Systematic generation of cryptographically robust S-boxes (original) (raw)
Related papers
AIP Advances, 2017
The aim of this work is to synthesize 8*8 substitution boxes (S-boxes) for block ciphers. The confusion creating potential of an S-box depends on its construction technique. In the first step, we have applied the algebraic action of the projective general linear group PGL(2,GF(2 8)) on Galois field GF(2 8). In step 2 we have used the permutations of the symmetric group S 256 to construct new kind of S-boxes. To explain the proposed extension scheme, we have given an example and constructed one new S-box. The strength of the extended S-box is computed, and an insight is given to calculate the confusion-creating potency. To analyze the security of the S-box some popular algebraic and statistical attacks are performed as well. The proposed S-box has been analyzed by bit independent criterion, linear approximation probability test, non-linearity test, strict avalanche criterion, differential approximation probability test, and majority logic criterion. A comparison of the proposed S-box with existing S-boxes shows that the analyses of the extended S-box are comparatively better.
Enhancing the security of block ciphers with the aid of parallel substitution box construction
Proceedings 22nd International Conference on Distributed Computing Systems Workshops
When considering block cipher designs, one feature that is seemingly not related to their robustness of a design is algorithmic variability, i.e. the ability to effect changes on a design that essentially leave its structure unchanged while they modify its functional characteristics. This feature, however, is related to robustness as there are situations where a specific algorithm is either suspected to be under cryptanalytic attack or it is not considered secure any more due to a discovered weakness. The easiest action would be to change the characteristics of the algorithm in a way that obscures the cryptanalytic attack or that eliminates the cipher's weaknesses. Our focus is on this kind of changes, using as a specific case the CAST-128 cipher. The changes we consider refer to the algorithm's substitution boxes and since the creation of good substitution boxes is a highly time consuming process, we also provide a parallel algorithm for completing this task fast.
An Algorithm for Key-Dependent S-Box Generation in Block Cipher System
Informatica (lithuanian Academy of Sciences), 2015
A nonlinear substitution operation of bytes is the main strength factor of the Advanced Encryption Standard (AES) and other modern cipher systems. In this paper we have presented a new simple algorithm to generate key-dependent S-boxes and inverse S-boxes for block cipher systems. The quality of this algorithm was tested by using NIST tests, and changing only one bit of the secret key to generate new key-dependent S-boxes. The fact that the S-boxes are key-dependent and unknown is the main strength of the algorithm, since the linear and differential cryptanalysis require known S-boxes. In the second section of the paper, we analyze S-boxes. In the third section we describe the key-dependent S-boxes and inverse S-boxes generation algorithm. Afterwards, we experimentally investigate the quality of the generated key-dependent S-boxes. Comparison results suggest that the key-dependent S-boxes have good performance and can be applied to AES.
On a Linear Cryptanalysis of a Family of Modified DES Ciphers with Even Weight S-Boxes
Cybernetics and Information Technologies, 2016
We investigate the effect of inserting extra linearity in the Data Encryption Standard (DES) through appropriate nonsingular linear encodings of the output of the individual S-boxes. More specifically, we examine the general situation when the output of each S-box of the DESis precoded separately intoaproperly constructed copy of the inherent even-weight code of length 4. The study is focused on finding multi-round linear characteristics for thus modified DESciphers having maximal effectiveness. Depending on the particular encodings, it turns out that the effectiveness of interest may be larger but in most cases is smaller than that one for the original DESwith the same number of rounds. The latter means that the complexity of successful linear cryptanalysis against these ciphers will mainly increase comparing to the DESitself. The present research extends inanatural way our previous work[Linear Cryptanalysis and Modified DESwith Parity Check in the S-boxes, LNCS 9540 (2016), pp. 60...
Wireless Personal Communications, 2020
Substitution box is a significant and only nonlinear constituent of block cipher. S-box plays a central role in converting the intelligible message or plain text, into an enciphered format. Construction of strong S-boxes is an important area of interest for security experts. In this work, we develop a new method to evolve S-boxes with the help of coset graph for the action of PSL(2, ℤ) on projective line over the finite field GF (2 8), a special type of bijective map g and the symmetric group S 256 The capability of the proposed S-boxes to mitigate cryptanalysis is investigated through various performance analyzing parameters. The outcomes of the comparison with the familiar S-boxes indicate that the working abilities of newly designed S-boxes are better than that of many of the well-known S-boxes.
Security Analysis Between Static and Dynamic S-Boxes in Block Ciphers
Journal of Information System and Technology Management, 2021
The development of block ciphers has resulted in a number of cryptographic algorithms such as AES, aria, blowfish256, desl, and 3d-aes. AES is one of the best cryptographic algorithms that can be used to protect electronic data. However, the principal weakness in AES is the linearity in the s-box. The objective of this research is to investigate and evaluate the existing work related to the dynamic s-box. Other than that, the aim of this research is to design a dynamic s-box using affine transformation in order to increase the security of the encryption. The method to design is using java with the NetBeans software. The proposed block cipher will be tested using NIST statistical test suite to test the randomness of the algorithm. Besides, the strength of the s-box will be analyzed using the s-box evaluation tool (set). The cryptographic strength depends strongly on the choice of s-box. Therefore, this new proposed block cipher can be used by countries, organizations, stakeholders, o...
New Directions in Cryptanalysis of Block Ciphers
Journal of Computer Science, 2009
Problem statement: The algebraic expression of the Advanced Encryption Standard (AES) RIJNDAEL S-box involved only 9 terms. The selected mapping for RIJNDAEL S-box has a simple algebraic expression. This enables algebraic manipulations which can be used to mount interpolation attack. Approach: The interpolation attack was introduced as a cryptanalytic attack against block ciphers. This attack is useful for cryptanalysis using simple algebraic functions as S-boxes. Results: In this study, we presented an improved AES S-box with good properties to improve the complexity of AES S-box algebraic expression with terms increasing to 255. Conclusion: The improved S-box is resistant against interpolation attack. We can develop the derivatives of interpolation attack using the estimations of S-box with less nonlinearity.
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
Lecture Notes in Computer Science, 2002
Several recently proposed ciphers are built with layers of small S-boxes, interconnected by linear key-dependent layers. Their security relies on the fact, that the classical methods of cryptanalysis (e.g. linear or differential attacks) are based on probabilistic characteristics, which makes their security grow exponentially with the number of rounds Nr. In this paper we study the security of such ciphers under an additional hypothesis: the S-box can be described by an overdefined system of algebraic equations (true with probability 1). We show that this hypothesis is true for both Serpent (due to a small size of S-boxes) and Rijndael (due to unexpected algebraic properties). We study general methods known for solving overdefined systems of equations, such as XL from Eurocrypt'00, and show their inefficiency. Then we introduce a new method called XSL that uses the sparsity of the equations and their specific structure. The XSL attack has a parameter P , and in theory we show that P should be a constant. The XSL attack would then be polynomial in Nr, with a huge constant that is doubleexponential in the size of the S-box. We demonstrated by computer simulations that the XSL attack works well enough on a toy cipher. It seems however that P will rather increase very slowly with Nr. More simulations are needed for bigger ciphers. Our optimistic evaluation shows that the XSL attack might be able to break Rijndael 256 bits and Serpent for key lengths 192 and 256 bits. However if only P is increased by 2 (respectively 4) the XSL attack on Rijndael (respectively Serpent) would become slower than the exhaustive search. At any rate, it seems that the security of these ciphers does not grow exponentially with the number of rounds.
Substitution Box Design Based from Symmetric Group Composition
Journal of Physics: Conference Series
This work shows a new design of substitution box (S-Box) construction for the implementation in the block cipher. The S-Box is the only component in block cipher such as advanced encryption standard (AES) that possess the nonlinearity characteristics. Hence, it is crucial to properly design so that it able resist the cipher against known attack such as linear and differential attacks. Thee construction is based on composition of permutation within the symmetric group. This paper focus on the AES S-Box class which received 8-bit input and produced 8-bit output. This bijective S-Box consist of 256 elements which later involve in the process of composition. Initially, a set of 30 S-Box with high nonlinearity is generated using 30 irreducible polynomials under the finite field (2 8). These S-Box is then undergoing two rounds of composition which finally yield about 1.62 million S-Box. More than half of the generated S-Box achieve the nonlinearity of at least 100 with the maximum recorded nonlinearity of 110. This method also guarantee that the generated S-Box is bijective. To show the security level of our construction method, a comparison to other constriction methods is conducted. The methods introduced in this paper have slightly higher nonlinearity compared to several construction with the value of differential uniformity not on the par as AES however comparable to other similar heuristic construction.
Key-Dependent S-Box Generation in AES Block Cipher System
Informatica, 2009
Advanced Encryption Standard (AES) block cipher system is widely used in cryptographic applications. A nonlinear substitution operation is the main factor of the AES cipher system strength. The purpose of the proposed approach is to generate the random S-boxes changing for every change of the secret key. The fact that the S-boxes are randomly key-dependent and unknown is the main strength of the new approach, since both linear and differential cryptanalysis require known S-boxes. In the paper, we briefly analyze the AES algorithm, substitution S-boxes, linear and differential cryptanalysis, and describe a randomly key-dependent S-box and inverse S-box generation algorithm. After that, we introduce the independency measure of the S-box elements, and experimentally investigate the quality of the generated S-boxes.