Sage Journals: Discover world-class research

Abstract

A substitution box is a core component of the popular symmetric-key algorithms. However, the major problem of the conventional substitution boxes is the statistic behavior, which is employed as a fixed-size lookup table. To solve the fixed-size lookup table problem, various substitution box construction methods were proposed with key control, but it is hard to enhance all cryptographic properties, for example, linear and differential probabilities. Thus, chaos is applied for key control in designing robust substitution boxes due to unpredictable and random-like behavior. Moreover, the confusion and diffusion properties of cryptography can be achieved by chaos. This article introduces an efficient construction of a key-dependent substitution box based on the mixing property of the chaotic sine map. The substitution box so constructed has very low differential and linear approximation probabilities. The experimental results confirmed that the proposed method to construct substitution box has acceptable cryptographic properties to resist against various cryptanalysis.

Keywords

Chaos cryptography substitution box

Introduction

Cryptography is an art of converting or transforming data into unreadable or scrambled form through an encryption process, which is controlled by the secret key. It can be applied to any data^1,2 to provide data protection. Once the data are encrypted, only authorized parties should possess the secret key, to retrieve the original data. According to Lee et al.,³ cryptography and authentication are two intertwined processes, where encryption is used to validate the actual users or sources accurately by offering a reliable authentication system. A symmetric-key cryptosystem can be described in Figure 1.⁴

Figure 1.

Block diagram of symmetric-key cryptosystem.

Based on algorithm structure and design, these symmetric-key cryptographic techniques further divided into two groups: stream ciphers and block ciphers. Block cipher performs encryption transformation with specified symmetric key, on fixed-length units of bits or bytes of data (known as a block). Encryption transformation is based on block iteration for higher security. Block size plays a significant role in designing new block cipher. Larger block size means improved security, but it increases the overall algorithm complexity. Data Encryption Standards (DES), Triple-DES, International Data Encryption Algorithm (IDEA), and Advanced Encryption Standard (AES) are extensively employed symmetric-key block ciphers; some of them have become standard, for example, DES and AES.

Substitution box (S-box) is an important component in these symmetric-key block ciphers, especially since Biham and Mitsuru had discovered differential and linear cryptanalysis methods, respectively. Both linear and differential cryptanalyses are currently the most powerful cryptanalysis attacks.⁵ The application of S-box in the cryptographic algorithm leads to the achievement of Shannon’s recommended confusion and diffusion properties to strengthen against linear and differential cryptanalyses.⁶ Confusion intends to ambiguous the key and ciphertext relationship, whereas diffusion goals at reshuffling the bits in the plaintext for redundancy.⁷

Furthermore, S-box is a core component of the popular symmetric-key algorithms⁶ due to its cryptographic benefits. However, the primary problem of these S-boxes is the statistic behavior without any key control, which is employed as a fixed-size lookup table in the encryption and decryption process. Thus, to produce dynamic S-box with key control, chaotic systems were used to construct S-box instead of being fixed.⁸ Moreover, the strength of cryptographic algorithms depends on S-box against various attacks, for example, linear and differential cryptanalyses.^2,3 Thus, the construction of efficient and secure S-box is a crucial part of designing symmetric-key algorithms. This can be accomplished by satisfying important analytic measures, for example, nonlinearity (NL), balance criteria (BC), differential uniformity (DU), avalanche effect, confusion coefficient variance (CCV), algebraic degree (AD), and strict avalanche criteria.

This article presents an efficient construction of a key-dependent S-box. The design objective is to achieve higher NL in generated S-boxes and increase resistant level against cryptanalysis. The rest of this article is organized as follows: the “Related work” section discusses the related work, the “Proposed work” section presents the proposed method of constructing key-dependent S-box, the “Experiment analysis” section provides the experiment analysis and results, and the “Conclusion” section presents the conclusion.

Related work

As mentioned earlier, the major problem of the conventional S-boxes is the statistic behavior, which is employed as a fixed-size lookup table. To solve the fixed-size lookup table problem, various S-box construction methods were proposed with key control.^9–11 These techniques incorporated key control with several methods such as neural network, and evolutionary and genetic algorithms.¹² However, it is hard to enhance all cryptographic properties, for example, linear and differential probabilities. Thus, chaos is applied for key control in designing robust S-boxes,^8,12–15 due to unpredictable and random-like behavior. Moreover, the confusion and diffusion properties of cryptography can be achieved by chaos.^16,17 Moreover, the cryptographic properties such as confusion and diffusion can be achieved by chaos.^18–20

Generally, chaotic systems are employed to construct proficient cryptosystems.^21–,24 ThCChe chaotic maps are practicable for cryptography, for instance, randomness, mingling, and sensitivity;^25–27 all of these properties make chaotic maps a suitable option for achieving Shannon’s concept of good practical secrecy systems. In addition to the theoretical study of the chaos, its potential applications in cryptosystem-based S-box have also been widely explored,^23,28–31

Toward this end, chaotic dynamics was first employed in the construction of S-box by Jakimoski and Kocarev.²⁶ The presented method consisted of four steps to generate S-boxes from the logistic map. In Tang et al.’s study,³² a method based on a two-dimensional (2D) Baker map was presented to produce 8 × 8 S-boxes which had better performance and cryptographic properties compared to the study of Jakimoski and Kocarev.²⁶ However, its implementation issues were exposed by Chen et al.,³³ and then they presented the improved method by applying three-dimensional (3D) Baker map to resolve the implementation issues. Moreover, a better S-box construction method was presented in Özkaynak and Özer¹⁵ based on Lorenz system, which employs particular shifting operation, and demonstrated better performance. Meanwhile, chaotic dynamics was used in the construction of active S-boxes^12,34 to achieve higher NL in encryption process for improving confusion and diffusion properties.

Later, Belazi et al.⁸ used the Rossler system to construct S-boxes, and Hamdi et al.¹³ presented another method using the chaotic logistic map as a source of randomness for better NL and DU. Both methods^8,13 presented improved linear and differential resistance level. Recently, Ahmad et al.¹⁴ suggested a new method by chaotic map’s trajectory sampling method to improve the S-box quality.

However, these techniques still postured serious security issues, and their vulnerability can be exposed by analyzing differential approximation probability (DAP) and linear approximation probability (LAP). Experiments were conducted by comparing DAP and LAP, offered by the previous studies^8,12–15 to determine their strength against differential and linear cryptanalyses. Tables 1 and 2 show the DAP and LAP results, respectively. Results show that there is not considerable enhancement in the linear and differential probabilities. Comparatively, work in Özkaynak and Özer¹⁵ achieved the highest DAP and LAP that are 10 and 0.1289, respectively.

Table 1.

DAP results of the chaos-based S-box construction methods.

Method	DAP
Akram S-box⁸	12
Hamdi S-box¹³	12
Musheer S-box¹⁴	10
Wang S-box¹²	10
Ozkaynak S-box¹⁵	10

DAP: differential approximation probability.

Table 2.

LAP results of the chaos-based S-box construction methods.

Method	LAP
Akram S-box⁸	0.1563
Hamdi S-box¹³	0.1348
Musheer S-box¹⁴	0.1328
Wang S-box¹²	0.1328
Ozkaynak S-box¹⁵	0.1289

LAP: linear approximation probability.

However, this requires more improvement because an improved S-box (regarding the DAP and LAP) may lead to the decline of other properties, for example, NL, AD, CCV, and DU.³⁵

Proposed work

Chaotic sine map

The sine map is taking as the primary chaotic map for the construction of the proposed S-box. The chaotic sine map (CSM) is a widely known one-dimensional (1D) chaotic map. It is similar to the Lorenz system from many respects and meets many cryptographic requirements such as complex chaotic behavior, sensitivity to initial values, randomness, and unpredictability.^26,27 Equation (1) defines CSM^26,27

x_{n + 1} = F_{λ} (x_{n}) = λ \sin (π x_{n})

(1)

where $x_{n} \in (0, 1)$ , $n = 0, 1, 2, \dots$ , $λ \in (0, 1)$ is a control parameter, and $x_{0}$ is the initial value when $n = 0$ . The bifurcation and the Lyapunov exponent analyses of the CSM are provided in Figures 2 and 3, respectively. Analysis results confirm the chaotic behavior beyond $λ = 0.87$ of the CSM, where orbits ${x_{n}}_{n = 0}^{\infty}$ are uniformly distributed between 0 and 1. Based on the experiment analysis, the proposed design utilizes a CSM to construct S-box to achieve Shannon’s recommended confusion and diffusion properties.

Figure 2.

Bifurcation diagram of the CSM.

Figure 3.

Lyapunov exponent of the CSM.

The method of constructing key-dependent S-box

The proposed method of constructing a key-dependent S-box is based on the mixing property of CSM. CSM is an iterative map (start from two input parameters, $x_{0}$ and $λ$ ) to obtain $x_{n}$ values from equation (1). The obtained $x_{n}$ values are converted and are used to construct S-box by defining domain range into 255 subdomains of equal length. Moreover, the input parameters (an initial value $x_{0}$ and a control parameter $λ$ ) of the CSM are used as a secret key in the proposed method.

The flowchart of the method of constructing a key-dependent S-box is shown in Figure 4. It takes $m$ input bits and produces $n$ output bits, and generates a sequence of 256 different values between 0 and 255. The proposed method is described below.

Figure 4.

Flowchart of the chaotic S-box construction method.

Inputs and outputs

The chaotic S-box construction method based on CSM requires secret key $K$ as input, where secret key $K$ is a combination of the two input parameters of CSM, that is, initial value $x_{0}$ and control parameter $λ$ . $Sbox$ represents the output S-box.

Step 1. Select the initial input parameters $x_{0}$ and $λ$ as a secret key to iterate the CSM.

Step 2. Include zero to final stored values as it has no inverse.

Step 3. Define the output domain range of the CSM to $(0.1, 0.99)$ , since values close to zero or one could not be used to start CSM.

Step 4. Divide the domain range into 255 subdomains of equal length and sequentially label them $l_{0}, l_{1}, l_{2}, \dots, l_{254}$ .

Step 5. Iterate the CSM with the input initial value $x_{0}$ and control parameter $λ$ , and check the output to mark where obtained $x_{1}$ value falls, and corresponding subdomain value should be stored in $Sbox$ . If the output falls into an already visited subdomain, then ignore that output and keep iterating CSM.

Step 6. Stop iterating the CSM, when stored values approach to 255 of $Sbox$ .

The S-box generated using the proposed method is provided in Table 3. Finally, an experiment analysis is performed on constructed S-box and compared to recently proposed chaotic S-boxes. The analysis results are provided in the following sections.

Table 3.

The output S-box of the proposed method.

	0	1	2	3	4	5	6	7	8	9	a	b	c	d	e	f
0	63	8b	f4	c	5f	f8	39	c9	87	f7	3	45	dd	51	ec	24
1	9d	df	4a	e4	3d	d0	75	fe	0	3b	cc	81	fb	21	96	e8
2	2f	b6	b4	b8	af	c3	97	e7	32	bc	a7	d1	73	ff	38	c6
3	8e	f1	15	77	2	42	d7	61	fa	2d	b1	be	a1	da	5a	f5
4	a	59	5e	41	62	27	a4	d5	68	fd	11	6b	6	4e	30	b7
5	a2	d9	5c	f6	5	e3	3f	d3	6c	74	ca	86	3a	84	f9	c1
6	9b	d6	64	94	eb	29	a8	ce	7a	8	52	ee	20	93	23	e2
7	43	e9	b5	b3	bb	aa	cb	9c	e1	44	db	55	17	7c	d	67
8	fc	14	cf	d8	1	3e	d2	71	c7	8c	e	e0	48	47	50	a3
9	4c	e6	8d	f2	12	6f	3c	79	4d	31	b9	ad	76	cd	7d	4
a	26	60	ba	ab	c8	89	7	4f	ea	2b	ac	6e	40	13	72	78
b	49	d4	ed	1f	91	90	f0	19	9a	7f	83	65	1b	dc	95	2a
c	88	5b	b2	a9	82	58	f3	f	66	16	bd	8f	53	22	34	bf
d	9	56	70	1e	7b	37	c5	92	98	36	ae	c4	25	9f	99	e5
e	85	57	4b	28	a6	1a	6d	9e	de	33	a5	6a	10	46	8a	ef
f	1d	b	a0	54	b0	1c	80	18	7e	2e	69	c0	2c	35	c2	5d

S-box: substitution box.

Experiment analysis

Earlier studies^5,26,36 presented some significant cryptographic properties that strong S-boxes should fulfill such input/output XOR distribution and LAP. Consequently, to confirm the robustness of the proposed method, this section presents the comparative analysis of S-box generated using the proposed method and S-boxes presented in prior work. Table 3 shows the output S-box, where the initial value $x_{0} = 0.798079790040599$ and the control parameter $λ = 0.99$ were used in the S-box construction.

Keyspace analysis

Based on the control parameter analysis of CSM presented in the “Chaotic sine map” section, the S-box construction method based on CSM presented in “The method of constructing key-dependent S-box” section is therefore limited to $λ \in (0.87, 1)$ and can be used as a part of the secret key. Thus, both control parameter $λ$ and initial value $x_{0}$ are used together as a secret key to generate dynamic S-box. Furthermore, if CSM is implemented in a finite precision system, then keyspace is around 106 bits, where the size of the $λ$ and $x_{0}$ is 53 bits. Thus, the keyspace of the proposed method is good enough according to cryptographic requirements.³⁷

DAP

Biham and Shamir⁵ had discovered differential cryptanalysis by identifying imbalance XOR distributions between inputs and outputs. By this means, S-box should possess DU so that the differential inputs and outputs of S-box should map uniquely to ensure uniform mapping probability and thus possess DU. The DAP is defined by equation (2)^5,8,14

DAP (f) = \begin{matrix} \max \\ Δ x \neq 0, Δ y \end{matrix} (\frac{# {x ϵ X | S (x) \oplus S (x \oplus Δ x) = Δ y}}{2^{m}})

(2)

where $X$ is the set of all possible input values, and $2^{m}$ is the number of its elements. Table 4 shows the DAP comparison between proposed and prior published S-boxes. The maximum DAP is 12/256 in the case of the studies of Belazi et al. and Hamdi et al.^8,13 Furthermore, the input and output differential pairs occur with the maximum DAP of 10/256 in the previous studies.^12,14,15

Table 4.

DAP comparison between proposed and existing S-boxes.

Method	DAP
Akram S-box⁸	12
Hamdi S-box¹³	12
Musheer S-box¹⁴	10
Wang S-box¹²	10
Ozkaynak S-box¹⁵	10
Proposed S-box	8

DAP: differential approximation probability.

The maximum DAP of the proposed S-box is 8/256, which is a comparatively lowest maximum DAP among all prior S-boxes where maximum DAP reached 10/256 and 12/256. This proves that the proposed method to construct dynamic and key-based S-box is stronger than prior proposed methods against differential attacks. Moreover, histogram analysis is performed to confirm the DU. Figure 5 shows the histogram of differentials of the generated S-box (as given in Table 3), where the x-axis shows input differentials, the y-axis shows output differentials, and z-axis shows the frequency of the input and output differentials. The histogram analysis confirms that proposed method for constructing S-box possesses DU, where very few DAPs are 8 and rest are lesser.

Figure 5.

DAP histogram of proposed S-box.

LAP

Matsui³⁶ presented the linear cryptanalysis method by measuring LAP to investigate the probability that a value of an input bit coincides with a value of an output. The LAP is the measure of the maximum imbalance value of an event; the parity of the input bits selected by the mask $Γ x$ is equal to the parity of the output bits selected by the mask $Γ y$ . The LAP is defined by equation (3)^8,36

LAP (f) = \begin{matrix} \max \\ Γ x, Γ y \neq 0 \end{matrix} | \frac{# {x ϵ X | x \cdot Γ x = S (x) \cdot Γ y}}{2^{m}} - \frac{1}{2} |

(3)

where $Γ x$ is an input mask, $Γ y$ is an output mask, $X$ is the set of all possible inputs; and $2^{m}$ is the number of its elements. Table 5 shows the LAP comparison between proposed and prior published S-boxes. The LAP of the proposed S-box is 0.125, which is comparatively the lowest maximum LAP among all prior S-boxes. This proves that the proposed method to construct a dynamic and key-based S-box is stronger than prior proposed methods against linear cryptanalysis.

Table 5.

LAP comparison between proposed and existing S-boxes.

Method	LAP
Akram S-box⁸	0.1563
Hamdi S-box¹³	0.1348
Musheer S-box¹⁴	0.1328
Wang S-box¹²	0.1328
Ozkaynak S-box¹⁵	0.1289
Proposed S-box	0.125

LAP: linear approximation probability.

S-box analysis using the S-box Evaluation Tool

There are many S-box Evaluation Tools (SETs) available to rigorously analyze the cryptographic properties with different criteria. For example, the Boolfun package³⁸ and the Boolean Functions module in Sage³⁹ are known for cryptographic analysis but restricted to figure out difference distribution and linear approximation of an input S-box while another tool known as SET⁴⁰ can evaluate a broad set of cryptographic properties of Boolean functions and S-boxes. SET is written in ANSI C and supports arbitrary input and output sizes of the S-boxes.

This study used the SET suite to evaluate the cryptographic properties of the proposed S-box. The following sections define more precisely the cryptographic properties that can be evaluated using SET. These properties include BC, DU, NL, CCV, AD, and signal-to-noise ratio (SNR)/differential power analysis (DPA). Furthermore, this section presents the comparative analysis of S-box generated using the proposed method (as described in “The method of constructing key-dependent S-box” section) and S-boxes presented in prior work. These S-boxes are Akram_S-box,⁸ Hamdi_S-box,¹³ Musheer_S-box,¹⁴ Wang_S-box,¹² and Ozkaynak_S-box,¹⁵ and the output S-box of the proposed method is shown in Table 6.

Table 6.

SET results for comparison between proposed and existing S-boxes.

S-box	SET test
	BC	NL	AD	DU	SNR/DPA	CCV
Proposed	Passed	96	7	8	9.164	0.128
AkramS-box⁸	Passed	82	7	12	9.4	0.119
MusheerS-box¹⁴	Passed	94	7	10	9.596	0.112
HamdiS-box¹³	Passed	90	8	12	9.533	0.114
OzkaynakS-box¹⁵	Passed	94	7	10	9.071	0.132
WangS-box¹²	Passed	92	7	10	10.22	0.091

SET: S-box Evaluation Tool; BC: balance criteria; NL: nonlinearity; AD: algebraic degree; DU: differential uniformity; SNR: signal-to-noise ratio; DPA: differential power analysis; CCV: confusion coefficient variance.

BC

The BC is an important measure to confirm the cryptographic properties of the S-box. Any S-box is proved to meet BC if it has an equal number of zeroes and ones. Table 6 shows the BC results of the proposed and prior published S-boxes. Results confirm that proposed and prior S-boxes passed BC since they have equal numbers of zeroes and ones.

SNR(DPA)

DPA is a prominent cryptanalysis method that is used to attack cryptographic algorithms. DPA is of great concern due to its effectiveness to break the secret key. Kocher et al.⁴¹ presented the DPA by statistical processing, for example, differential means⁴¹ and correlation power⁴² analyses. Furthermore, Guilley et al.⁴³ presented the SNR for DPA to quantify the S-box resistance level against the DPA attack. Any S-box that produces lower SNR(DPA) value ensures better resistance power against DPA attack.⁴³ SET test results for SNR(DPA) are presented in Table 6 of the proposed and prior S-boxes. Results show that the proposed and Özkaynak and Özer¹⁵ S-boxes have the lowest SNR(DPA) values as compared to the prior S-boxes, which are 9.164 and 9.071, respectively. This confirms that proposed method to construct S-box is secure against DPA attack.

CCV

Fei and colleagues^44,45 proposed the new property that relates to the DPA resistance of S-boxes which is CCV. They presented a probabilistic model for a side-channel attack that allows the attacker to explore the cipher design.^44,45 Moreover, Heuser et al.⁴⁶ quantify the CCV value to measure side-channel resistance. They suggested that higher CCV value makes the side-channel attack difficult and confirms a higher resistance level. In this work, SET is employed to compute CCV of the proposed and prior S-boxes. Results are presented in Table 6, which confirms that the proposed and Özkaynak and Özer¹⁵ S-boxes are secure against side-channel attack as they have higher CCV values than the prior S-boxes.

NL

NL is another important measure for the design of S-box since Matsui³⁶ presented linear cryptanalysis. NL quantifies the measure of the S-box function to resist against linear cryptanalysis. It is defined as the minimum Hamming distance between the S-box function and a set of all affine functions.^9,10 NL specifies the distance to cryptographically imperfect affine functions.^8,36 Thus, it is crucial that S-box should possess high NL. Table 6 shows the NL results of proposed and prior S-boxes. The NL of the proposed S-box is 96 which is highest as compared to prior S-boxes.^8,12–15 This proves that the proposed method to construct dynamic and key-based S-box has the highest capability to resist against linear cryptanalysis.

The AD is another quantitative cryptographic property of the S-box to analyze the strength against the higher order differential and algebraic cryptanalyses.⁴⁷ Any S-box is vulnerable to cryptanalysis if it has low AD.⁴⁷ Thus, it is crucial to confirm the AD of the S-box that is chosen to be used in a cryptographic algorithm. In this work, the capability to produce AD was evaluated using the SET. Table 6 shows the AD results of the proposed and prior S-boxes. Results show that the maximum AD is 8 of Hamdi et al.¹³ and the rest have seven, which is acceptable to resist against higher order differential and algebraic cryptanalyses.

DU

DU analysis plays a significant role in the design of the new S-box. The DU quantifies the measure of the S-box function to resist against differential cryptanalysis. Hence, S-box should possess DU so that the differential inputs and outputs should map uniquely to ensure uniform mapping. Table 6 shows the DU comparison between proposed and prior proposed S-boxes. Results show that the maximum DU is 12 in the case of the studies of Belazi et al. and Hamdi et al.^8,13 Furthermore, the input and output differential pairs occur with the maximum DU of 10 in the previous studies.^12,14,15 The DU of the proposed S-box is 8 which is comparatively lowest among all prior S-boxes. SET results for DU confirm that the proposed method to construct S-box is stronger than prior proposed methods against differential attacks.

Conclusion

The application of S-box in symmetric-key block cipher leads to confusion and diffusion properties of the cryptography and strengthen against linear and differential cryptanalyses. However, the primary problem of conventional S-boxes was its statistic behavior. Thus, to produce a dynamic S-box with key control, chaotic systems were used to construct the S-box. Toward this end, an efficient method for constructing dynamic S-boxes with key control based on the mixing properties of the chaotic dynamical system was introduced. The generated S-box fulfills the security criteria. The experimental results confirmed that the maximum DAP and LAP of the constructed S-box are found lower than those investigated by the recent researchers. Most of the differentials occur with very low probability. The performance of the generated S-box was proved to be suitable as a strongly nonlinear component in the encryption process. Also, the S-Box testing criteria were conducted by the SET suite to evaluate the cryptographic properties of the proposed S-box. SET results indicated that the proposed S-box has good cryptographic properties to resist cryptanalysis.

Footnotes

Handling Editor: Aneel Rahim

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) received no financial support for the research, authorship, and/or publication of this article.

ORCID iD

Muhammad Usama

References

Varlakshmi

Sudha

Jaikishan

An efficient scalable video encryption scheme for real time applications. Procedia Eng 2012; 30: 852–860.

Gentry

Computing arbitrary functions of encrypted data. Commun ACM 2010; 53(3): 97.

Lee

Chen

Liu

HTT

, et al. A new visual cryptography with multi-level encoding. J Vis Lang Comput 2014; 25(3): 243–250.

Schneier

Applied cryptography: protocols, algorithm, and source code in C. 2nd ed, vol. 13. New York: John Wiley & Sons, 1996.

Biham

Shamir

Differential cryptanalysis of DES-like cryptosystems. J Cryptol 1991; 4(1): 3–72.

Daemen

Rijmen

The design of Rijndael. Berlin: Springer, 2002.

Shannon

CE.

Communication theory of secrecy systems. Bell Syst Tech J 1949; 28(4): 656–715.

Belazi

Rhouma

Belghith

. A novel approach to construct S-box based on Rossler system. In: Proceedings of the 2015 international wireless communications and mobile computing conference (IWCMC), Dubrovnik, Croatia, 24–28 August 2015, pp.611–615. New York: IEEE.

Clark

Jacob

Stepney

The design of S-boxes by simulated annealing. New Gener Comput 2005; 23(3): 219–231.

10.

Fuller

Millan

Dawson

Multi-objective optimisation of bijective s-boxes. New Gener Comput 2005; 23(3): 201–218.

11.

Laskari

Meletiou

Vrahatis

. Utilizing evolutionary computation methods for the design of S-boxes. In: Proceedings of the 2006 international conference on computational intelligence and security, Guangzhou, China, 3–6 November 2006, pp.1299–1302. New York: IEEE.

12.

Wang

Wong

, et al. A novel method to design S-box based on chaotic map and genetic algorithm. Phys Lett A 2012; 376(6–7): 827–833.

13.

Hamdi

Rhouma

Belghith

A very efficient pseudo-random number generator based on chaotic maps and S-box tables. Int J Comput Electr Autom 2015; 9(2): 481–485.

14.

Ahmad

Nasim

, et al. Designing chaos based strong substitution box. In: Proceedings of the 2015 eighth international conference on contemporary computing (IC3), Noida, India, 20–22 August 2015, pp.97–100. New York: IEEE.

15.

Özkaynak

Özer

AB.

A method for designing strong S-Boxes based on chaotic Lorenz system. Phys Lett A 2010; 374(36): 3733–3738.

16.

Fridrich

Symmetric ciphers based on two-dimensional chaotic maps. Int J Bifurc Chaos 1998; 8(6): 1259–1284.

17.

Kocarev

Chaos-based cryptography: a brief overview. IEEE Circuits Syst Mag 2001; 1(3): 6–21.

18.

An image encryption scheme with efficient permutation and diffusion processes. In: Zhou

Tan

(eds) Advances in computer science and education applications (Communications in Computer and Information Science), vol. 202. Berlin: Springer, 2011, pp.32–39.

19.

Wong

Kwok

BSH

Yuen

CH.

An efficient diffusion approach for chaos-based image encryption. Chaos Soliton Fractals 2009; 41(5): 2652–2663.

20.

Wong

Kwok

BSH

Law

. A fast image encryption scheme based on chaotic standard map. Phys Lett A 2008; 372(15): 2645–2652.

21.

Bin Muhaya

Usama

Khan

. Modified AES using chaotic key generator for satellite imagery encryption. In: Huang

Lee

, et al. (eds) Emerging intelligent computing technology and applications (Lecture notes in computer science), vol. 5754. Berlin: Springer, 2009, pp.1014–1024.

22.

Usama

Khan

MK.

Classical and chaotic encryption techniques for the security of satellite images. In: Proceedings of the IEEE international symposium on biometrics and security technologies, ISBAST’08, Islamabad, Pakistan, 23–24 April 2008. New York: IEEE.

23.

Usama

Khan

Alghathbar

, et al. Chaos-based secure satellite imagery cryptosystem. Comput Math Appl 2010; 60(2): 326–337.

24.

Usama

Zakaria

Chaos-based simultaneous compression and encryption for Hadoop. PLoS ONE 2017; 12(1): e0168207.

25.

Baptista

MSS

. Cryptography with chaos. Phys Lett A 1998; 240(1–2): 50–54.

26.

Jakimoski

Kocarev

Chaos and cryptography: block encryption ciphers based on chaotic maps. IEEE Trans Circuit Syst 2001; 48(2): 163–169.

27.

Usama

Zakaria

Chaos-based secure data compression (CSDC). In: Proceedings of the 2016 3rd International Conference on Computer and Information Sciences (ICCOINS), Kuala Lumpur, Malaysia, 15–17 August 2016, pp.656–659. New York: IEEE.

28.

Liu

Deng

, et al. Pseudorandom bit generator based on non-stationary logistic maps. IET Inf Secur 2016; 10(2): 87–94.

29.

Patidar

Sud

Pareek

A pseudo random bit generator based on chaotic logistic map and its statistical testing. Informatica 2009; 33: 441–452.

30.

Luca

Ilyas

Vlad

Generating random binary sequences using tent map. In: Proceedings of the ISSCS 2011—international symposium on signals, circuits and systems, Iaşi, Romania, 30 June–1 July 2011, pp.1–4. New York: IEEE.

31.

Kanso

Smaoui

Logistic chaotic maps for binary numbers generations. Chaos Soliton Fractals 2009; 40(5): 2557–2568.

32.

Tang

Liao

Chen

A novel method for designing S-boxes based on chaotic maps. Chaos Soliton Fractals 2005; 23(2): 413–419.

33.

Chen

Liao

An extended method for obtaining S-boxes based on three-dimensional chaotic Baker maps. Chaos Soliton Fractals 2007; 31(3): 571–579.

34.

Tang

Liao

A method for designing dynamical S-boxes based on discretized chaotic map. Chaos Soliton Fractals 2005; 23(5): 1901–1909.

35.

Picek

Papagiannopoulos

Ege

, et al. Confused by confusion: systematic evaluation of DPA resistance of various S-boxes. In: Meier

Mukhopadhyay

(eds) Progress in cryptology—INDOCRYPT 2014 (Lecture notes in computer science), vol. 8885. Cham: Springer, pp.374–390.

36.

Matsui

. Linear cryptanalysis method for DES cipher. In: Helleseth

(ed.) Advances in cryptology—EUROCRYPT’93 (Lecture notes in computer science), vol. 765. Berlin: Springer, pp.386–397.

37.

Alvarez

Some basic cryptographic requirements for chaos-based cryptosystems. Int J Bifurc Chaos 2006; 16(8): 2129–2151.

38.

Lafitte

Van Heule

Van Hamme

Cryptographic Boolean functions with R. R J 2011; 3(1): 44–47.

39.

Stein

Sage mathematics software, Version 4.8, 2012, http://www.sagemath.org/

40.

Picek

Batina

Jakobović

, et al. S-box, SET, match: a toolbox for S-box analysis. In: Naccache

Sauveron

(eds) Information security theory and practice: securing the internet of things (Lecture notes in computer science), vol. 8501. Berlin: Springer, 2014, pp.140–149.

41.

Kocher

Jaffe

Jun

Differential power analysis. In: Wiener

(ed.) Advances in cryptology—CRYPTO’99 (Lecture notes in computer science), vol. 1666. Berlin: Springer, 1999, pp.388–397.

42.

Brier

Clavier

Olivier

Correlation power analysis with a leakage model. In: Joye

Quisquater

(eds) Cryptographic hardware and embedded systems—CHES 2004 (Lecture notes in computer science), vol. 3156. Berlin: Springer, 2004, pp.16–29.

43.

Guilley

Hoogvorst

Pacalet

. Differential power analysis model and some results. In: Proceedings of the IFIP 18th World Computer Congress TC8/WG8.8 & TC11/WG11.2 Sixth international conference on smart card research and advanced applications (CARDIS), vol. 153, Toulouse, 22–27 August 2004 France, pp.127–142. New York: Springer.

44.

Fei

Luo

Ding

AA.

A statistical model for DPA with novel algorithmic confusion analysis. In: Prouff

Schaumont

(eds) Cryptographic Hardware and Embedded Systems—CHES 2012 (Lecture notes in computer science), vol. 7428. Berlin: Springer, 2012, pp.233–250.

45.

Fei

Ding

Lao

, et al. A statistics-based fundamental model for side-channel attack analysis. IACR Cryptol, ePrint Arch 2014; 2014: 152.

46.

Heuser

Rioul

Guilley

. A theoretical study of Kolmogorov-Smirnov distinguishers: side-channel analysis vs. differential cryptanalysis. In: Lecture notes in computer science (Including subseries: Lecture notes in artificial intelligence and lecture notes in bioinformatics), vol. 8622, 2014, pp.9–28, https://link.springer.com/chapter/10.1007/978-3-319-10175-0_2

47.

Boura

Canteaut

On the influence of the algebraic degree of F⁻¹ on the algebraic degree of G^F. IEEE Trans Inf Theory 2013; 59(1): 691–702.

	0	1	2	3	4	5	6	7	8	9	a	b	c	d	e	f
0	63	8b	f4	c	5f	f8	39	c9	87	f7	3	45	dd	51	ec	24
1	9d	df	4a	e4	3d	d0	75	fe	0	3b	cc	81	fb	21	96	e8
2	2f	b6	b4	b8	af	c3	97	e7	32	bc	a7	d1	73	ff	38	c6
3	8e	f1	15	77	2	42	d7	61	fa	2d	b1	be	a1	da	5a	f5
4	a	59	5e	41	62	27	a4	d5	68	fd	11	6b	6	4e	30	b7
5	a2	d9	5c	f6	5	e3	3f	d3	6c	74	ca	86	3a	84	f9	c1
6	9b	d6	64	94	eb	29	a8	ce	7a	8	52	ee	20	93	23	e2
7	43	e9	b5	b3	bb	aa	cb	9c	e1	44	db	55	17	7c	d	67
8	fc	14	cf	d8	1	3e	d2	71	c7	8c	e	e0	48	47	50	a3
9	4c	e6	8d	f2	12	6f	3c	79	4d	31	b9	ad	76	cd	7d	4
a	26	60	ba	ab	c8	89	7	4f	ea	2b	ac	6e	40	13	72	78
b	49	d4	ed	1f	91	90	f0	19	9a	7f	83	65	1b	dc	95	2a
c	88	5b	b2	a9	82	58	f3	f	66	16	bd	8f	53	22	34	bf
d	9	56	70	1e	7b	37	c5	92	98	36	ae	c4	25	9f	99	e5
e	85	57	4b	28	a6	1a	6d	9e	de	33	a5	6a	10	46	8a	ef
f	1d	b	a0	54	b0	1c	80	18	7e	2e	69	c0	2c	35	c2	5d

	0	1	2	3	4	5	6	7	8	9	a	b	c	d	e	f
0	63	8b	f4	c	5f	f8	39	c9	87	f7	3	45	dd	51	ec	24
1	9d	df	4a	e4	3d	d0	75	fe	0	3b	cc	81	fb	21	96	e8
2	2f	b6	b4	b8	af	c3	97	e7	32	bc	a7	d1	73	ff	38	c6
3	8e	f1	15	77	2	42	d7	61	fa	2d	b1	be	a1	da	5a	f5
4	a	59	5e	41	62	27	a4	d5	68	fd	11	6b	6	4e	30	b7
5	a2	d9	5c	f6	5	e3	3f	d3	6c	74	ca	86	3a	84	f9	c1
6	9b	d6	64	94	eb	29	a8	ce	7a	8	52	ee	20	93	23	e2
7	43	e9	b5	b3	bb	aa	cb	9c	e1	44	db	55	17	7c	d	67
8	fc	14	cf	d8	1	3e	d2	71	c7	8c	e	e0	48	47	50	a3
9	4c	e6	8d	f2	12	6f	3c	79	4d	31	b9	ad	76	cd	7d	4
a	26	60	ba	ab	c8	89	7	4f	ea	2b	ac	6e	40	13	72	78
b	49	d4	ed	1f	91	90	f0	19	9a	7f	83	65	1b	dc	95	2a
c	88	5b	b2	a9	82	58	f3	f	66	16	bd	8f	53	22	34	bf
d	9	56	70	1e	7b	37	c5	92	98	36	ae	c4	25	9f	99	e5
e	85	57	4b	28	a6	1a	6d	9e	de	33	a5	6a	10	46	8a	ef
f	1d	b	a0	54	b0	1c	80	18	7e	2e	69	c0	2c	35	c2	5d

An efficient construction of key-dependent substitution box based on chaotic sine map

Abstract

Keywords

Introduction

Related work

Proposed work

Chaotic sine map

The method of constructing key-dependent S-box

Inputs and outputs

Experiment analysis

Keyspace analysis

DAP

LAP

S-box analysis using the S-box Evaluation Tool

BC

SNR(DPA)

CCV

NL

AD

DU

Conclusion

Footnotes

Declaration of conflicting interests

Funding

ORCID iD

References

	0	1	2	3	4	5	6	7	8	9	a	b	c	d	e	f
0	63	8b	f4	c	5f	f8	39	c9	87	f7	3	45	dd	51	ec	24
1	9d	df	4a	e4	3d	d0	75	fe	0	3b	cc	81	fb	21	96	e8
2	2f	b6	b4	b8	af	c3	97	e7	32	bc	a7	d1	73	ff	38	c6
3	8e	f1	15	77	2	42	d7	61	fa	2d	b1	be	a1	da	5a	f5
4	a	59	5e	41	62	27	a4	d5	68	fd	11	6b	6	4e	30	b7
5	a2	d9	5c	f6	5	e3	3f	d3	6c	74	ca	86	3a	84	f9	c1
6	9b	d6	64	94	eb	29	a8	ce	7a	8	52	ee	20	93	23	e2
7	43	e9	b5	b3	bb	aa	cb	9c	e1	44	db	55	17	7c	d	67
8	fc	14	cf	d8	1	3e	d2	71	c7	8c	e	e0	48	47	50	a3
9	4c	e6	8d	f2	12	6f	3c	79	4d	31	b9	ad	76	cd	7d	4
a	26	60	ba	ab	c8	89	7	4f	ea	2b	ac	6e	40	13	72	78
b	49	d4	ed	1f	91	90	f0	19	9a	7f	83	65	1b	dc	95	2a
c	88	5b	b2	a9	82	58	f3	f	66	16	bd	8f	53	22	34	bf
d	9	56	70	1e	7b	37	c5	92	98	36	ae	c4	25	9f	99	e5
e	85	57	4b	28	a6	1a	6d	9e	de	33	a5	6a	10	46	8a	ef
f	1d	b	a0	54	b0	1c	80	18	7e	2e	69	c0	2c	35	c2	5d