LAO-3D: A Symmetric Lightweight Block Cipher Based on 3D Permutation for Mobile Encryption Application

Abstract

Data transmissions between smartphone users require security solutions to protect communications. Hence, encryption is an important tool that must be associated with smartphones to keep the user’s data safe. One proven solution to enhance the security of encryption algorithms is by using 3D designs on symmetric block ciphers. Although a 3D cipher design could improve the algorithms, the existing methods enlarge the block sizes that will also expand the key sizes and encryption rounds, thus decreasing their efficiency. Therefore, we propose the LAO-3D block cipher using a 3D permutation that offers security by providing confusion and diffusion characteristics. Five security analyses were conducted to assess the strengths of LAO-3D. The findings suggest that LAO-3D achieves better results compared to other existing lightweight block ciphers, with 98.2% non-linearity, 50% bit error rates for both plaintext and key modifications, surpasses 100% of the randomness test, and is immune to differential and linear cryptanalysis attacks. Moreover, the block cipher obtains competitive performance results in software applications. From the security analyses and performance tests, it is proven that LAO-3D can provide sufficient security at low costs in mobile encryption applications.

1. Introduction

Cyber security awareness has positively impacted the development of security products on the market. Most people have smartphones to communicate with, browse the Internet, read e-mails, and perform their jobs. According to predictions, the number of mobile users worldwide will likely increase to 7.26 billion by the end of 2022 [1]. Regarding the potential for cyberattacks, almost everyone in the world needs security protection [2]. Information security is crucial due to the interception and modification of data, which can lead to loss of availability, integrity, confidentiality, as well as other losses, such as loss of life, money, and assets [3]. Therefore, encryption is an important tool in security products that must be associated with the smartphone to keep the user’s data safe.

Most mobile encryption applications available on the market rely on conventional standard encryption algorithms, such as the AES block cipher, which has been widely implemented in various industries for more than a decade due to its security strengths [4]. Since then, numerous block cipher algorithms have been developed, using AES as the design foundation and the security benchmark. Performance evaluations of encryption algorithms in mobile devices have been conducted by comparing cryptographic algorithms, such as AES, DES, TEA, RSA, and REA [5]. The experimentation results revealed that AES recorded the fastest execution speed for the encryption process. However, a conventional algorithm, such as AES, requires huge memory and high power consumption, which is not practical to be implemented in the software encryption application [6]. Therefore, there is an important need for a lightweight algorithm design that uses simple cryptographic operations to provide sufficient security to the devices while emphasizing efficiency.

Over the years, a range of lightweight algorithms have been proposed in the literature that include BRIGHT [7], CRAFT [8], ACT [9], LRBC [10], LWE [11], PriPresent [12], T-TWINE [13], LBC-IoT [14], and improved SM4 [15]. Although lightweight algorithm research has been intensively explored using multiple techniques that aim for better efficiency, their security features cannot be ignored [16]. An algorithm should offer confusion and diffusion characteristics to provide sufficient security [17]. Confusion obscures the relationship between the plaintext and ciphertext with the substitution method, while diffusion spreads the plaintext statistics through the ciphertext using the permutation method.

One solution to enhance the confusion and diffusion characteristics of a cryptographic algorithm is by implementing the three-dimensional (3D) design on the block cipher. The 3D design invention was introduced by Nakahara [18], who adopted the model on the AES algorithm. It has been experimentally demonstrated that the deployment of the 3D cipher design can strengthen the security of the AES with provided confusion and diffusion to the algorithm. An alternative 3D design approach has similarly been suggested by Suri and Deora [19] using a 3D rotation block cipher that produced random outputs. Later on, Ariffin et al. [20] constructed a 3D−AES using an immune-inspired approach that passed all statistical tests. In another work, Mala [21] improved the encryption acceleration of the 3D block cipher using a unified byte permutation. Next, Wang and Jin [22] developed a non-alternate 3D model that was immune to differential and linear attacks. In 2019, Mushtaq et al. [23] employed 3D hybrid cubes that did not correlate the input and output. Recently, Zakaria et al. [24] increased the security strength of the RECTANGLE cipher with a 3D bit rotation function.

While the security strength of the block cipher could be improved by adopting the 3D design, there is an issue that needs to be resolved for the method to be applicable. The 3D design forces the algorithm to increase the block size and enlarge the key bits, thus decreasing its efficiency. An algorithm with large blocks and key sizes is not the best option for mobile encryption applications. Due to the above justifications, we propose a new algorithm called LAO-3D, which was developed using an enhanced 3D cipher design to balance its efficiency and security strength. Three contributions can be highlighted in this research. Firstly, the proposed algorithm does not require increasing the block and key sizes of the cipher, which solved the scalability issue highlighted in the previous 3D algorithms. Secondly, the new algorithm provides a better bit permutation for the algorithm. Thirdly, the analyses conducted on the algorithm prove its security strength and performance, which meets the criteria of a lightweight algorithm that require sufficient security strength and is efficient for mobile encryption application.

The research presented in this paper is divided into five major sections. Section 1 introduces the scope of this research. Section 2 specifies the 3D cipher design architecture. Section 3 details the proposed LAO-3D block cipher. Section 4 performs the security analysis, performance test, and implementation of the proposed algorithm in a mobile encryption application. Section 5 concludes the overall research work.

2. 3D Cipher Design Architecture

This section highlights the foundation of the 3D cipher that has been adopted since 2008. The 3D design has the potential to be implemented in various block ciphers. It has been shown that the 3D cipher can boost the randomness, confusion, and diffusion characteristics, enhance the non-correlation between the input and output data, and increase the security strength against cryptanalysis attacks of block ciphers [18,19,20,21,22,23,24].

2.1. 3-Dimensional Cipher

A cube is a three-dimensional (3D) plaintext bit array on a block cipher. Figure 1 displays a cube that contains three independent vectors involving n-bits length (x-axis), n-bits width (y-axis), and n-bits depth (z-axis), in which the block length is divisible by $n^2$. The cube is made of n-Slices, which represent a portion of a plaintext array containing $n^2$ bits of data.

A 3D cipher is composed of four plaintext Slices that are constructed by arranging input bits into quadruple 4 by 4 matrices. Let $W=\{(w_{63},\cdots ,w_0)$: $w_{j-1}\in W$ for $j=(64,\cdots ,1)\}$ demonstrate the plaintext. The initial 16 bits ($w_{15},\cdots ,w_0$) are located in $Slic{e}_0$ and the following 16 bits ($w_{31},\cdots ,w_{16}$) are assigned as $Slic{e}_1$. The subsequent 16 cipher State bits are ordered as $Slic{e}_2$ ($w_{47},\cdots ,w_{32}$) and $Slic{e}_3$ ($w_{63},\cdots ,w_{48}$) as presented in Figure 2.

2.2. 3DBitRotation Function

The 3DBitRotation function is proposed to strengthen the security of the block cipher by improving its confusion and diffusion characteristics. This function performs bit permutation on the quadruple 4 by 4 cipher State. The block cipher requires four Slices of 16 plaintext bits. Figure 3 displays the rotation formation of the 3DBitRotation function that follows a particular clockwise direction. $Slic{e}_0$ remains unchanged; meanwhile, $Slic{e}_1$, $Slic{e}_2$, and $Slic{e}_3$ undergo ${90}^{\circ }$, ${180}^{\circ }$, and ${270}^{\circ }$ rotations, correspondingly.

Compared with the standard rotation method, there is a notable improvement in the 3DBitRotation function because it permutes the cipher bits in various orientations rather than in a one-way direction. The function offers better confusion and diffusion properties to the block cipher. Therefore, the 3DBitRotation function is used as the basic construction of the proposed block cipher to provide a better solution than the previous works.

3. Proposed LAO-3D Block Cipher

In this section, the primary contribution of our work is highlighted. We propose a lightweight algorithm designed using 3D cryptography, called the 3D light algorithm operation or LAO-3D. The core objective of LAO-3D development is to present a lightweight algorithm with sufficient security strength that can be used in mobile encryption applications. The step-by-step structure of the proposed algorithm will be discussed in the following sections.

3.1. Algorithm Specification

LAO-3D is a 20-round symmetric lightweight block cipher with a 64-bit block and a 128-bit key length. The block cipher realizes the substitution–permutation network (SPN) structure. SPN is chosen over the Feistel network because its execution time is shorter, the energy consumption is lower, and it has fewer round functions.

Each round of LAO-3D contains three main characteristics. First, the linear layer ensures multiple diffusion rounds. Second, the non-linear layer has parallel applications of S-boxes with sufficient confusion characteristics. Third, the key addition layer applies the XOR operation on the RoundKey and the cipher State.

Different transformations on the cipher State are represented as four rows of rectangular bit arrays. Meanwhile, the total number of cipher State columns is computed by dividing the block size (64 bits) by the number of rows. Identically, the secret key is depicted as four rows of rectangular arrays. The total number of secret key columns is equal to the key size (128 bits) divided by four rows. These representations of the cipher State and the key are shown in Figure 4.

3.2. Encryption Algorithm

The round transformation of the proposed LAO-3D block cipher consists of three different functions as shown in Algorithm 1.

Algorithm 1 Pseudocode of the LAO-3D block cipher (encryption).

1: $RoundKeysGeneration\left(Key\right)$ 2: $AddRoundKey(State,RoundKe{y}_0)$ 3: for$i=1$to 20 do 4:    $SubColumn\left(State\right)$ 5:    $Double3DRotation(State,RoundKe{y}_i)$ 6: end for

In this notation, all three functions that include the AddRoundKey, SubColumn, and Double3DRotation are operated on arrays where the inputs are the cipher State and RoundKey. The overall encryption and decryption processes of the LAO-3D algorithm are displayed in Figure 5.

For the decryption process, the functions are to be operated on in reverse order with 20 rounds of the Double3DRotation and SubColumn functions followed by AddRoundKey. Similarly, all RoundKeys are applied in reverse order in the course of the decryption. Algorithm 2 displays all functional transformations of the algorithm.

Algorithm 2 Pseudocode of the LAO-3D block cipher (decryption).

1: $RoundKeysGeneration\left(Key\right)$ 2: for$i=1$to 20 do 3:    $Double3DRotatio{n}^{-1}(State,RoundKe{y}_{21-i})$ 4:    $SubColum{n}^{-1}\left(State\right)$ 5: end for 6:    $AddRoundKey(State,RoundKe{y}_0)$

3.2.1. AddRoundKey

In the AddRoundKey function, the cipher State $A=\{(a_{3,15},\cdots ,a_{3,0}),(a_{2,15},\cdots ,a_{2,0}),(a_1,$

${}_{15},\cdots ,a_{1,0}),(a_{0,15},\cdots ,a_{0,0})$: $a_{i,j}\in A$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ applied a bitwise XOR with the RoundKey $K=\{(k_{3,15},\cdots ,k_{3,0}),(k_{2,15},\cdots ,k_{2,0}),(k_{1,15},\cdots ,k_{1,0}),(k_{0,15},\cdots ,k_{0,0})$: $k_{i,j}\in K$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ to produce the cipher State $B=\{(b_{3,15},\cdots ,b_{3,0}),(b_{2,15},\cdots ,b_{2,0}),(b_{1,15},\cdots ,b_{1,0}),(b_{0,15},\cdots ,b_{0,0})$: $b_{i,j}\in B$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ as derived in Equation (1). The 64 bits RoundKey are generated using the key schedule algorithm.

$$\begin{array}{cccc}& & \hfill B& \hfill =A\oplus K\hfill \end{array}$$

(1)

3.2.2. Sub-Column

SubColumn is a non-linear bit substitution that runs independently on every column of the State. This function implements the PRESENT S-box that applies the 4-by-4-bit substitution operation as shown in

Table 1. S-box.

x	0	1	2	3	4	5	6	7	8	9	A	B	C	D	E	F
S(x)	5	E	F	8	C	1	2	D	B	4	6	3	0	7	9	A

[25]. The S-box is chosen because of its competitive cryptographic characteristics and small hardware footprint.

The input for the S-box used in the SubColumn function is represented by $Co{l}_j=\{(b_{3,j},\cdots ,b_{0,j})$: $b_{i,j}\in Co{l}_j$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ and the output is $S\left(Co{l}_j\right)$, which can be represented by $\{(c_{3,j},\cdots ,c_{0,j})$: $c_{i,j}\in S\left(Co{l}_j\right)$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ as depicted in Figure 6.

3.2.3. Double3DRotation

The Double3DRotation is constructed by combining three functions that include the 3DBitRotation_X-axis, AddRoundKey, and 3DBitRotation_Z-axis to provide better permutation to the proposed block cipher.

• 3DBitRotation_X-axis: A specific rotation formation that follows a clockwise direction at the X-axis. The cipher State of every Slice before and after executing the 3DBitRotation_X-axis function is shown in Figure 7. Values of the 3DBitRotation_X-axis function can be presented in the form of a permutation table as shown in

  Table 2. 3DBitRotation Permutation Table (X-axis).

  Permutation Table (X-axis Rotation)
  0	1	2	3	4	5	6	7
  8	9	10	11	12	13	14	15
  28	24	20	16	29	25	21	17
  30	26	22	18	31	27	23	19
  47	46	45	44	43	42	41	40
  39	38	37	36	35	34	33	32
  51	55	59	63	50	54	58	62
  49	53	57	61	48	52	56	60

  .
  The input for the 3DBitRotation_X-axis is the output of the SubColumn function defined as $C=\{(c_{3,15},\cdots ,c_{3,0}),(c_{2,15},\cdots ,c_{2,0}),(c_{1,15},\cdots ,c_{1,0}),(c_{0,15},\cdots ,c_{0,0})$: $c_{i,j}\in C$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ is permutated using the permutation table and produced output $D=\{(d_{3,15},\cdots ,d_{3,0}),(d_{2,15},\cdots ,d_{2,0}),(d_{1,15},\cdots ,d_{1,0}),(d_{0,15},\cdots ,d_{0,0})$: $d_{i,j}\in D$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ as defined in the following equation.

  $$\begin{array}{cccc}& & \hfill D& \hfill =P\left(C\right)\hfill \end{array}$$

  (2)
• AddRoundKey: In this operation, the output from the 3DBitRotation_X-axis function $D=\{(d_{3,15},\cdots ,d_{3,0}),(d_{2,15},\cdots ,d_{2,0}),(d_{1,15},\cdots ,d_{1,0}),(d_{0,15},\cdots ,d_{0,0})$: $d_{i,j}\in D$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ is XOR with the RoundKey $K=\{(k_{3,15},\cdots ,k_{3,0}),(k_{2,15},$
  $\cdots ,k_{2,0}),(k_{1,15},\cdots ,k_{1,0}),(k_{0,15},\cdots ,k_{0,0})$: $k_{i,j}\in K$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$. The result from the operation, cipher State $E=\{(e_{3,15},\cdots ,e_{3,0}),(e_{2,15},\cdots ,e_{2,0}),(e_{1,15},\cdots ,e_{1,0}),$
  $(e_{0,15},\cdots ,e_{0,0})$: $e_{i,j}\in E$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ is obtained from the following equation.

  $$\begin{array}{cccc}& & \hfill E& \hfill =D\oplus K\hfill \end{array}$$

  (3)
• 3DBitRotation_Z-axis: A specific rotation formation that follows a clockwise direction at the Z-axis. The position of each cipher Slice before and after executing the 3DBitRotation_Z-axis function is displayed in Figure 8. Permutation values of the function are shown in

  Table 3. The 3D Bit Rotation Permutation Table (Z-axis).

  Permutation Table (Z-axis Rotation)
  0	13	62	51	4	29	58	35
  8	45	54	19	12	61	50	3
  16	9	46	55	20	25	42	39
  24	41	38	23	28	57	34	7
  32	5	30	59	36	21	26	43
  40	37	22	27	44	53	18	11
  48	1	14	63	52	17	10	47
  56	33	6	31	60	49	2	15

  .
  The 3DBitRotation_Z-axis permutes the output of the AddRoundKey function defined as $E=\{(e_{3,15},\cdots ,e_{3,0}),(e_{2,15},\cdots ,e_{2,0}),(e_{1,15},\cdots ,e_{1,0}),(e_{0,15},\cdots ,e_{0,0})$: $e_{i,j}\in E$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$ using the permutation table. Equation (4) derived the results from the operation defined as $F=\{(f_{3,15},\cdots ,f_{3,0}),(f_{2,15},\cdots ,f_{2,0}),(f_{1,15},\cdots ,f_{1,0}),$
  $(f_{0,15},\cdots ,f_{0,0})$: $f_{i,j}\in F$ for $i=(3,\cdots ,0)$ and $j=(15,\cdots ,0)\}$.

  $$\begin{array}{cccc}& & \hfill F& \hfill =P\left(E\right)\hfill \end{array}$$

  (4)

3.3. Key Schedule Algorithm

The RoundKeys are derived using the key scheduling algorithm from a secret key. Overall, the total number of RoundKeys bits is equal to the round number plus one and multiplied by the block length. For an algorithm with a 64-bit block and 20 rounds, 1344 RoundKey bits are required. The RoundKeyExtraction process selected 64 bits RoundKey from the revised key after operating the NonceXOR, KeySubColumn, and RowTransformation functions, as shown in Figure 9.

3.3.1. NonceXOR

In the initial stage of the key scheduling algorithm, the secret key $S=\{(s_{127},\cdots ,s_0)$: $s_{j-1}\in S$ for $j=(128,\cdots ,1)\}$ is XOR with a Nonce $N=\{(n_{127},\cdots ,n_0)$: $n_{j-1}\in N$ for $j=(128,\cdots ,1)\}$ to obtain the key state $V=\{(v_{127},\cdots ,v_0)$: $v_{j-1}\in V$ for $j=(128,\cdots ,1)\}$ as defined in Equation (5). The Nonce are random 128 bits of data that are stored in the algorithm.

$$\begin{array}{cccc}& & \hfill V& \hfill =S\oplus N\hfill \end{array}$$

(5)

The introduction of the Nonce in the algorithm can improve the confusion of RoundKey generation. Additionally, the Nonce could remove the correlation between the secret key and the generated RoundKeys. By implementing different Nonce, a secret key will not be able to generate the same set of RoundKeys, which provide extra security to the users.

3.3.2. RoundKeyExtraction

LAO-3D cipher utilizes a 128-bit key that generates a set of 21 RoundKeys, including an initial RoundKey. The key schedule algorithm requires extracting 64 bits from the key state. Let $V=\{(v_0,\cdots ,v_{127})$: $v_{j-1}\in V$ for $j=(1,\cdots ,128)\}$, defining the key state. Every 32 bits are arranged in reverse order to obtain the RowKey as displayed in Figure 10.

In order to generate 64 bits of the $i^{th}$ round key $K_i$ for $i=(0,\cdots ,20)$, 16 rightmost columns of $RowKe{y}_3$, $RowKe{y}_2$, $RowKe{y}_1$, and $RowKe{y}_0$ are appended, as shown in Figure 11. During the encryption and decryption processes, these round keys will be used in the AddRoundKey function.

3.3.3. KeySubColumn

Upon completion of the RoundKeyExtraction function, the KeySubColumn will be used to modify the RoundKey value in each round. The S-box is used to reconstruct four uppermost rows and eight rightmost columns of the key state, i.e., $(k_{3,j}^{\prime },\cdots ,k_{0,j}^{\prime })=S(k_{3,j},\cdots ,k_{0,j})$ for $j=(7,\cdots ,0)$ as depicted in Figure 12.

3.3.4. RowTransformation

The new key state, known as the updated round key produced from the KeySubColumn output, is rearranged into RowKeys representation and revised using the following RowTransformation, as displayed in Figure 13.

• $RowKe{y}_0^{{}^{\prime }}=(RowKe{y}_0<<<8)\oplus RowKe{y}_1$
• $RowKe{y}_1^{{}^{\prime }}=RowKe{y}_2$
• $RowKe{y}_2^{{}^{\prime }}=(RowKe{y}_2<<<16)\oplus RowKe{y}_3$
• $RowKe{y}_3^{{}^{\prime }}=RowKe{y}_0$

Figure 13. RowTransformation Function.

Figure 13. RowTransformation Function.

3.4. Test Vectors

Test vectors specify the output of a cryptographic algorithm from a given input to provide a copy of the verification data for developers and executors [26]. The input and its corresponding output data of the proposed LAO-3D block cipher are presented in

Table 4. Test Vectors of the LAO-3D Block Cipher.

Key	Plaintext	Ciphertext
00000000000000000000000000000000	0000000000000000	5F07F85C4E5217E7
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF	0000000000000000	11F40B91480C2776
65CA1E79B03D8F421A4C6F392DB7508E	0000000000000000	217B3379252F9476
00000000000000000000000000000000	FFFFFFFFFFFFFFFF	14741B345A2729D2
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF	FFFFFFFFFFFFFFFF	69F746C6D6855E6C
65CA1E79B03D8F421A4C6F392DB7508E	FFFFFFFFFFFFFFFF	B3435F9A4DBB4EAA
00000000000000000000000000000000	C56B90AD3EF84712	E735E158FEA44714
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF	C56B90AD3EF84712	DA82F25137632062
65CA1E79B03D8F421A4C6F392DB7508E	C56B90AD3EF84712	4D00B854AD515FF8

.

4. Security Analysis, Performance Test, and Application

This section presents the security analyses performed in assessing the full 20 rounds of the proposed LAO-3D block cipher. The evaluation methods were implemented to distinguish the strength of the lightweight block cipher and possibly be used in various cryptographic primitives.

A decent algorithm must establish a complex relationship between the plaintext, ciphertext, and key, which is called confusion. The encryption method must also scatter the plaintext modifications over the entire ciphertext, which is called diffusion [27]. Any encryption algorithm should provide both confusion and diffusion properties to ensure information security. Confusion is obtained through substitution; meanwhile, diffusion is achieved with permutation operations. Confusion and diffusion will produce a certain randomness degree in the block cipher such that no ciphertext pattern can be recognized.

To evaluate the confusion and diffusion properties, three analyses were executed on the proposed block cipher—the correlation coefficient, bit error, and key sensitivity tests. In addition, a randomness evaluation was performed to examine the randomness characteristics of the algorithm. Finally, two cryptanalysis attacks were carried out to observe the strength of the LAO-3D block cipher.

Apart from the security analysis, a performance test was conducted to measure the speed, throughput, and required cycles per byte to execute the encryption. For benchmarking purposes, the experimental results were compared with existing lightweight block ciphers, such as GIFT, KATAN, KLEIN, LED, LRBC, PRESENT, PRINCE, PRINT, QTL, RECTANGLE, SIMECK, SPECK, and TEA. These algorithms were chosen because of their similarity in terms of block and key sizes that were no bigger than 64 bits and 128 bits, respectively, to distinguish their security strengths and performances within the same lightweight category.

In order to demonstrate the implementation of the LAO-3D lightweight block cipher, a mobile encryption application was developed to observe the functionality of the proposed algorithm. The application was built using C++ programming on Microsoft Visual Studio 2008 and Android Studio development software.

4.1. Correlation Coefficient Test

The avalanche effect examines the non-linear properties of a cipher. A non-linear transformation provides a confusion characteristic that relies on the generated output from a particular input data. The correlation coefficient, bit error, and key sensitivity experiments were carried out to monitor the avalanche effect of the block cipher. For the sample generation, a pseudorandom bit generator was used to produce the keys and plaintexts. The avalanche effect, $AE$, is defined in the following equation.

$$\begin{array}{cccc}& & \hfill AE=& \hfill \frac{1}{s}\sum _{i=1}^s\left|c_i-p_i\right|\hfill \end{array}$$

(6)

where s is the plaintext/ciphertext length, while $p_i$ and $c_i$ are the $i^{th}$ positions of the plaintext and ciphertext bits for $i=(0,\cdots ,63)$.

The correlation coefficient analyzes the non-linear relationship between plaintext and ciphertext [28]. The correlation coefficient, R, is able to discriminate the effect of confusion on the block cipher. The coefficient values range from −1 to +1, where the acceptable result ranges are shown in

Table 5. Correlation Coefficient Result Indications.

Result	Correlation Potential
$R=0$	Non-linear relationship
$0<R\le 0.3$ or $-0.3\le R<0$	Weak positive/negative linear relationship
$0.3<R<0.7$ or $-0.7<R<-0.3$	Moderate positive/negative linear relationship
$0.7\le R<1$ or $-1<R\le -0.7$	Strong positive/negative linear relationship
$R=1$ or $R=-1$	Perfect positive/negative linear relationship

.

For the expression of the correlation coefficient, R, refer to the following equation:

$$R=\frac{{\sum }_{i=1}^s(p_i-AE)(c_i-AE)}{\sqrt{{\sum }_{i=1}^s{(p_i-AE)}^2}\sqrt{{\sum }_{i=1}^s{(c_i-AE)}^2}}$$

(7)

where $AE$ represents the avalanche effect from (6), $p_i$ indicates the $i^{th}$ plaintext bit, and $c_i$ defines the $i^{th}$ ciphertext bit for $i=(0,\cdots ,63)$.

The correlation values from the analysis conducted on the plaintext and ciphertext were remarked. A total of 1000 random plaintexts and five random keys were examined on the algorithm. Figure 14 displays the scatter charts of the analysis results. The values in the charts are plotted according to the computed correlation coefficient based on the key and plaintext inputs.

A summary of the results presented in the scatter charts is shown in

Table 6. Correlation Coefficient Results.

Result	Key 1	Key 2	Key 3	Key 4	Key 5	Average
$R=0$	0	0	0	0	0	0%
$0<R\le 0.3$ and $-0.3\le R<0$	979	977	990	982	982	98.2%
$0.3<R<0.7$ and $-0.7<R<-0.3$	21	23	10	18	18	1.8%
$0.7\le R<1$ and $-1<R\le -0.7$	0	0	0	0	0	0%
$R=-1$ and $R=1$	0	0	0	0	0	0%

. According to the experimental results, the LAO-3D block cipher offers performance advantages (98.2% of the correlation coefficients, in the range $0<R\le 0.3$ and $-0.3\le R<0$), indicating a weak linear relationship. The results generated by all five keys show that the adoption of the 3D cipher design on the LAO-3D block cipher provided high correlation coefficient characteristics.

4.2. Bit Error Test

The bit error computes the differences in the ciphertext affected by the plaintext modifications. The number of changed ciphertext bits after modification of a plaintext bit is defined as the bit error. For the bit error test, the optimum result is 0.5 or 50% plaintext bit alterations [29]. The formulation of the bit error rate, $BER$, is defined in the following equation.

$$BER=\frac{\mathrm{Number}\mathrm{of}\mathrm{ciphertext}\mathrm{bit}\mathrm{difference}}{\mathrm{Total}\mathrm{number}\mathrm{of}\mathrm{ciphertext}\mathrm{bit}}$$

(8)

The purpose of the bit error test is to measure the relationship between plaintext and ciphertext. A random key and five random plaintexts were used to examine the LAO-3D block cipher. As seen in Figure 15, the experimental results are presented in the scatter charts. The data plots in each chart display the bit error values that represent the changes of ciphertext upon plaintext modifications.

An overall summarization of the bit error results presented in the scatter charts is shown in

Table 7. Bit Error Results.

Input	Average Different Bits	Average Bit Error Rate
Plaintext 1	31.703125	0.495361
Plaintext 2	32.203125	0.503174
Plaintext 3	32.046875	0.500732
Plaintext 4	32.046875	0.500732
Plaintext 5	32.156250	0.502441
Average	50.05%	50.05%

. After modifying the plaintext bits, the $BER$ of the LAO-3D block cipher is more likely to be close to 0.5. The results generated by all five plaintexts prove that the LAO-3D block cipher achieved optimum bit error test results.

By carefully examining the data, it is found that the LAO-3D block cipher obtains an average 50% bit error rate, which verifies that the ciphertext is entirely modified with a single alteration in the plaintext bit.

Table 8. Avalanche Effect on Plaintext Modifications.

Algorithm	Average Avalanche Effect
LAO-3D	50.05%
LED	52.83%
LRBC	58.00%
PRINCE	51.18%
PRINT	49.08%
QTL	52.56%
SIMECK	53.00%
TEA	49.12%

presents the comparison of the avalanche effect on the modification of the plaintext against existing block ciphers [10]. The results achieved by the proposed LAO-3D surpass the earlier works in terms of non-linearity between the plaintext and its corresponding ciphertext.

4.3. Key Sensitivity Test

The key sensitivity test examines the affected ciphertext upon key alteration [30]. An algorithm has a high-security level against the key sensitivity attack if changing a small portion of the key will cause major modifications on the ciphertext bits. During the observation of key sensitiveness, the key bit is manipulated by changing one bit from its first to the last bit position.

The bit error rate equation is applied to compute the experimental results. The result of a decent cryptographic algorithm must be close to 0.5 or 50% of the total ciphertext bit modification. In this experiment, a random plaintext and five random keys were included to examine the LAO-3D block cipher. The scatter charts of the experimental results are shown in Figure 16.

Table 9. Key Sensitivity Results.

Input	Average Different Bits	Average Bit Error Rate
Key 1	32.000122	0.500002
Key 2	32.028317	0.500442
Key 3	32.007694	0.500120
Key 4	31.948364	0.499193
Key 5	32.013795	0.500216
Average	50.00%	50.00%

summarizes the key sensitivity experimental results presented in the scatter charts. On average, the proposed LAO-3D block cipher obtained 32-bit differences with an approximate 50% bit error rate. The results suggest that LAO-3D has a non-linear relationship between the key and ciphertext that represents a high key sensitivity on the ciphertext.

Similar observations were made on the key alteration while retaining a constant plaintext performed against other algorithms [10], presented in

Table 10. Avalanche Effect on Key Modifications.

Algorithm	Average Avalanche Effect
LAO-3D	50.00%
LED	50.37%
LRBC	55.75%
PRINCE	49.06%
PRINT	46.42%
QTL	50.31%
SIMECK	51.25%
TEA	47.12%

. The 50% key sensitivity result denotes that the entire key bits have an impact on every ciphertext bit. Based on the findings, the LAO-3D block cipher showed some improvements over the existing works on the avalanche effect of the key sensitivity.

4.4. Randomness Test

The randomness of the proposed LAO-3D block cipher was tested using 15 statistical tests of the NIST Special Publication 800-22 [31]. The NIST accommodates an open-source randomness test application called NIST Statistical Suite. The randomness test application is aimed at varieties of non-random characteristics from the generated ciphertext.

Eight tests inclusive of random excursion (8 p-values), random excursion variant (18 p-values), cumulative sums (2 p-values), binary matrix rank (1 p-value), longest runs of ones (1 p-value), frequency (1 p-value), spectral DFT (1 p-value), and runs (1 p-value) are classified as the non-parameterized tests.

Seven other tests, i.e., non-overlapping (148 p-values), serial (2 p-values), linear complexity (1 p-value), maurer’s universal (1 p-value), approximate entropy (1 p-value), overlapping templates (1 p-value), and block frequency (1 p-value) are labeled as parameterized tests that require parameter inputs.

A significant level, $\alpha$, must be set within 0.1% (0.001) to 1% (0.01) before assessing the randomness test. Moreover, the sample size should at least be the inverse of the significant level ($1÷0.01=100$ samples). For the test results, the ciphertext is regarded as random if the p-value $\ge \alpha$. Conversely, if the p-value $<\alpha$, the ciphertext is determined as not random.

Equation (9) defines the proportion of test samples that will determine the randomness of an algorithm.

$$\begin{array}{cccc}& & \hfill p_{\alpha }=& \hfill (1-\alpha )-3\sqrt{\frac{\alpha (1-\alpha )}{s}}\hfill \end{array}$$

(9)

where s symbolizes the size of the test sample (1000 ciphertexts) and $\alpha$ indicates the significance level (0.01) that is used in this paper. If the total rejection exceeds the computed proportion $p_{\alpha }$, the sample is regarded as not random.

Nine data categories of block cipher were implemented to generate the keys and plaintexts. Every data category generated unique 1000 samples where each sample consisted of 2081 to 15,744 ciphertexts that equaled 133,184 to 1,007,616 bits of data with a size range of 127 to 960 MB. The block and key lengths determine the total number of blocks for each sample [32]. The blocks were derived by appending the ciphertexts to establish large bit sequences.

Table 11. Input of Data Categories.

	Data Category	Key	Plaintext	Derived Blocks	Derived Bits
1.	Strict Key Avalanche (SKA)	123 128-bit keys	One all-zero 64-bit plaintext	15,744	1,007,616
2.	Strict Plaintext Avalanche (SPA)	One all-zero 128-bit key	245 64-bit plaintexts	15,680	1,003,520
3.	Plaintext/Ciphertext Correlation (PCC)	One 128-bit key	15,625 64-bit plaintexts	15,625	1,000,000
4.	Ciphertext Block Chaining Mode (CBCM)	One 128-bit key	One all-zero 64-bit plaintext	15,625	1,000,000
5.	Random Plaintext/Random Key (RPRK)	One 128-bit key	15,625 64-bit plaintexts	15,625	1,000,000
6.	Low-Density Key (LDK)	3241 128-bit keys	8257 64-bit plaintexts	8257	528,448
7.	High-Density Key (HDK)	3241 128-bit keys	8257 64-bit plaintexts	8257	528,448
8.	Low-Density Plaintext (LDP)	2081 128-bit keys	2081 64-bit plaintexts	2081	133,184
9.	High-Density Plaintext (HDP)	2081 128-bit keys	2081 64-bit plaintexts	2081	133,184

listed each of the data categories that generate multiple lengths of derived ciphertext bits based on the input data. All 15 statistical tests can be applied to evaluate CBC, PCC, RPRK, SPA, and SKA data categories [33]. Due to insufficient data lengths, only 11 tests could be used to examine HDK and LDK, and 10 tests for HDP and LDP.

The experimental results demonstrate that the LAO-3D block cipher passed all data categories and statistical tests as shown in

Table 12. Randomness Analysis Results (CBC, PCC, RPRK, SKA, and SPA).

		Data Category
	Statistical Test	CBC	PCC	RPRK	SKA	SPA
		Range of Acceptable Rejection: [0, 20]
1.	Runs	992/1000	987/1000	990/1000	990/1000	988/1000
2.	Frequency	989/1000	992/1000	993/1000	984/1000	989/1000
3.	Spectral DFT	991/1000	996/1000	988/1000	990/1000	985/1000
4.	Block Frequency	986/1000	986/1000	993/1000	994/1000	996/1000
5.	Binary Matrix Rank	987/1000	985/1000	992/1000	995/1000	989/1000
6.	Approximate Entropy	994/1000	995/1000	989/1000	988/1000	988/1000
7.	Longest Runs of Ones	989/1000	991/1000	994/1000	997/1000	985/1000
8.	Serial	992/1000	992/1000	990/1000	991/1000	990/1000
9.	Cumulative Sums	991/1000	992/1000	989/1000	989/1000	991/1000
10.	Non-Overlapping Templates	990/1000	990/1000	990/1000	990/1000	990/1000
11.	Maurer’s Universal	992/1000	989/1000	988/1000	983/1000	986/1000
12.	Linear Complexity	986/1000	986/1000	992/1000	989/1000	991/1000
13.	Overlapping Template	983/1000	987/1000	992/1000	995/1000	987/1000
		Range of Acceptable Rejection: [0, 14]
14.	Random Excursion	577/584	609/617	590/595	613/622	627/633
15.	Random Excursion Variant	578/584	611/617	590/595	616/622	627/633

and

Table 13. Randomness Analysis Results (LDK, HDK, LDP, and HDP).

		Data Category
	Statistical Test	LDK	HDK	LDP	HDP
		Range of Acceptable Rejection: [0, 20]
1.	Runs	990/1000	986/1000	992/1000	992/1000
2.	Frequency	987/1000	988/1000	992/1000	991/1000
3.	Spectral DFT	988/1000	984/1000	986/1000	984/1000
4.	Block Frequency	994/1000	991/1000	986/1000	990/1000
5.	Binary Matrix Rank	990/1000	989/1000	993/1000	990/1000
6.	Approximate Entropy	987/1000	992/1000	987/1000	989/1000
7.	Longest Runs of Ones	995/1000	989/1000	987/1000	989/1000
8.	Serial	992/1000	989/1000	986/1000	991/1000
9.	Cumulative Sums	985/1000	987/1000	993/1000	986/1000
10.	Non-Overlapping Templates	990/1000	990/1000	990/1000	989/1000
11.	Maurer’s Universal	989/1000	992/1000	*	*
12.	Linear Complexity	*	*	*	*
13.	Overlapping Templates	*	*	*	*
		Range of Acceptable Rejection: Not Available
14.	Random Excursion	*	*	*	*
15.	Random Excursion Variant	*	*	*	*

* no effective trail from the encryption round onward.

. In addition, the p-values produced by the block cipher from the NIST Statistical Suite are uniformly distributed since the values are larger than 0.0001, as shown in

Table 14. The p-values of the Uniformity Test (CBC, PCC, RPRK, SKA, and SPA).

		Data Category
	Statistical Test	CBC	PCC	RPRK	SKA	SPA
1.	Runs	0.870856	0.691081	0.061260	0.069430	0.402962
2.	Frequency	0.336111	0.530120	0.626709	0.641284	0.731886
3.	Spectral DFT	0.771469	0.765632	0.651693	0.225998	0.277082
4.	Block Frequency	0.092041	0.711601	0.116746	0.552383	0.719747
5.	Binary Matrix Rank	0.377007	0.122325	0.682823	0.944274	0.264901
6.	Approximate Entropy	0.431754	0.331408	0.881662	0.128874	0.739918
7.	Longest Runs of Ones	0.070737	0.302657	0.591409	0.771469	0.334538
8.	Serial	0.366038	0.391685	0.089581	0.624739	0.560316
9.	Cumulative Sums	0.741256	0.712763	0.082836	0.687575	0.379922
10.	Non-Overlapping Templates	0.540168	0.477106	0.538421	0.501121	0.500920
11.	Maurer’s Universal	0.814724	0.164425	0.245490	0.277082	0.689019
12.	Linear Complexity	0.120207	0.471146	0.668321	0.298282	0.463512
13.	Overlapping Templates	0.102526	0.199045	0.554420	0.743915	0.228367
14.	Random Excursion	0.533205	0.399313	0.592636	0.556975	0.585012
15.	Random Excursion Variant	0.474550	0.414868	0.472390	0.577133	0.547103

and

Table 15. The p-values of the Uniformity Test (LDK, HDK, LDP, and HDP).

		Data Category
	Statistical Test	LDK	HDK	LDP	HDP
1.	Runs	0.291091	0.177628	0.239266	0.496351
2.	Frequency	0.114712	0.566688	0.773405	0.639202
3.	Spectral DFT	0.274341	0.914025	0.684890	0.943242
4.	Block Frequency	0.500279	0.769527	0.361938	0.118812
5.	Binary Matrix Rank	0.370262	0.711601	0.001953	0.118120
6.	Approximate Entropy	0.889118	0.316052	0.072066	0.009535
7.	Longest Runs of Ones	0.757790	0.301194	0.749884	0.821937
8.	Serial	0.226422	0.576050	0.262395	0.804706
9.	Cumulative Sums	0.141130	0.181735	0.660295	0.418857
10.	Non-Overlapping Templates	0.503304	0.539874	0.425798	0.418952
11.	Maurer’s Universal	0.570792	0.471146	*	*
12.	Linear Complexity	*	*	*	*
13.	Overlapping Templates	*	*	*	*
14.	Random Excursion	*	*	*	*
15.	Random Excursion Variant	*	*	*	*

* no test executed due to insufficient data length.

. The 100% passing rate achieved in the randomness and uniformity test results verified the randomness characteristics of the cipher output. Combinations of substitution and permutation components in LAO-3D have optimized the confusion and diffusion properties of the algorithm that contribute to the randomization of the ciphertext.

4.5. Differential and Linear Cryptanalysis

A cryptanalysis attack is an experimental method used to distinguish a cryptosystem from a random function [34]. To ensure that the confidentiality of the proposed LAO-3D output is robust, it is necessary to examine the security strength of the algorithm against a variety of attack types. Differential cryptanalysis (DC) and linear cryptanalysis (LC) are methods used to attack cryptographic algorithms, thereby, it is important to consider a secure cipher to withstand these attacks.

To apply differential cryptanalysis on an n-bit block cipher, a predictable difference has to be propagated in all (except for a few) rounds with probabilities greater than $2^{1-n}$. For the LAO-3D block cipher to be immune to differential cryptanalysis, there should be no difference propagation with a probability higher than $2^{-63}$.

Table 16. Differential Trails with Optimal Probability.

Round	Input Difference of S-box	Output Difference of S-box	Probability	Probability of Differential Trails
1	0000000000000001	0000000000000003	$2^{-2}$	$2^{-2}$
2	0000000000000088	0000000000000039	$2^{-6}$	$2^{-8}$
3	000000004000C008	0000000050005003	$2^{-7}$	$2^{-15}$
4	0001200000090088	0003500000040099	$2^{-12}$	$2^{-27}$
5	500080820000E008	1000303500002009	$2^{-17}$	$2^{-44}$
6	0000890100229108	0000340300334303	$2^{-20}$	$2^{-64}$

represents the differential trails with the optimal probability for six rounds of LAO-3D that are depicted in Figure 17.

The highest probability of difference propagation found in the sixth round is $2^{-64}$, which is lower than $2^{-63}$. Differential cryptanalysis results of lightweight block ciphers are shown in

Table 17. Probabilities of Differential Trails (DC) and Correlation Potentials of Linear Trails (LC).

	Algorithm
	LAO-3D		GIFT		PRESENT		RECTANGLE
	Attack
Round	DC	LC	DC	LC	DC	LC	DC	LC
1	$2^{-2}$	$2^{-2}$	$2^{-6}$	$2^{-1}$	$2^{-2}$	$2^{-1}$	$2^{-2}$	$2^{-1}$
2	$2^{-8}$	$2^{-8}$	$2^{-10}$	$2^{-2}$	$2^{-4}$	$2^{-2}$	$2^{-4}$	$2^{-2}$
3	$2^{-15}$	$2^{-14}$	$2^{-16}$	$2^{-3}$	$2^{-8}$	$2^{-4}$	$2^{-7}$	$2^{-4}$
4	$2^{-27}$	$2^{-20}$	$2^{-20}$	$2^{-5}$	$2^{-12}$	$2^{-6}$	$2^{-10}$	$2^{-6}$
5	$2^{-44}$	$2^{-26}$	$2^{-26}$	$2^{-7}$	$2^{-20}$	$2^{-8}$	$2^{-14}$	$2^{-8}$
6	* $2^{-64}$	$2^{-32}$	$2^{-30}$	$2^{-10}$	$2^{-24}$	$2^{-10}$	$2^{-18}$	$2^{-10}$
7		* $2^{-38}$	$2^{-36}$	$2^{-13}$	$2^{-28}$	$2^{-12}$	$2^{-25}$	$2^{-13}$
8			$2^{-40}$	$2^{-16}$	$2^{-32}$	$2^{-14}$	$2^{-31}$	$2^{-16}$
9			$2^{-46}$	$2^{-20}$	$2^{-36}$	$2^{-16}$	$2^{-36}$	$2^{-19}$
10			$2^{-50}$	$2^{-25}$	$2^{-41}$	$2^{-18}$	$2^{-41}$	$2^{-22}$
11			$2^{-56}$	$2^{-29}$	$2^{-46}$	$2^{-20}$	$2^{-46}$	$2^{-25}$
12			$2^{-60}$	$2^{-31}$	$2^{-52}$	$2^{-22}$	$2^{-51}$	$2^{-28}$
13			* $2^{-64}$	* $2^{-34}$	$2^{-56}$	$2^{-24}$	$2^{-56}$	$2^{-31}$
14					$2^{-62}$	$2^{-26}$	$2^{-61}$	* $2^{-34}$
15					* $2^{-66}$	$2^{-28}$	* $2^{-66}$
16						$2^{-30}$
17						$2^{-32}$
18						*$2^{-34}$

* No effective trail from the encryption round onward.

. An effective differential distinguisher with more than five rounds for the algorithm was impossible to be constructed; the 20-round LAO-3D is sufficient to resist differential cryptanalysis.

To apply linear cryptanalysis on an n-bit block cipher, there should be a predictable linear propagation overall but a few rounds with a significant amplitude greater than $2^{-\frac{n}{2}}$. For the LAO-3D block cipher to be immune to linear cryptanalysis, there should be no linear propagation with an amplitude greater than $2^{-32}$.

Table 18. Linear Trails with Optimal Bias.

Round	Input Mask of S-box	Output Mask of S-box	Bias	Correlation Potentials of Linear Trails
1	0000000000000001	0000000000000005	$2^{-2}$	$2^{-2}$
2	0000000000000808	0000000000000202	$2^{-6}$	$2^{-8}$
3	0200000000000080	0200000000000020	$2^{-6}$	$2^{-14}$
4	0000000040000020	0000000020000020	$2^{-6}$	$2^{-20}$
5	0000000040000400	0000000020000200	$2^{-6}$	$2^{-26}$
6	0200000000000400	0200000000000200	$2^{-6}$	$2^{-32}$
7	0200000000000020	0200000000000020	$2^{-6}$	$2^{-38}$

represents the linear trails with the optimal bias for seven rounds of LAO-3D that are depicted in Figure 18.

The highest probability of linear propagation at the seventh round is $2^{-38}$, which is lower than $2^{-32}$. Linear cryptanalysis results of block ciphers are shown in Table 17. The clustering of linear trails of LAO-3D is limited and it is impossible to construct an effective linear propagation over six rounds. Hence, the 20-round LAO-3D is sufficient to resist linear cryptanalysis.

For a comparison with other existing lightweight algorithms,

Table 19. Active S-Boxes of Differential Cryptanalysis (DC) and Linear Cryptanalysis (LC).

		Round
Algorithm	Attack	1	2	3	4	5	6	7	8	9
LAO-3D	DC	1	3	6	11	17	* 25
	LC	1	3	5	7	9	11	* 13
GIFT	DC	1	2	3	5	7	10	13	16	18
	LC	1	2	3	5	7	9	12	15	18
PRESENT	DC	1	2	4	6	10	12	14	16	18
	LC	1	2	3	4	5	6	7	8	9
RECTANGLE	DC	1	2	3	4	6	8	11	13	14
	LC	1	2	3	4	6	8	10	12	14

* no effective trail from the encryption round onward.

shows the number of active differential and linear S-boxes of seven encryption rounds. The results show that the LAO-3D block cipher has higher active S-boxes from the second round onward. Referring to Table 17 [35,36] and Table 19 [37], LAO-3D recorded the lowest allowable probabilities of differential trails ($2^{-44}$) with 17 active S-boxes at the fifth round. In addition, LAO-3D achieved the lowest allowable correlation potentials of linear trails ($2^{-32}$) at the sixth round with 11 active S-boxes. Therefore, LAO-3D has a high-security strength and is resistant to differential and linear attacks.

4.6. Performance Test

The proposed LAO-3D was implemented using C++ on an Intel(R) Core(TM) i7 2.70 GHz CPU with 8 GB RAM on Windows 10. Speed tests were conducted on the execution process of the proposed LAO-3D and compared with other existing algorithms. The speed tests were carried out on the full rounds of each encryption algorithm to observe the time required to process a ciphertext block that consisted of 64-bit data. In addition, the throughput tests evaluate the impact of cipher design such as the key size, block size, number of rounds, and encryption components on the algorithm throughput.

The performance of a cryptographic algorithm is determined by evaluating the running speed that can be measured by the average encryption time, encryption throughput, and the required number of cycles to encrypt one byte or block plaintext, which permits researchers to compare the running speeds of different algorithms working on different platforms. The encryption throughput and the number of cycles are defined in the following equations.

$$EncryptionThroughput=\frac{\mathrm{Message}\mathrm{Size}}{\mathrm{Encryption}\mathrm{Speed}}$$

(10)

$$CyclesperByte=\frac{\mathrm{CPU}\mathrm{Clock}\mathrm{Speed}}{\mathrm{Encryption}\mathrm{Throughput}}$$

(11)

Table 20. Performance Test Results.

Algorithm	LAO-3D	KATAN	KLEIN	PRESENT	SPECK
Block Size (bit)	64	64	64	64	64
Key Size (bit)	128	80	64	128	128
Round	20	254	12	31	27
Encryption Algorithm Component	1. Add Round Key 2. Sub Column 3. 3D Rotation	1. LFSR	1. Sub Nibble 2. Rotate Nibble 3. Mix Nibble	1. Add Round Key 2. Substitution 3. Permutation	1. XOR 2. Modulo Addition 3. Rotation
Encryption Speed (millisecond)	1.4569	2.5498	2.0712	5.5895	4.6377
Encryption Throughput (byte per second)	5,491.25	3,137.50	3,862.50	1,431.25	1,725.00
Encryption Throughput (block per second)	686.41	392.19	482.81	178.91	215.63
Cycles per Byte	491,691	860,558	699,029	1,886,463	1,565,217
Cycles per Block	3,933,531	6,884,462	5,592,233	15,091,703	12,521,739

shows that the LAO-3D block cipher achieved a better performance against the other competitors in terms of execution speed and throughput [38]. Factors that contribute to the results are the number of encryption rounds and the components of the algorithm. LAO-3D has low encryption rounds with optimum component operations. Substitution (SubColumn) and permutation (Double3DRotation) functions of the proposed block cipher ensure security without the need for implementing a high number of encryption rounds. These findings are supported by the security analysis results presented in previous sections. Therefore, these observations justify that the performance of the proposed algorithm is competitive and suitable to be applied in mobile encryption applications.

4.7. Mobile Encryption Application

This section presents the implementation of the LAO-3D lightweight block cipher on the mobile encryption application that was built using Android Studio (Bumblebee 2021.1.1) development software. Three steps are required to use the application—entering the encryption key, entering the message, and executing the data encryption in the mobile encryption application, as shown in Figure 19. Meanwhile, the decryption process requires entering the decryption key, entering the ciphertext, and executing the data decryption. Apart from the security analysis and performance test presented in Section 4, the development of the mobile encryption application proved the functionality of the proposed LAO-3D lightweight block cipher in a real application.

5. Conclusions

In conclusion, the proposed 3D light algorithm operation (LAO-3D) achieves confusion and diffusion characteristics with the implementation of a 3D design. Five security analyses were conducted—the correlation coefficient, bit error, key sensitivity, randomness tests, and cryptanalysis—to prove the security strength of the algorithm. From the findings of the research, the following conclusions are drawn. LAO-3D block cipher surpasses the security capabilities of existing algorithms and is immune to differential and linear attacks. The security provided by the proposed algorithm is an essential feature for mobile encryption applications. Apart from that, the performance test results justify the efficiency of LAO-3D, which has been verified with its implementation in a mobile encryption application. For future research, it is suggested to implement LAO-3D block cipher on hardware devices to observe its implementation performance.