Association For Computing Machinery ACM Generic Journal Manuscript Template

1 Refinement Method Based on Simple Operations to Improve the Cryptographic
2
3
Properties of S-Boxes
4
5 JESUS AGUSTIN ABOYTES-GONZALEZ, Facultad de Ingeniería, Universidad Autónoma de San Luis Potosí,
6
México
7
8 CARLOS SOUBERVIELLE-MONTALVO∗ , Facultad de Ingeniería, Universidad Autónoma de San Luis Potosí,
9 México
10
11
OSCAR ERNESTO PEREZ-CHAM, Facultad de Ingeniería, Universidad Autónoma de San Luis Potosí, México
12 ISAAC CAMPOS-CANTÓN, Facultad de Ciencias, Universidad Autónoma de San Luis Potosí, México
13
14
MARCO TULIO RAMIREZ-TORRES, Coordinación Académica Región Altiplano Oeste, Universidad Autónoma
15 de San Luis Potosí, México
16
17 In this study, we present a refinement method based on simple operations for improving the cryptographic properties of Substitution
18 Boxes (S-Boxes). S-Boxes are a crucial component of encryption systems, as they help to apply the confusion principle to information
19 before it is encrypted, making them vital for ensuring the security of sensitive information transmitted through insecure channels. We
20
examine three simple operations such as modular addition, bitwise XOR, and a circular shift to improve the cryptographic properties
21
of S-Boxes. The proposed method is capable of generating a large number of S-Box variants without fixed points and reverse fixed
22
points. We found that some of these S-Box variants can increase nonlinearity when using modular addition or circular shift operations
23
24 and are considered more appropriate for use in cryptosystems. Our results contribute to the understanding of how S-Boxes can be
25 improved by simple operations. The general recommendation of this study is to use the proposed method with bitwise XOR operation
26 when the S-Box has high nonlinearity (more than 110) but requires removing fixed points and reverse fixed points; otherwise, first use
27 modular addition or circular shift operations to increase nonlinearity
28
29 CCS Concepts: • Security and privacy → Mathematical foundations of cryptography; Cryptanalysis and other attacks.
30
Additional Key Words and Phrases: substitution box, nonlinearity, fixed points
31
32
ACM Reference Format:
33
Jesus Agustin Aboytes-Gonzalez, Carlos Soubervielle-Montalvo, Oscar Ernesto Perez-Cham, Isaac Campos-Cantón, and Marco Tulio
34
Ramirez-Torres. 2018. Refinement Method Based on Simple Operations to Improve the Cryptographic Properties of S-Boxes. J. ACM
35
36 37, 4, Article 111 (August 2018), 16 pages. https://doi.org/XXXXXXX.XXXXXXX
37 ∗ Corresponding author.
38
39 Authors’ addresses: Jesus Agustin Aboytes-Gonzalez, Facultad de Ingeniería, Universidad Autónoma de San Luis Potosí, Dr. Manuel Nava 8, Zona
40 Universitaria Poniente, San Luis Potosí, San Luis Potosí, México; Carlos Soubervielle-Montalvo, Facultad de Ingeniería, Universidad Autónoma de San
41 Luis Potosí, Zona Universitaria, San Luis Potosí, México, carlos.soubervielle@uaslp.mx; Oscar Ernesto Perez-Cham, Facultad de Ingeniería, Universidad
42 Autónoma de San Luis Potosí, Zona Universitaria, San Luis Potosí, México; Isaac Campos-Cantón, Facultad de Ciencias, Universidad Autónoma de San
43 Luis Potosí, Zona Universitaria, San Luis Potosí, México; Marco Tulio Ramirez-Torres, Coordinación Académica Región Altiplano Oeste, Universidad
44 Autónoma de San Luis Potosí, Carretera Salinas-Santo Domingo 200, Salinas de Hidalgo, México.
45
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not
46
made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components
47
of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to
48
redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org.
49
© 2018 Association for Computing Machinery.
50 Manuscript submitted to ACM
51
52 Manuscript submitted to ACM 1
2 Aboytes-Gonzalez, et al.
53 1 INTRODUCTION
54
55
Currently, telecommunications have an important role in the the daily life of people, this importance has increased
56 considerably due to the effects of the COVID-19 pandemic. When the pandemic broke out, most daily activities turned
57 to the Internet, so information traffic multiplied in a short period of time [1, 2]. TThis renewed interest in the field of
58
information security, along with the challenges of securely sharing sensitive information to protect personal information
59
60
like banking or biomedical data, through potentially insecure channels [3, 4].
61 The encryption systems implemented by computers are based on mathematical algorithms. Currently, the techniques
62 used to model the most advanced encryption systems are based on mathematical functions with high complexity and
63
computational cost, that are difficult to process by conventional computers [5, 6]. However, a series of studies [7, 8] have
64
65
shown that the complexity of the mathematical functions used in encryption systems does not matter, since these are
66 based on operations that are applied sequentially to the information which is processed, so they can be easily broken.
67 Therefore, the solution is to apply the confusion principle [9] to the information before encryption, this is the purpose
68
of the components known as Substitution Boxes (S-Boxes) which are the most important nonlinear building blocks in
69
70
encryption systems [8].
71 S-Boxes can be classified into two categories, the first are those known as fixed S-Boxes that are represented by a table,
72 these S-Boxes are built using dynamic [10–12] or discrete [13–15] nonlinear systems. The second type of S-Boxes are
73
called dynamic S-Boxes [16–18], these are generated with each block of data they process, so they are not represented
74
75
by a fixed table. A quick comparison between dynamic and fixed S-Boxes reveals that attackers have an advantage as
76 fixed S-Boxes are known and can be attacked, while dynamic S-Boxes are not known because they are built on the fly,
77 which prevents them from being broken. A clear example is the S-Box of the AES encryption system [19], which is one
78
of the best documented S-Boxes, even with several optimizations and implementations, the fact that it is known by
79
80
attackers gives them a clear picture of its anatomy and behavior, making it susceptible to cryptanalysis attacks.
81 However, this work will focus on correcting the most common vulnerabilities of fixed S-Boxes, these vulnerabilities
82 are: fixed and reverse fixed points. Fixed points are elements that are replaced by themselves by the S-Box, while reverse
83
fixed points are elements that are replaced by their binary complement. Some of the S-Boxes that are reported with these
84
85
issues are [20–36]. Another proposal that is made in this work is to improve the security of dynamic S-Boxes [16–18]
86 using the same refinement method that are proposed to correct vulnerabilities in fixed S-Boxes. It is observed that
87 the correction of the aforementioned vulnerabilities may also improve the nonlinearity, one of the most important
88
properties of an S-Box [16]. The proposed refinement method, as well as the operations considered to correct these
89
90
vulnerabilities, are specified in Section 2.
91
92
93
1.1 State of the Art
94
95 Table 1 shows the list of S-Boxes that were selected to study the effects of our proposal to correct the vulnerabilities
96 such as fixed points and reverse fixed points.
97
The selection criteria consisted in the presence of those vulnerabilities and that they were published in recent
98
99
years. Additionally, the set of reviewed S-Boxes contains both fixed and dynamic boxes. The main goals are to fix the
100 vulnerabilities and demonstrate that the proposed method works with any S-box; to find which operations do not
101 reduce the nonlinearity; and to analize the effects on different metrics commonly used in the study of the performance
102
of S-Boxes. The nonlinearity indicator measures how many bits in the truth table of a Boolean function must be changed
103
Refinement Method Based on Simple Operations to Improve the Cryptographic Properties of S-Boxes 3
105 Table 1. This table includes the S-Boxes that are studied in this work. These are organized according to the number of fixed points
106 and inverse fixed points. Additionaly, the study considers some S-Boxes where these vulnerabilities are not present, however their
107
nonlinearity is low. The last entries are dynamic S-Boxes.
108
109
Selected S-Box Fixed Points Reverse Fixed Points Nonlinearity Fixed S-Box Dynamic S-Box
110
Nasser, et al. [20] 4 1 112 • –
Aboytes, et al. [14] 2 1 112 • –
111
Yang, et al. [31] 2 1 108 • –
112
Al Solami, et al. [32] 2 1 108 • –
113
Khan, et al. [36] 2 5 109 • –
114 Hussain, et al. [22] 1 3 112 • –
115 Liu, et al. [27] 1 2 111 • –
116 Al Shammari, et al. [21] 1 1 107 • –
117 Ozkaynak, et al. [29] 1 2 105 • –
118 Zhu, et al. [33] 1 4 105 • –
119 Wang, et al. [34] 1 3 106 • –
120
Alhadawi, et al. [30] 1 0 106 • –
Hoseini, et al. [23] 0 2 107 • –
121
Liu, et al. [24] 0 2 104 • –
122
Khan, et al. [28] 0 1 110 • –
123
Chew, et al. [25] 0 0 112 • –
124 Lu, et al. [26] 0 0 106 • –
125 Yan, et al. [35] 0 0 106 • –
126 Cassal, et al. [16] – – – – •
127 Ahmad, et al. [17] – – – – •
128 Zheng, et al. [18] – – – – •
129
130
131
to get closer to the nearest affine function, and a high value is very important to resist linear cryptanalysis attacks. The
132
detailed description for this metric is provided in Section 2.
133
134 To corroborate the hypothesis of this work, a series of S-Boxes, generated using diverse nonlinear phenomena, were
135 tested. The considered generation methods were discrete nonlinear systems [14, 23, 25, 28, 30] and dynamic nonlinear
136
systems [20–22, 24, 26, 27, 29, 31–36]. Note that Table 1 summarizes the properties of the S-Boxes that were considered,
137
column two and three show how many fixed and reverse fixed points these S-Boxes have. The nonlinearity reported in
138
139 each of the works is also included in column four. And finally, the S-Boxes are classified by their type in column five
140 and six, whether they are dynamic or fixed. Note that the columns for nonlinearity, fixed and reverse fixed points are
141
left empty when talking about dynamic S-Boxes, since they are not represented by a single table of fixed data, instead
142
they evolve every time their generator algorithm is executed.
143
144 The review of the existing literature on the subject reveals a series of works where a study is made to detect and fix
145 vulnerabilities, commonly using affine transformations [37, 38]. However, the works do not go beyond the correction
146
of their proposed S-Boxes. For instance, the work [39] proposes a method based on multiplications to eliminate the
147
vulnerabilities that are mentioned before, but they only test it with one S-Box. Regarding the works mentioned above,
148
149 it is observed that a detailed study of how the cryptographic properties of the improved S-Boxes are affected is lacking.
150 The main contribution of this study is to present a detailed study of the cryptographic properties of several S-Boxes
151
which is carried out to asses the effects on relevant metrics and to verify the advantage of the proposed correction
152
method. The results of experiments are promising as S-Boxes with several vulnerabilities and generated by different
153
154 nonlinear procedures were corrected. That allowed us to propose a general method that are helpful to eliminate
155 vulnerabilities such as fixed points or reverse fixed points; it was also discovered that some of these operations alter
157 the cryptographic properties of some S-Boxes, increasing their degree of security. This article also proposes a way to
158
ensure that dynamic S-Boxes detect and avoid those vulnerabilities. Therefore the findings of this work are useful to
159
160
design stonger encryption systems.
161 The article is organized as follows: Section 2 presents the operations used to correct S-Boxes; Section 3 shows the
162 results obtained from the cryptographic analysis carried out on each of the case studies. In Section 4 discusses the
163
results obtained by the proposals that are made and how they affect the vulnerabilities of the S-Boxes included in
164
165
this study and how they can be applied to dynamic S-Boxes. Finally, Section 5 lists the conclusions of this work and
166 discusses its scope for future work.
167
168
2 PROPOSED REFINEMENT METHOD
169
170 The encryption system proposed by [19] contains one of the most studied S-Boxes around the world, this S-Box is
171
generated from a linear transformation in 𝐺𝐹 (28 ), later a modular addition operation is performed using a variable
172
173
value, this generates a new S-Box that does not contain fixed or inverse fixed points. Furthermore, the authors consider
174 that the second S-Box has an optimal nonlinearity with a value of 112. However, when doing a detailed study of this
175 S-Box without the last step (modular addition), it is observed that it presents vulnerabilities such as 3 fixed points and 2
176
inverse fixed points, together with a lower nonlinearity of 96. This indicates that by appliying the last step the fixed and
177
178
inverse fixed points were eliminated and there was an increase in the nonlinearity. For this reason, this work makes a
179 study to verify if there are more operations besides modular addition that can eliminate vulnerabilities of the S-Boxes
180 and to verify which input variable values behave better when using such simple operations.
181
The operations that are studied in this work are the following. 1) Modular addition with a variable value after the
182
183
function that generates the S-Boxes, it could be observed in [19] that this operation gives good results. 2) Bitwise XOR
184 operation with a constan value after employing the generating function. 3) A displacement over the elements of the
185 S-Boxes (circular shift operation). Each one of the proposals is detailed below.
186
187
188 2.1 Operation 1: Modular Addition (ADD)
189
This first operation is inspired by [19] and it consists of adding a variable 𝑐 to each of the S-Box elements, this eliminates
190
191
fixed and reverse fixed points when the variable is selected properly. The variable 𝑐 can take values from 1 to 255, which
192 is range of values that can be represented with an 8-bit S-Box. Consider the generating function 𝑓 (𝑥) of the S-Box
193 proposed in [14], where 𝐾 is a matrix of dimensions 8 × 8 and 𝑥 ′ is a transposed vector of dimension 8 that represents
194
the possible values that the S-Box input takes, the division operation is performed using the multiplicative inverse in
195
196
𝐺𝐹 (28 ), this operation is defined as
197 (
198 (𝐾 × 𝑥 ′ ) −1 , 𝑖𝑓 𝑥 ≠ 0
𝑓 (𝑥) = (1)
199 0, 𝑖𝑓 𝑥 = 0
200
applying the proposed correction operation, the new function 𝑔(𝑥) is expressed as follows
201
202
203 𝑔 (𝑥) = (𝑓 (𝑥) + 𝑐) mod 256 (2)
204
Since 𝑐 has 255 possible values (excluding zero), applying this proposal generates up to 255 S-Boxes that are different
205
206
to the one proposed in [14]. Section 3 shows the results obtained by applying a cryptanalysis to each of the S-Boxes
207 obtained using this operation.
209 2.2 Operation 2: Bitwise Exclusive Logic Disjunction (XOR)

210
211
The second operation consists of doing a bitwise XOR (Exclusive Logic Disjunction) operation with the variable 𝑐
212 applied to each of the elements of the S-Box that is intended to be improved. Again, this variable can take values from 1
213 to 255. By applying this operation, up to 255 different S-Boxes can be obtained from the original. Since this operation is
214
defined as an affine transformation [37], it is not expected to have negative effects on the cryptographic properties of
215
216
the S-Box. Section 3 presents the results obtained by applying a cryptanalysis to the S-Box that are generated using this
217 operation. Equation 3 presents the new generating function 𝑔(𝑥) of the S-Box proposed in [14].
218
(
(𝐾 × 𝑥 ′ ) −1
É
219 𝑐, 𝑖𝑓 𝑥 ≠ 0
220 𝑔 (𝑥) = É (3)
0 𝑐, 𝑖𝑓 𝑥 = 0
221
222
223 2.3 Operation 3: Circular Shift (CS)
224
225
The third correction operation consists on the application of a circular shift to the right over the elements of the original
226 S-Box. To do this, the S-Box must be modeled as a ring-like arrangement. This means that when scrolling to the right,
227 the last item in the S-Box will become the first. The displacement is carried out according to the number of positions that
228
is established by means of a variable 𝑐 that can take the value between 1 and 255, just like in the other two proposals.
229
230
231 𝑔 (𝑥) = 𝑓 ((𝑥 + 𝑐) mod 256) (4)
232
Since the shift is applied directly to the S-Box elements, the generating function is not modified. The cryptanalysis
233
234
that is applied to each of the variants of the S-Box is provided in Section 3, however not all the S-Boxes obtained comply
235 with the security requirements established in this study.
236
237
238 2.4 Generation of S-Boxes
239
A total of 16,065 new S-Boxes were generated by following the procedure illustrated in Figure 1. One of the three
240
241
operations (addition, XOR, circular shift) was selected to start the experiments, then a variable 𝑐 between 1 and 255 is
242 selected, note that the variable 0 would have no effects with any operation, so it is ignored. Given the operation and
243 variable, each one of the selected S-Boxes is subjected to the transformation procedure which produces a new S-Box.
244
The new S-Box is tested for fixed points, reverse fixed points, bijectivity, along with a measurement of the nonlinearity,
245
246
this data is collected and saved for later scrutiny.
247
248
2.5 Validation
249
250 In order to select the generated S-Boxes that have better cryptographic properties, the presence of fixed points and
251
reverse fixed points, the analisys of bijectivity, and the nonlinearity was carried out (Figure 2). These metrics have
252
relevance in this study because they provide elementary and reliable information about the level of security of any
253
254 S-Box. The tests that are usually done when a new S-Box is proposed are Bit Indepence Criterion (BIC), Strict Avalanche
255 Criterion (SAC), Linear Approximation Probability (LP) and Diferential Approximation Probability (DP), however, these
256
metrics were not verified in this study, since the original authors of those S-Boxes measured and verified those metrics,
257
additionaly there is a clear dependece of said metrics and the level of nonlinearity. A detailed description of the used
258
259 metrics is provided later in this section.
261 Operation # = operation # + 1 Begin

262
263
Operation # = 1
264
265 Load S-Box
266 table No
Operation # ≤ 3 End
267
268 Apply operation Yes
269 using c
1: ADD c=1
270
271 2: XOR
272
3: CS No
c ≤ 255
273
274 Assessment of Yes
275 cryptographic
properties S-Box # = 1
276
277
278 Register data Yes No
S-Box # ≤ 21 c=c+1
279
280
281
S-Box # = S-Box # + 1
282
283 Fig. 1. Generation of new S-Boxes from original S-Boxes, illustrated in a flowchart. The procedure was used to generate 16,065 new
284
S-Boxes by applying one of three operations (modular addition, XOR, circular shift) with a selected variable 𝑐 (1-255). The new S-Boxes
were tested for fixed points, reverse fixed points, bijectivity, and nonlinearity.
285
286
287
288
Figure 2 illustrates the procedure to mine through the 16,065 new S-Boxes and select the best S-Boxes that were
289
290
generated. It was found that all the generated S-Boxes complied with bijectivity requirements, so it was not considered
291 in the filtering process. The first filter is the question “does the S-Box have fixed or reverse fixed points?”, if the S-Box
292 does have such vulnerabilities it is discarded. The second filter is the question “does the S-Box have an equal or higher
293
nonlinearity than the original?” if this is true the S-Box in question is marked as a successful correction candidate.
294
295
Below we list each of the tests that were applied in the study and provide a brief overview of each of them.
296 Bijectivity: This property is one of the most important for S-Boxes, since it allows to verify that the mapping
297 is done is one to one. In other words, each input of the S-Box corresponds to one and only one output [40]. This
298
kind of relationship between the elements of two sets is both injective and surjective, to ensure that the funcion is
299
300
reversible, for instance, in cryptography the encrypted data can be recovered. It is worth mentioning that the operations
301 employed to generate new S-Boxes have no effect on the bijectivity associated with the original S-Boxes studied in this
302 work. Thereby, the analysis of this property is not included in the flowchart of Figure 1. Section 3 presents a comment
303
regarding the assessment of this attribute for all the generated S-Boxes.
304
305
Fixed and Reverse Fixed Points: One of the main motivations of this work is the correction of this type of
306 vulnerabilities in S-Boxes. Fixed Point vulnerabilities are identified when elements of the S-Boxes are substituted by
307 themselves, it means that, the input of an S-Box is equal to its output at that point. For reverse fixed points, the S-Box
308
input is substituted by its binary complement, an example of this is that if a 0 is placed in the input, its binary version
309
310
represented with 8 bits will be 000000000 and the output of the S-Box will be 11111111 which corresponds to 255 in
311 decimal. If these points exist, they provide attackers with clues to break the intrisic security of the S-Box.
313 Begin
314
315 S-Box # = 1
316
No
317 S-Box # ≤ 16,065 End
318
Yes
319
320
Does the S-Box
321 Yes No Select S-Box
have fixed or
for further
322 reverse fixed
testing
323 points?
324
325 Does the S-Box
The operation # and No Yes
326 have an equal or
constant c are
327 higher nonlinearity
discarded
328
than the original?
329 The operation # and
330 S-Box # = S-Box # + 1 constant c are
331
successful
332
333 Fig. 2. Flowchart illustrating the process of selecting the best S-Box candidates from the 16,065 generated S-Boxes. Filters include
334
checking for fixed or reverse fixed points and ensuring equal or higher nonlinearity compared to the original S-Box. Bijectivity was
found to be present in all generated S-Boxes and was not considered in the selection process.
335
336
337
338
Nonlinearity: An important requirement for any S-Box design is nonlinearity, which ensures that the suggested
339 S-Box is not a linear function between the input and output vectors. The nonlinearity 𝑁 𝐿 represents how different the
340 affine functions 𝑙 and the Boolean function 𝑓 are from one another. High nonlinearity is defined as having the smallest
341
Hamming distance between the Boolean functions, which lowers the Walsh spectrum [16, 41], this is computed as
342
343
defined in Equation 5.
344
∑︁
345 1
(−1) 𝑓 (𝑥 ) ⊕𝑥 .𝜔

346 𝑁 𝐿 𝑓 = 2𝑛−1 − max (5)
2 𝜔𝜀𝐺𝐹 (2 )
𝑛
347 𝜔𝜀𝐺𝐹 (2𝑛 )
348 In the following section (Section 3), a detailed study is made to each of the generated S-Boxes that were obtained by
349 applying the three correction operations. Due to the large amount of information, only the results of the best S-Boxes
350
that obtained are presented. These should be free of fixed points, reverse fixed points and where the nonlinearity shows
351
352
an increase with respect to the original S-Box.
353
354 3 RESULTS
355
In the following experiments, it was observed that the bijectivity property was preserved in all cases when the proposed
356
357 correction operations were applied to the original S-Boxes. A total of 16,065 different S-Boxes were generated through
358 these operations, which required a significant amount of testing and resources. To efficiently identify vulnerabilities
359
among these S-Boxes, we focused on studying the elimination of fixed points and reverse fixed points. We also evaluated
360
the nonlinearity of the generated S-Boxes to ensure that only those with strong cryptographic properties were selected
361
362 for further study. The primary goal of this study was to verify the absence of fixed or reverse fixed points in the S-Boxes
363 tested. The S-Box from [14] was used as a reference, and a table was provided to summarize the results for each of the
365 Table 2. Statitics of the generated S-Boxes that succesfully eliminated fixed points and reverse fixed points. The percenges are
366 obtained by dividing the number of compling S-Boxes over 255 possible variable values. The S-Boxes that are counted comply with
367
bijectivity and are free of fixed and reverse fixed points but may have low nonlinearity, which is further studied in the following
Section. ADD: modular adition, XOR: bitwise exclusive logic disjuntion, CS: circular shift operation.
368
369
Count of successful generated S-Boxes
370 Original S-Box Fixed Points Reverse Fixed Points
ADD XOR CS
371
Aboytes, et al. [14] 2 1 26 (10.2%) 44 (17.3%) 25 (9.8%)
372
Nasser, et al. [20] 4 1 37 (14.5%) 30 (11.8%) 32 (12.5%)
373
Al Shammari, et al. [21] 1 1 31 (12.2%) 34 (13.3%) 30 (11.8%)
374 Hussain, et al. [22] 1 3 29 (11.4%) 35 (13.7%) 33 (12.9%)
375 Hoseini, et al. [23] 0 2 33 (12.9%) 50 (19.6%) 34 (13.3%)
376 Liu, et al. [24] 0 2 37 (14.5%) 30 (11.8%) 37 (14.5%)
377 Chew, et al. [25] 0 0 33 (12.9%) 29 (11.4%) 32 (12.5%)
378 Lu, et al. [26] 0 0 31 (12.2%) 37 (14.5%) 28 (11.0%)
379 Liu, et al. [27] 1 2 29 (11.4%) 30 (11.8%) 33 (12.9%)
380
Khan, et al. [28] 0 1 32 (12.5%) 40 (15.7%) 43 (16.9%)
Ozkaynak, et al. [29] 1 2 31 (12.2%) 40 (15.7%) 35 (13.7%)
381
Alhadawi, et al. [30] 1 0 37 (14.5%) 40 (15.7%) 45 (17.6%)
382
Yang, et al. [31] 2 1 35 (13.7%) 38 (14.9%) 32 (12.5%)
383
Al Solami, et al. [32] 2 1 36 (14.1%) 40 (15.7%) 39 (15.3%)
384 Zhu, et al. [33] 1 4 26 (10.2%) 30 (11.8%) 31 (12.2%)
385 Wang, et al. [34] 1 3 35 (13.7%) 44 (17.3%) 42 (16.5%)
386 Yan, et al. [35] 0 0 36 (14.1%) 31 (12.2%) 35 (13.7%)
387 Khan, et al. [36] 2 5 34 (13.3%) 36 (14.1%) 30 (11.8%)
388
389
390 tests. Only the results for fixed S-Boxes were described in detail, as the S-Boxes from [16–18] are dynamic and could
391 not be represented with a single fixed table. A subsection at the end of this section shows the results of these dynamic
392
S-Boxes.
393
394
395 3.1 Fixed points and Reverse Fixed Points
396
The S-Box proposed in [14] contained 2 fixed points and 1 reverse fixed point. By applying each of the proposed
397
correction operations, it was observed that these vulnerabilities were corrected satisfactorily. Several of the 255 possible
398
399 values that the variable 𝑐 could take generated new S-Boxes that did not contain fixed or reverse fixed points. However,
400 these values are different for each original S-Box and must be tested one by one.
401
The analysis of the data in Table 2 reveals that when using operation 1 (ADD, modular addition), 26 out of the
402
255 S-Boxes generated were able to correct the fixed points and reverse fixed points of the original S-Box from [14],
403
404 representing 10.2% of the total. Similarly, operations 2 (XOR, bitwise exclusive disjunction) and 3 (CS, circular shift)
405 generated 25 (9.8%) and 44 (17.3%) successful variants, respectively. The table provides the count of new S-Boxes that
406
are free of fixed points and reverse fixed points, along with the count of fixed points and reverse fixed points found
407
originally. Note that dynamic S-Boxes are not included in Table 2 because they are not represented by a fixed table.
408
409 These S-Boxes are generated anew with each data substitution and cannot be captured in a single table like the fixed
410 S-Boxes. Instead, the results of dynamic S-Boxes are discussed in a separate subsection at the end of this section.
411
Fig. 3 shows a survival curve plot [42], in which the S-Boxes are ordered based on the number of variants that can
412
be generated using the three operations with the goal of removing fixed points or reverse fixed points. This type of
413
414 plot allows us to quickly identify which S-Boxes are most likely to eliminate these vulnerabilities. Each bar in the plot
415 represent one of the S-Boxes studied in this work, and is divided into three pieces representing the number of variants
417 Count of S-Boxes that have eliminated FP and RFP from original S-Boxes
418 XOR CS ADD
419
420 Zhu, et al.
Liu, et al.
421
Chew, et al.
422 Al Shammari, et al.
423 Aboytes, et al.
Lu, et al.
424
Hussain, et al.
Original S-Box
425 Nasser, et al.

426 Khan, et al.
427 Yan, et al.
Liu, et al.
428 Yang, et al.
429 Ozkaynak, et al.
430 Al Solami, et al.
Khan, et al.
431
Hoseini, et al.
432 Wang, et al.
433 Alhadawi, et al.
434 0 10 20 30 40 50 60 70 80 90 100 110 120 130
435 Count of Generated S-Boxes
436
437
Fig. 3. Survival curve plot of S-Boxes ordered by number of variants generated using operations to eliminate fixed points and reverse
fixed points. Each bar represents a S-Box, divided into three parts representing number of variants generated by correction operations.
438
Length of bars represents total number of variants without vulnerabilities, each operation generates 34 variants without fixed or
439
reverse fixed points.
440
441
442
443 generated from the correction operations that eliminate the fixed or reverse fixed points. The length of the bars is the
444 total number of variants for each S-Box that do not contain these vulnerabilities. It can be seen that the length of the
445
bars does not vary significantly, with the S-Box from [30] (Alhadawi, et al.) having the most variants at 122, and the
446
447 S-Box from [33] (Zhu, et al.) having the least at 87. On average, each operation generates 34 possible variants without
448 fixed or reverse fixed points. In total, 2,163 variants were obtained that fix the vulnerabilities causing fixed points and
449 reverse fixed points. We can conclude that there is no case in which it is impossible to eliminate fixed points and reverse
450
fixed points using the proposed operations. The next test is nonlinearity, only S-Boxes that have passed this fisrt stage
451
452 are studied further.
453 In Fig. 4 the variants of the S-Boxes that, in addition to eliminating fixed points and reverse fixed points, also increase
454 the nonlinearity property are shown. In this graph again, each of the bars represents an S-Box and in turn consists of
455
the total of the variants generated with each of the operations proposed in this work. In this graph, there is a great
456
457 contrast since the S-Box that has the most variants that increase nonlinearity is the one reported in [33] and the S-Boxes
458 reported in [14, 20, 22, 25, 35] do not have variants that improve nonlinearity. It is observed that the section of each bar
459 representing the operation using the XOR operation does not exist, this is because this correction operation does not
460
alter Nonlinearity, so there is no improvement in this property.
461
462
463 3.2 Nonlinearity
464
The following tests were initially based on the nonlinearity values reported in the works where each S-Box was proposed.
465
466 However, to avoid inconsistencies, the nonlinearity was re-measured using the SageMath software’s specialized
467 cryptanalysis toolbox [43] before applying the correction operations proposed in this work.
469 Table 3. Nonlinearity values for the original S-Boxes and the ranges that were obtained by applying the operations. The second
470 column shows the nonlinearity reported by the authors of the S-Box, the third column shows the nonlinearity measured using
471
SageMath. Asterisks and bold are used to mark nonlinearity values that are better than those of the original S-Boxes.
472
473
Nonlinearity measurements and comparisons per original S-Box
S-Box Reported by authors SageMath [47] Operation 1 (ADD) Operation 2 (XOR) Operation 3 (CS)
474
Max Min Max Min Max Min
475
Aboytes, et al. [14] 112 112 112 92 112 112 112 92
476
Nasser, et al. [20] 112 112 100 92 112* 112 102 92
477
Al Shammari, et al. [21] 103 92 96* 90 92 92 96* 90
478 Hussain, et al. [22] 112 112 100 90 112* 112 100 88
479 Hoseini, et al. [23] 110 90 92* 76 90 90 92* 84
480 Liu, et al. [24] 106 96 96 86 96 96 98* 90
481 Chew, et al. [25] 105 112 112 92 112 112 112 88
482 Lu, et al. [26] 106 92 94* 84 92 92 96* 84
483 Liu, et al. [27] 111 94 96* 88 94 94 96* 92
484
Khan, et al. [28] 110 94 96* 86 94 94 96* 88
Ozkaynak, et al. [29] 105 94 96* 90 94 94 96* 88
485
Alhadawi, et al. [30] 106 94 96* 92 94 94 98* 90
486
Yang, et al. [31] 108 92 96* 86 92 92 96* 88
487
Al Solami, et al. [32] 108 94 96* 90 94 94 96* 90
488 Zhu, et al. [33] 104 92 96* 90 92 92 96* 86
489 Wang, et al. [34] 106 94 96* 90 94 94 96* 88
490 Yan, et al. [35] 106 96 96 88 96 96 96 96
491 Khan, et al. [36] 109 94 96* 86 94 94 98* 90
492
493
494
495
496
497
498
499
500
For example, the S-Box reported in [14] has a nonlinearity of 112, this is consistent with SageMath results. Table 3
501 shows the results obtained by this S-Box in the first row. The first column contains the reference of the S-Box that is
502 studied, the second shows the nonlinearity that is reported in the work where the S-Boxes were originally postulated.
503
The third column displays the nonlinearity value recalculated using SageMath with its dedicated S-Boxes toolbox [43].
504
505
In some cases, when recalculating the nonlinearity, the results were different to those reported by the authors. The
506 definition of nonlinearity that is used by SageMath is based on the minimum of this property in all its components [43].
507 However, some authors report the average of the nonlinearity of its components. The algorithms on which SageMath
508
is based are presented in the works [44–46]. The following columns show the maximum and minimum values of
509
510
nonlinearity, which are obtained by applying the correction operations.
511 Observing Table 3 and taking the S-Box of [14] as an example, it is concluded that the correction operation based
512 on the XOR operation allows the generation of variants that are free of fixed points and reverse fixed points without
513
altering the nonlinearity. However, we can see that if the operations based on modular addition and circular shift
514
515
operations are used, there are some variants where this property is maintained, but in other cases it is drastically
516 changed. The S-Box variants that were discarded are those that decrease nonlinearity, those are not recommended for
517 encryption, the variants that increase or maintain the nonlinearity properties are considered appropiate to be used on
518
cryptosystems and will be studied in later works.
519
521 Count of S-Boxes that have increased the nonlinearities of original S-Boxes
522 ADD CS
523
524 Liu, et al.
525 Wang, et al.
526 Khan, et al.
527 Hoseini, et al.
528 Khan, et al.
Original S-Box
529 Liu, et al.

530
Alhadawi, et al.
531
Al Solami, et al.
532
Ozkaynak, et al.
533
Lu, et al.
534
Al Shammari, et al.
535
536
Yang, et al.
537 Zhu, et al.
538 0 5 10 15 20 25 30 35
539 Count of Generated S-Boxes
540
541
Fig. 4. Variants of S-Boxes that both eliminate fixed points and reverse fixed points, and also increase nonlinearity. Each bar represents
an S-Box and is divided into parts representing the variants generated by the correction operations. The XOR operation does not
542
appear in the figure because it does not alter nonlinearity.
543
544
545
546
3.3 Dynamic S-Boxes
547 The analysis conducted on static S-Boxes was also applied to dynamic S-Boxes. These S-Boxes are generated randomly
548
with each iteration. Therefore, it was difficult to reach a definitive conclusion. To conduct the study, we used some
549
550
S-boxes generated by the dynamic S-Boxes proposed in the papers [16–18] and applied the proposed refinement
551 method. We found that several of these S-Boxes contained fixed points and reverse fixed points, and we corrected these
552 vulnerabilities in the S-Boxes. In all cases the bijectivity was maintained and in some cases the nonlinearity increased.
553
The results of applying the proposed refinement method to dynamic S-Boxes are presented in Table 4. The first block
554
555
of rows presents basic properties of the orginal S-Boxes: nonlinearity (reported and re-measured using SageMath) and
556 the count of fixed points and reverse fixed points. The second block of rows breaks down the count of S-Boxes that were
557 generated using the different correction operations and how many of them correct vulnerabilities, also it shows the
558
counts of generated S-Boxes that improve the nonlinearity. The third block of rows indicates the ranges of nonlinearity
559
560
that were observed in the pool of generated S-Boxes. Note that for Ahmad, et al. [17] and Zhu, et al. [18] it was possible
561 to increase the nonlinearity.
562
563 4 DISCUSSION
564
565 The main focus of this work was to address the issue of fixed points and reverse fixed points in Substitution Boxes
566 (S-Boxes). Despite the strong cryptographic properties of many S-Boxes proposed in the literature, they often contain
567
these vulnerabilities, making them susceptible to attacks in real-world applications. To address this problem, we
568
developed a refinement method based on simple operations to improve the cryptographic properties of S-Boxes by
569
570 eliminating fixed points and reverse fixed points. The results of our tests show that it is possible to successfully eliminate
571 these vulnerabilities in S-Boxes and, in some cases, significantly improve their nonlinearity. To validate the selection of
573 Table 4. The results of applying the proposed refinement method to dynamic S-Boxes. The nonlinearity reported by authors, fixed
574 points and reverse fixed points for each dynamic S-Box are indicated. Then, the count of S-Boxes that were generated using the
575
correction operations are presented. Finally, the ranges of nonlinearity obtained by SageMath are presented. Results indicate that it is
possible to correct fixed points or reverse fixed points in dynamic S-Boxes, with some cases also showing significant improvement in
576
nonlinearity.
577
578
Cassal, et al. [16] Ahmad, et al. [17] Zhu, et al. [18]
579
580
Reported 102 111 112
581 Nonlinearity
SageMath 96 94 95
582
583 Fixed Points 4 1 1
584 Reverse Fixed Points 1 1 3
585 Count of generated S-Boxes that
586 ADD 32 34 35
587 Are free of FP y RFP XOR 34 40 36
588
CS 30 33 27
589
ADD 13 30 13
590
Maintain NL XOR 34 40 36
591
CS 7 22 5
592
593 ADD 0 18 2
594 Improve NL XOR 0 0 0
595 CS 0 9 1
596
597 Max 96 96* 96*
Ranges of Nonlinearity (SageMath) ADD
598 Min 88 88 89
Max 96 94 95
599 XOR
Min 96 94 95
600
Max 96 94 96*
601 CS
Min 88 86 86
602
603
604
605
the generated S-Boxes, we consider the following criteria: bijectivity was evaluated in all the variants; fixed points
606
607
and reverse fixed points were searched; and nonlinearity was obtained. It was observed during initial trials that other
608 cryptographyc properties such as BIC, LP, and DP are dependant on nonlinearity and they go beyond the scope of this
609 work, so these tests were not performed on every generated S-Box to save time and resources.
610
The proposed refinement method considers simple correction operations in order to minimize the execution time
611
612
and the computational resources required to perfom their work. The first operation was a modular addition, the second
613 operation was a bitwise XOR, and the third operation was a circular shift. All these operations are always based on
614 a variable 𝑐, that can take values from 1 to 255. Our study was based on observing the behavior of 21 S-Boxes when
615
applying the the refinement method using the operations mentioned above. A total of 16,065 (21 S-Boxes × 255 𝑐 values
616
617
× 3 operations) variants were obtained, of which only 13.5% (2,163) did not contain fixed points or reverse fixed points.
618 To validate the security of generated S-Boxes that did not contain fixed points or reverse fixed points, nonlinearity
619 was measured. Furthermore, when measuring this cryptographic property, it was discovered that in some of these
620
variants, nonlinearity increased with respect to that of the original S-Box. Fig. 5 shows a plot of the generated S-Boxes
621
622
where it was verified that nonlinearity increased, this was possible for only 13 of the fixed S-Boxes and 2 dynamic
623 S-Boxes. Note that only the operations of modular addition and circular shift had effects on nonlinearity. The increment
625 of nonlinearity of the generated S-Boxes based on fixed S-Boxes was observed to remain between 2 and 4 points, while
626
the tests performed using dynamic S-Boxes showed an increment between 1 and 2 points was possible.
627
628 Maximum nonlinearity improvements that were observed
629 100
630
98 98 98
631 98
632
96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96 96
633 96
95
Maximum nonlinearity
634
94 94 94 94 94 94 94 94 94 94
635 94
636
92 92 92 92 92 92
637 92
638
90
639 90
640
641 88
642
643 86
Hoseini, et Ahmad, et Zhu, et al. Liu, et al. Khan, et al. Ozkaynak, Al Solami, Wang, et Al Lu, et al. Yang, et al. Zhu, et al. Liu, et al. Alhadawi, Khan, et al.
644 al. al. et al. et al. al. Shammari, et al.
et al.
645
Original S-Box
646
Original ADD CS
647
648
Fig. 5. Results of the variants of the S-Boxes that improve the nonlinearity property. Only 2 operations are shown, modular addition
649
and circular shift, these are the operations that improve the nonlinearity property. They are sorted by the nonlinearity that was
650
obtained in the best case. Note that circular shift is generally the best option to improve nonlinearity.
651
652
653 Table 5. List of S-Boxes that improve the nonlinearity property.
654
655 Count of S-Boxes that have enhanced the NL
656 Original S-Box ADD CS Total (Order By)
657 Zhu, et al. [33] 14 17 31
658 Yang, et al. [31] 16 14 30
659 Al Shammari, et al. [21] 16 14 30
660
Lu, et al. [26] 14 14 28
Ozkaynak, et al. [29] 3 13 16
661
Al Solami, et al. [32] 8 7 15
662
Alhadawi, et al. [30] 7 7 14
663
Liu, et al. [27] 10 2 12
664 Khan, et al. [28] 2 9 11
665 Hoseini, et al. [23] 1 9 10
666 Khan, et al. [36] 4 5 9
667 Wang, et al. [34] 1 2 3
668 Liu, et al. [24] 0 1 1
669
670 Table 5 shows details of how these operations affected nonlinearity. Note that the S-Box [33] has the most successful
671
variants, 31 of these were able to increse nonlinearity, while 5 of the studied S-Boxes [14, 20, 22, 25] did not have any
672
673
variants where this property increased. In summary, only 2,163 (13.5%) generated S-Boxes do not present fixed points or
674 reverse fixed points, and only 1,174 (7.3% of the total) meet the requirement of maintaining or increasing nonlinearity.
675 Moreover, only 240 of all the variants increased nonlinearity, which corresponds to 1.5%.
677 It was observed that the S-Boxes with a nonlinearity lower or equal to 95 allowed significant improvements using
678
the proposed refinement method, while S-Boxes with higher nonliearity did not improve, but it is worth mentioning
679
680
that a considerable amount of the generated S-Boxes eliminate fixed points and reverse fixed points. The findings
681 of this study allows to propose some recommendations to correct the cryptographic properties of S-Boxes. The first
682 recommendation is to use any opeation (ADD, XOR, or CS) to eliminate fixed points and/or reverse fixed points, all the
683
operations were found to eliminate these vulnerabilities at least in 11% of the time. However, if the S-Box has a high
684
685
nonlinearity (between 110 and 112), it is not recommended to use the addition or circular shift, as most of the variants
686 generated can decrease this property. The advise in this cases is to use the XOR operation. Conversely, for S-Boxes
687 reporting low nonlinearity (95 or lower), it is recommended to use the addition or circular shift, as these operations can
688
improve nonlinearity in some cases. The specific recommendation for dynamic S-Boxes given their behaviour is to use
689
690
the XOR operation, since this operation has no effect on the nonlinearity and can remove the fixed points and reverse
691 fixed points, it is a safer alternative with lower execution times that can be easily included on the generating procedure.
692
693
5 CONCLUSIONS
694
695 The results of this study confirm that the proposed refinement method is effective to correct S-Boxes with vulnerabilities
696 such as fixed points as well as reverse fixed points, regardless of the nature of the nonlinear phenomenon on which
697
they are based. Another thing that was observed was that all the studied S-Boxes generated around 34 variants free of
698
these vulnerabilities (13.5% of the attempts).
699
700 The study of the effects on nonlinearity of the generated S-Boxes by this method justifies the establishment of
701 criteria and recomendations to correct fixed or dynamic S-Boxes. The experiments show that 1.5% of the generated
702
S-Boxes (240/16,065) have better crytographic properties compared to the orginal proposed S-Box. In some cases the
703
nonlinearity was increased up to 4 points which is a significant improvement in this metric. It is worth mentioning that
704
705 all of the original S-Boxes (21) had at least some variants that removed the fixed points and reverse fixed points even if
706 nonlinearity was not increased (6.1%), and there were alternatives that preserved nonlinearity in all cases.
707
It is recommended to use the proposed method with bitwise XOR operation when the S-Box has high nonlinearity
708
but requires removing fixed points and reverse fixed points. If nonlinearity is low it is advisable to use modular addition
709
710 or circular shift operations to increase nonlinearity and eliminate fixed points and reverse fixed points. Additionally it is
711 recommended to use the XOR operation for dynamic S-Boxes as this operation has no negative effects on nonlinearity,
712
but is effective in eliminating fixed points and reverse fixed points. Additionally, it is a faster and more secure option
713
that can easily be incorporated into the generation process of dynamic S-Boxes.
714
715 Finally, as future work, this study can be extended by including other S-Boxes that are proposed in the state-of-the-art.
716 It is possible to explore other complex correction operations, however, the focus of this study was to use simple resource
717
efficient operations while obtaining promising results.
718
719
720
6 ACKNOWLEDGMENTS
721
This work was funded by CONACYT through the grant "Convocatoria de Ciencia Básica y/o Ciencia de Frontera 2022",
722
project ID 320036.
723
724
725 REFERENCES
726 [1] T. Li, M. Zhang, Y. Li, E. Lagerspetz, S. Tarkoma, and P. Hui, “The impact of covid-19 on smartphone usage,” IEEE Internet of Things Journal, vol. 8,
727 pp. 16723–16733, dec 2021.
729 [2] E. Koeze and N. Popper, “The virus changed the way we internet.,” 2020.
730 [3] J.-S. Fang, J. S.-H. Tsai, J.-J. Yan, L.-H. Chiang, and S.-M. Guo, “Secure data transmission and image encryption based on a digital-redesign sliding
731 mode chaos synchronization,” Mathematics, vol. 10, p. 518, feb 2022.
732 [4] A. A. K. Javan, M. Jafari, A. Shoeibi, A. Zare, M. Khodatars, N. Ghassemi, R. Alizadehsani, and J. M. Gorriz, “Medical images encryption based on
733 adaptive-robust multi-mode synchronization of chen hyper-chaotic systems,” Sensors, vol. 21, p. 3925, jun 2021.
734
[5] Y. Sheng, J. Li, X. Di, X. Li, and R. Xu, “An image encryption algorithm based on complex network scrambling and multi-directional diffusion,”
Entropy, vol. 24, p. 1247, sep 2022.
735
[6] H. Natiq, N. M. G. Al-Saidi, S. J. Obaiys, M. N. Mahdi, and A. K. Farhan, “Image encryption based on local fractional derivative complex logistic map,”
736
Symmetry, vol. 14, p. 1874, sep 2022.
737
[7] M. H. Dawson and S. E. Tavares, “An expanded set of s-box design criteria based on information theory and its relation to differential-like attacks,”
738 in Advances in Cryptology — EUROCRYPT ’91, pp. 352–367, Springer Berlin Heidelberg.
739 [8] Z. Jiang and Q. Ding, “Construction of an s-box based on chaotic and bent functions,” Symmetry, vol. 13, p. 671, apr 2021.
740 [9] C. E. Shannon, “Communication theory of secrecy systems∗,” Bell System Technical Journal, vol. 28, pp. 656–715, oct 1949.
741 [10] Z. Jiang and Q. Ding, “Construction of an s-box based on chaotic and bent functions,” Symmetry, vol. 13, p. 671, apr 2021.
742 [11] X. Liu, X. Tong, Z. Wang, and M. Zhang, “Efficient high nonlinearity s-box generating algorithm based on third-order nonlinear digital filter,” Chaos,
743 Solitons & Fractals, vol. 150, p. 111109, sep 2021.
744
[12] S. Farwa, T. Shah, and L. Idrees, “A highly nonlinear s-box based on a fractional linear transformation,” SpringerPlus, vol. 5, sep 2016.
[13] L. Mariot, S. Picek, A. Leporati, and D. Jakobovic, “Cellular automata based s-boxes,” Cryptography and Communications, vol. 11, pp. 41–62, may
745
2018.
746
[14] J. A. Aboytes-González, J. S. Murguía, M. Mejía-Carlos, H. González-Aguilar, and M. T. Ramírez-Torres, “Design of a strong s-box based on a matrix
747
approach,” Nonlinear Dynamics, vol. 94, pp. 2003–2012, jul 2018.
748 [15] D. Zhu, X. Tong, M. Zhang, and Z. Wang, “A new s-box generation method and advanced design based on combined chaotic system,” Symmetry,
749 vol. 12, p. 2087, dec 2020.
750 [16] B. B. Cassal-Quiroga and E. Campos-Cantón, “Generation of dynamical s-boxes for block ciphers via extended logistic map,” Mathematical Problems
751 in Engineering, vol. 2020, pp. 1–12, mar 2020.
752 [17] M. Ahmad and E. Al-Solami, “Evolving dynamic s-boxes using fractional-order hopfield neural network based scheme,” Entropy, vol. 22, p. 717, jun
753 2020.
754
[18] J. Zheng and Q. Zeng, “An image encryption algorithm using a dynamic s-box and chaotic maps,” Applied Intelligence, vol. 52, pp. 15703–15717, mar
2022.
755
[19] J. Daemen and V. Rijmen, “The advanced encryption standard process,” in Information Security and Cryptography, pp. 1–8, Springer Berlin Heidelberg,
756
2002.
757
[20] Y. Naseer, T. Shah, D. Shah, and S. Hussain, “A novel algorithm of constructing highly nonlinear s-p-boxes,” Cryptography, vol. 3, p. 6, jan 2019.
758 [21] B. M. Alshammari, R. Guesmi, T. Guesmi, H. Alsaif, and A. Alzamil, “Implementing a symmetric lightweight cryptosystem in highly constrained IoT
759 devices by using a chaotic s-box,” Symmetry, vol. 13, p. 129, jan 2021.
760 [22] I. Hussain, A. Anees, T. Al-Maadeed, and M. Mustafa, “Construction of s-box based on chaotic map and algebraic structures,” Symmetry, vol. 11,
761 p. 351, mar 2019.
762 [23] R. H. Sani, S. Behnia, and A. Akhshani, “Creation of s-box based on a hierarchy of julia sets: image encryption approach,” Multidimensional Systems
763 and Signal Processing, vol. 33, pp. 39–62, jun 2021.
764
[24] L. Liu, Y. Zhang, and X. Wang, “A novel method for constructing the s-box based on spatiotemporal chaotic dynamics,” Applied Sciences, vol. 8,
p. 2650, dec 2018.
765
[25] L. C. N. Chew and E. S. Ismail, “S-box construction based on linear fractional transformation and permutation function,” Symmetry, vol. 12, p. 826,
766
may 2020.
767
[26] Lu, Zhu, and Wang, “A novel s-box design algorithm based on a new compound chaotic system,” Entropy, vol. 21, p. 1004, oct 2019.
768 [27] X. Liu, X. Tong, Z. Wang, and M. Zhang, “Efficient high nonlinearity s-box generating algorithm based on third-order nonlinear digital filter,” Chaos,
769 Solitons & Fractals, vol. 150, p. 111109, sep 2021.
770 [28] M. F. Khan, K. Saleem, T. Shah, M. M. Hazzazi, I. Bahkali, and P. K. Shukla, “Block cipher’s substitution box generation based on natural randomness
771 in underwater acoustics and knight’s tour chain,” Computational Intelligence and Neuroscience, vol. 2022, pp. 1–17, may 2022.
772 [29] F. Özkaynak, “On the effect of chaotic system in performance characteristics of chaos based s-box designs,” Physica A: Statistical Mechanics and its
773 Applications, vol. 550, p. 124072, jul 2020.
774
[30] H. S. Alhadawi, M. A. Majid, D. Lambić, and M. Ahmad, “A novel method of s-box design based on discrete chaotic maps and cuckoo search
algorithm,” Multimedia Tools and Applications, vol. 80, pp. 7333–7350, oct 2020.
775
[31] C. Yang, X. Wei, and C. Wang, “S-box design based on 2d multiple collapse chaotic map and their application in image encryption,” Entropy, vol. 23,
776
p. 1312, oct 2021.
777
[32] E. A. Solami, M. Ahmad, C. Volos, M. Doja, and M. Beg, “A new hyperchaotic system-based design for efficient bijective substitution-boxes,” Entropy,
778 vol. 20, p. 525, jul 2018.
779
781 [33] C. Zhu, G. Wang, and K. Sun, “Cryptanalysis and improvement on an image encryption algorithm design using a novel chaos based s-box,” Symmetry,
782 vol. 10, p. 399, sep 2018.
783 [34] X. Wang, A. Akgul, U. Cavusoglu, V.-T. Pham, D. V. Hoang, and X. Nguyen, “A chaotic system with infinite equilibria and its s-box constructing
784 application,” Applied Sciences, vol. 8, p. 2132, nov 2018.
785 [35] W. Yan and Q. Ding, “A novel s-box dynamic design based on nonlinear-transform of 1d chaotic maps,” Electronics, vol. 10, p. 1313, may 2021.
786
[36] M. F. Khan, K. Saleem, M. M. Hazzazi, M. Alotaibi, P. K. Shukla, M. Aqeel, and S. A. Tuncer, “Human psychological disorder towards cryptography:
True random number generator from EEG of schizophrenics and its application in block encryption’s substitution box,” Computational Intelligence
787
and Neuroscience, vol. 2022, pp. 1–20, jun 2022.
788
[37] B. Rashidi, “Lightweight 8-bit s-box and combined s-box/s-box −1 for cryptographic applications,” International Journal of Circuit Theory and
789
Applications, may 2021.
790 [38] H. Liu, A. Kadir, and C. Xu, “Cryptanalysis and constructing s-box based on chaotic map and backtracking,” Applied Mathematics and Computation,
791 vol. 376, p. 125153, jul 2020.
792 [39] D. Lambić, “A new discrete-space chaotic map based on the multiplication of integer numbers and its application in s-box design,” Nonlinear
793 Dynamics, vol. 100, pp. 699–711, jan 2020.
794 [40] “Mathematical reasoning: writing and proof,” Choice Reviews Online, vol. 40, pp. 40–5255–40–5255, may 2003.
795 [41] M. Altaf, A. Ahmad, F. A. Khan, Z. Uddin, and X. Yang, “Computationally efficient selective video encryption with chaos based block cipher,”
796
Multimedia Tools and Applications, vol. 77, pp. 27981–27995, apr 2018.
[42] O. E. Perez-Cham, C. Puente, C. Soubervielle-Montalvo, G. Olague, C. A. Aguirre-Salado, and A. S. Nuñez-Varela, “Parallelization of the honeybee
797
search algorithm for object tracking,” Applied Sciences, vol. 10, p. 2122, mar 2020.
798
[43] T. S. D. Team, “S-boxes and their algebraic representations,” 2022.
799
[44] H. M. Heys, “A TUTORIAL ON LINEAR AND DIFFERENTIAL CRYPTANALYSIS,” Cryptologia, vol. 26, pp. 189–221, jul 2002.
800 [45] H. C. A. van Tilborg and S. Jajodia, eds., Encyclopedia of Cryptography and Security. Springer US, 2011.
801 [46] A. Canteaut, S. Duval, and G. Leurent, “Construction of lightweight s-boxes using feistel and MISTY structures,” in Lecture Notes in Computer
802 Science, pp. 373–393, Springer International Publishing, 2016.
803 [47] P. Zimmermann, A. Casamayou, N. Cohen, G. Connan, T. Dumont, L. Fousse, F. Maltey, M. Meulien, M. Mezzarobba, C. Pernet, N. M. Thiéry, E. Bray,
804 J. Cremona, M. Forets, A. Ghitza, and H. Thomas, Computational Mathematics with SageMath. Society for Industrial and Applied Mathematics, dec
805 2018.
806
807 Received 20 February 2007; revised 12 March 2009; accepted 5 June 2009
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831

Association For Computing Machinery ACM Generic Journal Manuscript Template

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Association For Computing Machinery ACM Generic Journal Manuscript Template

Uploaded by

Copyright:

Available Formats

1 Refinement Method Based on Simple Operations to Improve the Cryptographic

209 2.2 Operation 2: Bitwise Exclusive Logic Disjunction (XOR)

261 Operation # = operation # + 1 Begin

425 Nasser, et al.

529 Liu, et al.

You might also like