A Novel Technique for the Construction of Safe Substitution Boxes Based on Cyclic and Symmetric Groups

In the literature, different algebraic techniques have been applied on Galois field GF(28) to construct substitution boxes. In this paper, instead of Galois field GF(28), we use a cyclic group C255 in the formation of proposed substitution box. The construction proposed S-box involves three simple steps. In the first step, we introduce a special type of transformation T of order 255 to generate C255. Next, we adjoin 0 toC255 and write the elements of C255 ∪ {0} in 16 × 16matrix to destroy the initial sequence 0, 1, 2, . . . , 255. In the 2nd step, the randomness in the data is increased by applying certain permutations of the symmetric group S16 on rows and columns of the matrix. In the last step we consider the symmetric group S256, and positions of the elements of the matrix obtained in step 2 are changed by its certain permutations to construct the suggested S-box. The strength of our S-box to work against cryptanalysis is checked through various tests.The results are then compared with the famous S-boxes.The comparison shows that the ability of our S-box to create confusion is better than most of the famous S-boxes.


Introduction
The foundation of modern cryptography was laid by Shannon [1].Cryptography is the science of converting the secret information into dummy data so that it could reach the destination safely without leakage of the information.The modern cryptography is divided into several branches.However, symmetric key cryptography and public key cryptography are the two main areas of study.In symmetric key cryptography, the same key is used at both ends to encrypt and decrypt data/information, but in public key cryptography two different keys, public and private keys, are used.It is well-known that, in symmetric key cryptography the substitution box is a standout and basic ingredient, which performs substitution.In block ciphers, it is widely used to make the relationship between the ciphertext and the key unclear and vague.Due to these important applications of substitution box many algorithms have been developed to construct safer and more reliable S-boxes.Substitution boxes are used for the strong design of block encryption algorithms.S-box is the only nonlinear component for most of the block encryption algorithms such as international data encryption algorithm (IDEA), advanced encryption standard (AES), and data encryption standard (DES) [2].Substitution boxes yield a DES-like cryptosystem with the perplexity property depicted by Shannon.In [3], it is shown that for weaker S-boxes, DES can be easily broken.It means that the security of DES-like cryptosystems is merely determined by the quality of the S-boxes used.Thus, in order to develop secure cryptosystems, the formation of safe S-boxes is a main focus of the researcher.To examine the strength of S-boxes, nonlinearity test, bit independent criterion, strict avalanche criterion, linear approximation probability analysis, differential uniformity test, and majority logic criterion are used.In the literature, there are many S-box construction methods such as inversion mapping, power polynomial, heuristic methods, and pseudorandom methods [4].Incursions on the S-box component of data encryption standard (DES) damage the design process of advanced encryption standard (AES) [3,5].Therefore, the substitution box component of AES is designed to ensure the security of the data/information in the presence of differential and linear cryptanalysis attacks [6].
Recently, since proposed algebraic attacks have been succeeded in some loops of AES, researchers have focused on alternative construction methods for substitution box [21].Therefore, substitution box construction techniques based on group theory have been applied for alternative substitution box designs.
Step I. First we simply present the elements of The resulting S-box (see Table 3) has nonlinearity of 106.25.
In step III, we further enhance its working capability.
Step III.Recently, we have noticed that certain permutations of the symmetric group  256 are amazingly constructive.In this step, we apply a permutations of  256 (see Table 1) on the data/matrix obtained after step II to construct a very strong S-box (see Table 4).

Security Analysis
In this section, a point by point exploration of the suggested S-box is presented.Furthermore, we have made a comparison with the famous S-boxes, such as AES S-box, Xyi S-box, Skipjack S-box, S8 AES S-box, Residue Prime S-box, APA S-box, and Gray S-box.The illustration of various analysis applied on these substitution boxes is given.It is seen that our S-box meets all the standards near the ideal status.

Nonlinearity.
The key objective of the substitution box is to provide assistance in giving nonlinear change from unique data to the encoded information.The measure of nonlinearity presented by the cipher considered as the most important part in the entire process of encryption.It is defined as Here is the Walsh Spectrum.The average values of the nonlinearity of newly constructed S-box is 112.A comparison between the nonlinearity of the suggested S-box and multiple renowned substitution boxes is given in Table 5.

Bit Independence Criterion.
Webster and Tavares firstly demonstrated bit independence criterion [22].A function ℎ : {0, 1}  → {0, 1}  fulfils the BIC requirements if ∀, ,  ∈ {1, 2, 3, . . ., }, the output bits j and k, where  ̸ = , change independently by inverting the input bit .In cryptographic systems, the BIC is a very important characteristic because by increasing independence between bits, it is very hard to decipher and predict the scheme of the system.The outcomes of nonlinearity of BIC are presented in Table 6.In order to find the independence properties a comparison of the bits, created by the eight basic functions, with each other is established.The relationship between the outcomes of change in ℎ input bit and the change in jth and kth output bits is identified.In the first phase the ith bit is varied from 1 to n by keeping ℎ and ℎ bits fixed.Next, the values of j and k are altered from 1 to n.Furthermore, the minimum and average values of BIC along with square deviation of the proposed S-boxes are presented in Table 7.The average and minimum values of BIC of the proposed S-box are 112.The square deviation of the newly created substitution box is 0. All these results are better than most of the well-known S-boxes and similar to AES, S 8 AES, and Gray S-boxes.

Strict Avalanche Criterion Analytically.
Tavares and Webster introduced strict avalanche criterion [22].In this criterion, the output bits are examined after changing a single input bit.In ideal condition, by changing a single input bit, half of the output bits change their shape.In [23] an effective technique is presented to check whether a complete substitution box satisfies the SAC or not.The results of SAC of the suggested S-box (see Table 8) are nearly equal to 1/2, which shows its strength.

Linear Approximation Probability.
In this analysis, the imbalance of an event is examined.It is useful in finding the maximum value of an imbalance of the output in an Security and Communication Networks event.Let us denote the input and output masks by   and   , respectively.Then mathematically, linear approximation probability is defined as follows.
In above expression  denotes the set of all possible values in domain and 2  is the number of elements of the S-box.The maximum LP value is 0.0625, which is matching with the best known S-boxes such as Gray, APA, and AES.In Table 9, a comparison of the results of this analysis, between our S-box and some famous S-boxes, is given.

Differential Uniformity. Differential uniformity is
another important method of block cipher cryptanalysis.It was introduced by Biham and Shamir to break block ciphers [3].It exploits certain events of I/O differences and represents the maximum likelihood of generating an output differential Δ =   ⊕   when the input differential is Δℎ =   ⊕   .In this analysis, the XOR distribution between the inputs and outputs of substitution box is computed.Mathematically, it is defined as where # denotes cardinality and  is set of all inputs ℎ [3,24,25].By using the approach introduced in [3], an input/output

Majority Logic Criterion
In majority logic criterion, statistical analyses are performed to examine the statistical strength of the S-box in image encryption application [26].The encryption process creates a distortion in the image, these kinds of distortions determine the strength of the algorithm.Therefore, it is necessary to investigate the statistical properties through various analyses.
These analyses are correlation, entropy, contrast, homogeneity, and energy.The suggested S-boxes can further be used for encryption and multimedia security.We have used two JPEG images, Pepper and Baboon, for MLC analysis.The results of these analyses in comparison with the other well-known Sboxes are depicted in Table 12. Figure 2 shows the result of image encryption with proposed S-box.The histograms of the original image and the encrypted images of Baboon and Pepper are shown in Figure 3.These results indicate that the proposed S-box is suitable for encryption applications and is adequate enough to become part of the algorithms designed for the secure transmission of information/data.

Conclusion
In this study, we introduce a group theoretic technique to form strong S-boxes.The cyclic group  255 instead of a Galois
Since we have presented our data in 16 × 16 matrix, that is, a matrix with 16 rows and 16 columns, the randomness can be increased by interchanging the positions of the rows and columns.Algebraically, it is achieved by applying permutations of the symmetric group  16 on the matrix.Since order of  16 is 16!, therefore corresponding to one matrix (S-box) formed after applying one permutation on rows, 16! number of new S-boxes can be created by applying all the permutations on columns.Thus by this technique, we can construct (16!) 2 different S-boxes.We choose two particular types of permutations of the symmetric group  16 such that one of them is applied on the rows and the other on columns.This action increases the diffusion capability of the cipher.The permutations are as follows.

Table 4 :
Proposed S-box evolved after 3 rd step.

Table 5 :
The nonlinearity test outcomes of different substitution boxes.