Human Psychological Disorder towards Cryptography: True Random Number Generator from EEG of Schizophrenics and Its Application in Block Encryption's Substitution Box

Schizophrenia is a multifaceted chronic psychiatric disorder that affects the way a human thinks, feels, and behaves. Inevitably, natural randomness exists in the psychological perception of schizophrenic patients, which is our primary source of inspiration for this research because true randomness is the indubitably ultimate valuable resource for symmetric cryptography. Famous information theorist Claude Shannon gave two desirable properties that a strong encryption algorithm should have, which are confusion and diffusion in his fundamental article on the theoretical foundations of cryptography. Block encryption strength against various cryptanalysis attacks is purely dependent on its confusion property, which is gained through the confusion component. In the literature, chaos and algebraic techniques are extensively used to design the confusion component. Chaos- and algebraic-based techniques provide favorable features for the design of the confusion component; however, researchers have also identified potential attacks on these techniques. Instead of existing schemes, we introduce a novel methodology to construct cryptographic confusion component from the natural randomness, which are existing in the psychological perception of the schizophrenic patients, and as a result, cryptanalysis of chaos and algebraic techniques are not applicable on our proposed technique. The psychological perception of the brain regions was captured through the electroencephalogram (EEG) readings during the sensory task. The proposed design passed all the standard evaluation criteria and validation tests of the confusion component and the random number generators. One million true random bits are assessed through the NIST statistical test suite, and the results proved that the psychological perception of schizophrenic patients is a good source of true randomness. Furthermore, the proposed confusion component attains better or equal cryptographic strength as compared to state-of-the-art techniques (2020 to 2021). To the best of our knowledge, this nature of research is performed for the first time, in which psychiatric disorder is utilized for the design of information security primitive. This research opens up new avenues in cryptographic primitive design through the fusion of computing, neuroscience, and mathematics.


Introduction
Schizophrenia is a multifaceted psychiatric disorder, which consists of several varied causes such as environmental, developmental, and genetic factors. Due to numerous complications of its causes, inevitable natural randomness exists in the electroencephalographic readings of patient's psychological responses. Patients who suffer from schizophrenia show randomness in their clinical presentation of symptoms, characteristics, and related prognosis. It is distinguished by three major clusters of symptoms consisting of cognitive symptoms including impairment of short-or longterm working memory, negative symptoms like social withdrawal, and positive symptoms like hallucinations or delusions. ese symptoms stimulate diverse neural activities in the different regions of brain. Natural randomness has been acknowledged as the ideal method for cryptography and a lot of researchers endorse the true random numbers for cryptography due to the reason that true random numbers are irreversible, unpredictable, and unreproducible, even if their internal construction and response history are identifiable to the adversaries [1][2][3][4][5][6][7][8].
Naturally, in the characteristics of the schizophrenic patients, diverse spectrum of disorders inevitably exists, which was our core source of inspiration because these disorders are the potential source of natural randomness. For example, in the delusion characteristic, patients lose their brain control due to their delusionary beliefs about the world around them. e loss of control stimulates uncertain and indistinct neural activities in different parts of the brain. ese delusions could include grandiose, erotomaniac, and persecutory. Another characteristic of schizophrenic patients is the variation in the presentation of their sensory hallucinations, which differs between each patient. ese hallucinations could be auditory, visual, tactile, gustatory, or olfactory. ese hallucinations are also responsible for the arbitrariness of neural activities in brain regions. e third characteristic is a derailment, in which patients have variations in the thinking patterns and these disorganized thinking patterns are also a cause of irregular neural activity in different brain regions. e last characteristic is grossly disorganized or catatonic behavior, which causes variation in their presentation of motor behavior due to the imbalanced neural activities. ese involuntary motor behaviors can range from childlike "silliness" to unpredictable agitation, which causes difficulty in goal-directed behavior.
Protecting secret information is a global challenge, and block cipher has been a standout among the most reliable option by which security is accomplished [9][10][11][12]. Block ciphers belong to the family of deterministic algorithms that operate on the fixed length of bits (n), called a block. A block cipher algorithm divides the plaintext into several fixedlength blocks of n bits, to produce a block of ciphertext of k bits. Block cipher combines both confusion and diffusion components within a round function and repeats the function multiple times to produce a ciphered text. Advanced Encryption Standard and Data Encryption Standard are the most prominent block ciphers. For the block ciphers, differential and linear attacks are considered very powerful attacks [13][14][15][16][17]. e main objective of the differential attack is to find the nonrandom pattern of the output, and for this objective, the attacker attempts to impose a certain set of input to track the differences in the output. Similarly, the main objective of the linear attack is to try to learn the linear association between the parity bits of cipher text, plaintext, and the symmetric key. Responsibility to make the correlation between ciphertext and the key, as undetectable as possible, is only on the confusion component, as well as resistance against the cryptanalysis attacks totally depends upon the confusion component [13][14][15][16][17][18][19][20][21][22]. e confusion component of the block cipher is normally known as substitution box (S-box) or nonlinear block cipher primitive. Nonlinear block cipher primitive transforms m bits input to n bits output by using S: {0,1} n ⟶{0,1} k . e ultimate goal of this research is to propose a methodology for the problem "how to construct the nonlinear primitive of block cipher using the strength of true randomness." e core concept of this research is to extract true random bits, by calculating the difference between each electrode reading of one patient and those of all other patients, and to design a technique for the generation of nonlinear primitive of block cipher. e remaining study is arranged as follows: Section 2 presents our main contribution; Section 3 describes attacks on existing confusion component designs; Section 4 explains the proposed scheme; Section 5 presents the results and its evaluation; and Section 6 presents the application of the proposed dynamic confusion components in image encryption technique.

Contribution
e main contribution of this research is as follows: (a) A novel method is proposed, to generate true random bits from the psychological perception of schizophrenic patients.
On the other side, a lot of researchers endorse the true random numbers for cryptography due to the purpose that true random numbers are unpredictable, unreproducible, and irreversible, even if their inner structure and past responses are known to the adversary. [1][2][3][4][5][6][7][8]. Our proposed technique extracts true random bits, from the readings of patient's electrode scalp sites (Fz, FCz, Cz, FC3, FC4, C3, C4, CP3, CP4) during the sensory task.

Proposed Design
e proposed technique has two phases: true random bits extraction and dynamic generation of confusion components. e system architecture diagram is depicted in Figure 1 and the whole design is explained in the following phases. Phase 1. True random bits extraction (a) Acquire EEG readings from the basic sensory button press task e dataset that is used in this research was obtained from Refs. [97,98], and for this, forty-nine schizophrenia patients were selected by professional and clinical psychologists after the initial screening of schizophrenia symptoms. Symptoms of the schizophrenia are assessed through three standardized psychological instruments: Scale for Negative Symptoms (SANS), Scale for Positive Symptoms (SAPS), and Positive and Negative Syndrome Scale (PANSS). e age range of the schizophrenia patients is 20 to 60 (μ � 42.82, σ � 13.12) years, and different subtypes of schizophrenic patients included such as residual schizophrenia, paranoid schizophrenia, undifferentiated schizophrenia, schizophrenia unknown subtype, schizoaffective disorder, and disorganized schizophrenia. Event-related potential (ERP) averages of nine electrode scalp sites (Fz, FCz, Cz, FC3, FC4, C3, C4, CP3, CP4) are obtained, and readings of the electroencephalography are continuously digitalized at 1024 Hz. e topological positions of the 64-channel, active-electrode layout is illustrated in Figure 2 [98]. e sensory task given to the participants consisted of a button press at every 1-2 seconds, to deliver 1000 Hz, 80 dB sound pressure level, and tones with zero delay between press and tone onset. e task was stopped after 100 tones had been delivered. (b) Difference calculation between each electrode reading of one patient and each electrode reading of all other patients Each reading of the 1st channel is subtracted, from the 1st channel reading, of all other patients. Similarly, each reading of the 2nd channel is subtracted, from the 2nd channel reading of all other patients. Subtracted readings of every channel are stored individually in vector data structure and then parsed into binary format. is process is repeated over the readings of 64 channels and 4900 vectors generated. As test, one million of these binary bits are assessed through the NIST statistical test suite, and the results of Table 1 proved that the psychological perception of schizophrenic patients is a good source of true randomness. (c) True Random Bits Fusion e output of the last step is fused through the proposed DIFFERENCE_FUSION () algorithm, which is attached in annexed ( Figure S1). A visual representation of the algorithm is depicted in Figure 3.
is algorithm takes true random bits in the multiple of four vectors and then traverse in a specific order based on z-ordering. If the value of quadrant NW is 0, then retrieve bits from left to right, and if the value of quadrant NW is 1, then retrieve bits from right to left. Two variations of the z-ordering scheme are implemented here: the first is local z, which operates on 2 × 2 bits, and the second is global z, which operates on 2 × 2 local z.       with its index) are passed to the ConfusionValuesGenerator() algorithm. ConfusionValuesGenerator algorithm is attached in annexed ( Figure S3), and the visual representation of the algorithm is depicted in Figure 5. Due to the pure randomized nature, on every call, this algorithm returns 0 to 8 values.
Resultant stream of the ConfusionValuesGenerator( ) algorithm was passed to the DCCG() algorithm for the generation of dynamic confusion components. e DCCG algorithm returns dynamic confusion components depending upon the size of stream; the DCCG algorithm is attached in annexed ( Figure S4). From the results, six confusion components are randomly picked as samples, and first randomly picked confusion component and its inverse is shown in Tables 2 and 3 respectively, and the remaining five confusion components are shown in annexed (Table S1). e reverse S-box algorithm is shown in Algorithm 1.

Nonlinearity.
Nonlinearity is one of the most important confusion component properties, which indicates the resistance ability of confusion components against the linear attacks, and the nonlinearity of cipher is expressed by the nonlinearity score. It is known as the smallest distance of

Computational Intelligence and Neuroscience
Boolean function from the set of affine functions. e nonlinearity score is the total number of bits altered to get the nearest affine function in the Boolean truth table. To calculate the nonlinearity score, the distance of all affine functions and Boolean function is determined. When the initial distance is calculated, the nearest affine function is achieved by changing the amount of bit values in the Boolean function's truth table. e Walsh spectrum defines the nonlinearity of a Boolean function by using the following formula: where S (g) (φ) is defined as where φ is a n-bit vector and φ ∈ GF(2 n ). e dot product between x and φ is denoted as x · φ: e nonlinearity score of our randomly picked confusion components 1,2,3,4,5,6 is 110.50, 106.75, 106.50, 106.75, 107.50, and 107.25, respectively. In Table 4 we can see that the nonlinearity score of our proposed confusion components is higher or equal from the state-of-the-art techniques(year 2020 to 2021).

BIT Independent Criterion (BIC)
. BIC is used to analyze the output bits behavior by changing the input bits. Confusion component holds the BIC property when output bits behave independently from each other. BIC characteristic states that output bits j and k will modify individually if any single input bit i is reversed. is will improve the proficiency of confusion function. e independence between pair of avalanche variables is measured through the coefficient of correlation. e bit independence of the j th and k th bits of B ei is Shannon's confusion function(C) is represented as C: {0, 1} n ⟶{0, 1} n . BIC parameter for Shannon's confusion function is measured by the given mathematical expression: e shift in output bits is an important parameter for determining the strength of the encryption process. e average BIC score of our randomly picked confusion components from 1 to 6 is 0.50105, 0.50272, 0.50112, 0.50223, 0.50105, and 0.50105, respectively. ese results proved that our proposed confusion components strongly fulfill the bit independent criteria. e SAC-BIC results of confusion component-1 presented in Table 6 are the sample.

Linear Approximation Probability (LP)
. LP is another important criteria for evaluating Shannon's confusion component. LP is the function's capability to avoid linear attacks and is the highest value of the disparity of an event.
e input bit's parity selected by the mask c 1 and the output bit's parity selected by the c 2 mask are equal. e masks of input and output bits are evaluated to obtain the imbalance of an event. Linear approximation probability is measured by the following mathematical expression: where c 1 represents the input mask and c 2 represents the output mask in the above equation. X represents the set of all possible inputs, and 2 n is the total number of elements in the confusion component. e maximum LP score of our confusion components(1 to 6) is 0.1171875,0.1328125,0.12500, 0.1328125, 0.140625, and 0.140625, respectively; these results also fulfills the LP criteria.

Differential Approximation Probability (DP)
. DP characteristic examines the XOR distribution among the input and output bits. In order to be resilient against the differential attacks, the XOR values of all outputs must have equal probability with the XOR values of all inputs. In the differential approximation table, the probability of all the XOR values of input and the probability of all XOR values of output are equal. e exclusive-or distribution among the inputs and outputs of S-box is calculated by Here X represents the set of all possible input values and 2 i represents cardinality of set. e maximum DP score of our confusion components (1 to 6) is 0.046875, 0.046875, 0.046875, 0.054688, 0.039062, and 0.054688, respectively; here, we can see that these results also fulfills the DP criteria. As a sample, the DP results of the confusion component-1 are presented in Table 7.

Application of Proposed Dynamic Confusion Components in Image Encryption
As the application of our proposed dynamic confusion components, an image cipher based on confusion-diffusion principal is developed, which is depicted in Figure 6. e structure of the mage cipher is depicted in Figure 6. It consists of repeating rounds of dynamic confusion layers, static diffusion layer, and the key addition, which make them  8 Computational Intelligence and Neuroscience hard for cryptanalysis. For the key generation process, the chaotic interval of the logistic map and tent map is enhanced by synthesizing the parameters of both maps to obtain the increased keyspace [86]. e chaotic field of the logistic map only lies in the range between 3.57 ≤ σ ≤ 4, and similarly, the chaotic field of the tent map lies in the range between 2 ≤ σ ≤ 4. Logistic map and tent map are defined in (10) and (11), respectively, and their enhanced chaotification structure of logistic tent system(LTS) is defined in (12). Finally for the subkey generation, divide the resultant values of LTS into the blocks of 256 bytes. In the same way for the permutation process, apply XOR operation on the values generated from (11) and (12). ese resultant values are in the range between 0 and 255. Select first 256 distinct values as permutation. We examined the encrypted images through various security analyses and statistical tests including NPCR, UACI, correlation-coefficient analysis, and 2D, 3D histogram analysis. All the results of these tests are passed; it also confirms that the proposed confusion is competent enough for the image cipher: z n+1 � σz n 1 − z n +(4 − σ)z n /2 mod 255z i <(1/2) σz n 1 − z n +(4 − σ) 1 − z n /2 mod 255z i >(1/2) .

Resistance against Differential Analysis.
e key requirement of the encryption algorithm is its ability to resist   Computational Intelligence and Neuroscience the differential attacks. Differential cryptanalysis is difficult when a small shift in original image will generate completely different ciphered image. We examined the image encryption results on various standard color test images (Lena, pepper, nature, bird, baboon, grapes, sparrow, butterfly), and here as a sample, original image pepper over the , and 7(f ). e NPCR and UACI are the two frequently used tests of the image cipher to check the strength against the differential attacks. NPCR is defined as follows [124,125]: UAIC measure the mean variation of pixel intensity of two encrypted images at same location. It is determined by where C1(i, j) and C2(i, j) indicate the pixel value of two encrypted images at location (i, j). W represents the number of rows and H presents the number of columns of the plain image. e encryption security is improved with a large UACI value. e NPCR and UACI are measured through the following formulas: where n is the number of bits used to denote the various bit planes of an image. High values of UACI and NCPR have strong resistance against differential attacks.
where x i and y i show the values of two adjacent pixels and N is the total number of duplets. e mean value of x i is denoted by E(x), and the mean value of y i is denoted by E(y). e calculated value of the correlation coefficient in plain images is closer to 1 along diagonal, horizontal, and vertical directions, whereas the value of correlation coefficient in encrypted image is closer to 0. We can see that the values of the correlation coefficient over the encrypted images are totally different from the values of plain images, so the correlation coefficient attack fails to provide any clue of the original image. e results of the correlation coefficient analysis on horizontal, vertical, and diagonal directions are displayed in Table 9.

Histogram Analysis.
e histogram is the graphical representation of the distribution of pixels in the picture by measuring a number of pixels at each intensity level. Analyzing the histogram shows how pixels are distributed over encrypted image. Effective cipher encrypts the original image into the cipher image, which contains random RGB pixel. In Figure 11, we can see that 3D histogram of the standard test images shows some information, but in Figure 12, encrypted test images have uniformly random pixel values. e histogram of the encrypted and original images are completely different, so the attacker cannot extract any relation between encrypted image and plain image.

Conclusion
Randomness is a fundamental feature in nature and a valuable resource for the cryptography. First time, this nature of research is performed in which psychiatric disorder is utilized for the generation of truly random bits, and based on these Computational Intelligence and Neuroscience true random bits, confusion components are constructed. Instead of algebraic-and chaotic-based approaches, our technique relies on inevitable natural randomness, which exists in the EEG of schizophrenic patients, and as a result, attacks of chaos-and algebraic-based techniques are bypassed in our proposed approach. For the evaluation of the true random bits, NISTstatistical test suite was adopted, and for the evaluation of the confusion component, standard evaluation criteria were adopted. As a test case, one million true random bits are assessed through the NIST statistical test suite, and the results proved that the psychological perception of schizophrenic patients is a good source of true randomness. Confusion components are evaluated through SAC, LP, DP, BIC, and nonlinearity. e outcomes of these criteria verified that the proposed confusion component is effective for block ciphers. We will expand this research in future, for the dynamic generation of lattice primitives [70].
Data Availability e datasets "EEG data from basic sensory task in Schizophrenia," which analyzed during the current study are available in the Kaggle repository at https://www.kaggle. com/datasets/broach/button-tone-sz.

Conflicts of Interest
e authors declare no conflicts of interest.