (ƒ.sub.c.sup.l).sup.r do not match. Therefore, the number of bits match with respect to 0 for the function is given as:

(93) $\begin{array}{cc}{M}_0\left(f_c^u,{\left(f_c^l\right)}^r\right)=\frac{n}{4}-k& \left(40\right)\end{array}$

(94) FIG. 4c illustrates a conceptual diagram 402 of the lower and upper halves of bit string, in accordance with at least one embodiment. Hence, the following expression can be obtained:

(95) $\begin{array}{cc}M\left(f_c,{\left(f_c\right)}^r\right)=2M\left(f_c^u,{\left(f_c^l\right)}^r\right)=2\left(\frac{n}{4}-k+\frac{n}{4}-k\right)=n-4k& \left(41\right)\end{array}$

(96) The correlation immune functions with the same values of M(ƒ.sub.c, (ƒ.sub.c).sup.r) form an equivalence class.

(97) Proposition 3: Let ƒ.sub.c∈CI.sub.N.sup.n; and M(ƒ.sub.c, (ƒ.sub.c).sup.r)=m. Then ∀M.sub.0(ƒ.sub.c, (ƒ.sub.c).sup.r) and M.sub.1(ƒ.sub.c, (ƒ.sub.c).sup.r)
Min [M.sub.0(ƒ.sub.c,(ƒ.sub.c).sup.r)−M.sub.1(ƒ.sub.c,(ƒ.sub.c).sup.r)]=min [m]0

(98) Apart from the correlation immunity, algebraic immunity is also a requirement for cryptographic algorithms. Algebraic immunity also is related with the annihilator of a function. This property helps the algorithm to prevent algebraic attacks against the cryptographic algorithms.

(99) Given, ƒ.sub.c∈.sub.N, any function of the set A(ƒ.sub.c)={g∈.sub.N|gf=0} is defined as the annihilator of the function ƒ.sub.c. The algebraic immunity of ƒ.sub.c is denoted by AI(ƒ.sub.c) is minimum degree of all nonzero annihilators of ƒ.sub.c or ƒ.sub.c+1. The value of AI(ƒ.sub.c) is given as:
AI(ƒ.sub.c)=min[deg (g)|g≠0,g∈A(ƒ.sub.c)∪A(ƒ.sub.c+1)  (42)

(100) As the present BaReNPI true random system outputs the symmetric function which is balanced and therefore minimum degree is always n/2. Therefore, the algebraic immunity is always n/2 which is always optimal.

(101) FIG. 5 illustrates a flowchart 500 of the present method for generating a symmetrically balanced output to accomplish a plurality of predefined properties, in accordance with at least one embodiment. In an embodiment, the predefined properties comprise balancedness, resiliency, non-linearity, propagation, immunity, and symmetricity. The method comprises a step 502 of receiving a plurality of registers with B bits, an expression length, and a plurality of operators through a receiving module. In an embodiment, the expression length is a number of terms in a combined function. In an embodiment, the combined function comprises the logic gates to strengthen a plurality of hash algorithms, a plurality of stream ciphers and a round function module of block ciphers.

(102) The method then includes a step 504 of generating a random expression population through a random expression population generation module. Further, the method includes the step 506 of computing a fitness value (fitness function) of the random expression population through a fitness function module. The method then includes a step 508 of determining if the computed fitness value (F) is equal to B/2. The method then includes the step 510 of providing registers with B bits if a plurality of output bits are having an equal number of 1s and 0s through a conditional module. The conditional module performs a step 514 of mutation in the operators if the output bits are not having an equal number of 1s and 0s, i.e., no. of 1=no. of 0=B/2 (considering B is a total number of the bits). In an embodiment, the mutation in the operators is performed by changing a combination of at least one a plurality of logic gates, the registers and a plurality of variables. Further, the present method includes a step 512 of determining if the computed fitness value is not equal to B/2, the present method checks if the fitness value lies between a predefined range and then performs mutation in operators. If the fitness value does not lie in the predefined range, then the method reinitiates the overall operation. In an embodiment, the present method utilizes a hamming distance of output string to compute a distance between at least two strings of equal length.

(103) Thus the present system provides an efficient, simpler and more elegant true random system that produces the symmetric balanced output that fulfills the properties such as balancedness, resiliency, non-linearity, propagation, and immunity (BaReNPI). Further, the present system and method output a combined function comprises logic gates to help the hash algorithms, stream ciphers and round function module of block ciphers to be more robust. The combined function can be used in different crypto-graphic modules. Additionally, the present invention randomly selects the Boolean functions and variable inputs for the functions. The input variables are not dependent on the output analysis except the variable length and expression length.

(104) Further, the present disclosure describes the validation of the present system performed during the experiments. Following is the table 1 to describe the significance of the statistical tests for randomness.

(105) TABLE-US-00001 Test Name Significance Monobit To check the frequency of 1 and 0 to be equal Frequency test Extended from the previous test for M bit block within a block Runs Test To check the oscillation of 1 and 0 is fast Test for longest run Longest ran of 1s in an M bit block Binary matrix rank To check for linear dependency among fixed length test substrings Spectral test To check repetitive patterns Nonoverlapping Whether a given pattern is present and its no. of template matching occurrences as expected. Test Overlapping Same as previous but overlapping is allowed in this template matching process. Test Maurers test No. of bits in between of two matched patterns Linear complexity To check the feedback of LFSR. Therefore NA in Test our case. Serial Tests For overlapping pattern frequencies. Extended from Overlapping pattern matching test. Therefore, not performed as per NIST recommendation. Approximate To compare the frequency of overlapping blocks for entropy test two consecutive lengths Cumulative Sum To check if any bitsum is too large or too small test Random Excursions No. of cycles having exactly k visits Random Excursions To detect deviations from the expected number of variant visits to various states in the random walk.

(106) To perform the tests, the hypothesis has been set up for all the tests as:

(107) H.sub.0 (null hypothesis): The outputs of BaReNPI True Random System is random.

(108) H.sub.1 (alternate hypothesis): The outputs of BaReNPI True Random System is non-random.

(109) For each of the applied tests, a decision or conclusion is taken that accepts or rejects the null hypothesis which means whether the present BaReNPI True Random System is (or is not) able to produce random values, based on the sequence that is produced. For each test, a relevant randomness statistic is chosen and used to determine the acceptance or rejection of the null hypothesis. Under an assumption of randomness, such a statistic has a distribution of possible values. A theoretical reference distribution of this statistic under the null hypothesis is determined by mathematical methods which determine a critical value. During a test, a test statistic value (p-value) is computed on the data or sequence of bits generated by the BaReNPI True Random System. This test statistic value is compared to the critical value. If the test statistic value is greater than the critical value, the null hypothesis for randomness is rejected else the null hypothesis is accepted. In practice, the reason that statistical hypothesis testing works is that the reference distribution and the critical value are dependent on and generated under a tentative assumption of randomness. If the randomness assumption is, in fact, true for the data at hand, then the resulting calculated test statistic value on the data will have a very low probability (e.g., 0.01) of exceeding the critical value. This value of 0.01 is also called the level of significance. If the p-value is greater than the level of significance, the null hypothesis can be accepted. The summarization of the p-values of the above said tests is given in Table-2.

(110) Table 2 provides statistical tests on the present BaReNPI True Random System

(111) TABLE-US-00002 Monobit Frequency test Runs Test for the longest Binary matrix test within a block test run in the block rank test Proposed 1.00  1.00  0.723  0.1933  0.5320 BARENPI Spectral test Non-overlapping Overlapping Maurer's Linear complexity TRUE template template test test RANDOM matching test matching test SYSTEM 0.300 0.300  0.280 0.777 NA Serial test Approximate Cumulative sum Random excursions Random excursions entropy test test test variant test NA 0.2770 0.433 0.777 0.777

(112) The present true random system has been applied for two algorithms: AES (block cipher) and RC4 (stream cipher) which is further described in the present disclosure,

(113) Application of the true random system for key expansion module in AES: the main objective of the adding the functionalities of BaReNPI true random system in AES is to enable the key expansion module with some randomness feature. The modified key expansion module has been shown in FIG. 6, the changes are highlighted by dash lines. FIG. 6 illustrates an exemplary view 600 of a modified key expansion for 14 round AES, in accordance with at least one embodiment. The randomness of the present BaReNPI true random system has been used in three parts. First, in the function of g; secondly, the recursive word generation from key spaces, and thirdly but most prominently, addition of RC.sub.i and BaReNPI true random system for generating the words from w.sub.0 to w.sub.7.

(114) As shown in FIG. 6, each column in the key space is considered as w.sub.i word. As the key size is 256 bits, the eight words {w.sub.0, w.sub.1, w.sub.2, w.sub.3, w.sub.4, w.sub.5, w.sub.6, w.sub.7} are in the very first step. The 8.sup.th word i.e. w.sub.7 is going through a function g. This function is also using the BaReNPI functionalities just before the output of the function. The output of g is then used to generate the other words processing through a series of the present true random system. The same process is repeated till the required number of words for the 14 rounds in AES are generated. For the decryption process, the generated words are saved and used reversely with the cipher text to get back to the plaintext.

(115) Application of the true random system for key schedule randomization in RC4: the first stage of RC4 key scheduling is modified. In this modification, the present BaReNPI true random systems are added for each byte transferred from K to T. For this, the true random system gets two inputs from two consecutive bytes of K. The bytes in K are considered to be iterative till the completion of bytes of T. For the last byte of T to be generated the last byte of K (after expanding) and the first byte of K is considered as the inputs to the random system. At this time, the key stream is stored accordingly to byte for decryption process. The modification has been summarized in following Algorithm-1. All the other modules are kept same and therefore only the modified process is shown in FIG. 7. FIG. 7 illustrates an exemplary view 700 of the proposed modification in RC4 scheme, in accordance with at least one embodiment.

(116) TABLE-US-00003 Algorithm-1 for i = 0 to 255 do if (keylen==256) then for j=0 to 255 T’[j]=k[i] else for j=0 to keylen recursively copy k[j]to T’[i] end loop end loop for i=0 to 254 do  T[i] = T’[i]   T’[i+1] //  represents BaReNPI true random system end loop T[255] = T’[255]   T’[0]

(117) While embodiments of the present disclosure have been illustrated and described, it will be clear that the disclosure is not limited to these embodiments only. Numerous modifications, changes, variations, substitutions, and equivalents will be apparent to those skilled in the art, without departing from the scope of the disclosure, as described in the claims.