Abstract
Schizophrenia is a multifaceted chronic psychiatric disorder that affects the way a human thinks, feels, and behaves. Inevitably, natural randomness exists in the psychological perception of schizophrenic patients, which is our primary source of inspiration for this research because true randomness is the indubitably ultimate valuable resource for symmetric cryptography. Famous information theorist Claude Shannon gave two desirable properties that a strong encryption algorithm should have, which are confusion and diffusion in his fundamental article on the theoretical foundations of cryptography. Block encryption strength against various cryptanalysis attacks is purely dependent on its confusion property, which is gained through the confusion component. In the literature, chaos and algebraic techniques are extensively used to design the confusion component. Chaos and algebraicbased techniques provide favorable features for the design of the confusion component; however, researchers have also identified potential attacks on these techniques. Instead of existing schemes, we introduce a novel methodology to construct cryptographic confusion component from the natural randomness, which are existing in the psychological perception of the schizophrenic patients, and as a result, cryptanalysis of chaos and algebraic techniques are not applicable on our proposed technique. The psychological perception of the brain regions was captured through the electroencephalogram (EEG) readings during the sensory task. The proposed design passed all the standard evaluation criteria and validation tests of the confusion component and the random number generators. One million true random bits are assessed through the NIST statistical test suite, and the results proved that the psychological perception of schizophrenic patients is a good source of true randomness. Furthermore, the proposed confusion component attains better or equal cryptographic strength as compared to stateoftheart techniques (2020 to 2021). To the best of our knowledge, this nature of research is performed for the first time, in which psychiatric disorder is utilized for the design of information security primitive. This research opens up new avenues in cryptographic primitive design through the fusion of computing, neuroscience, and mathematics.
1. Introduction
Schizophrenia is a multifaceted psychiatric disorder, which consists of several varied causes such as environmental, developmental, and genetic factors. Due to numerous complications of its causes, inevitable natural randomness exists in the electroencephalographic readings of patient’s psychological responses. Patients who suffer from schizophrenia show randomness in their clinical presentation of symptoms, characteristics, and related prognosis. It is distinguished by three major clusters of symptoms consisting of cognitive symptoms including impairment of short or longterm working memory, negative symptoms like social withdrawal, and positive symptoms like hallucinations or delusions. These symptoms stimulate diverse neural activities in the different regions of brain. Natural randomness has been acknowledged as the ideal method for cryptography and a lot of researchers endorse the true random numbers for cryptography due to the reason that true random numbers are irreversible, unpredictable, and unreproducible, even if their internal construction and response history are identifiable to the adversaries [1–8].
Naturally, in the characteristics of the schizophrenic patients, diverse spectrum of disorders inevitably exists, which was our core source of inspiration because these disorders are the potential source of natural randomness. For example, in the delusion characteristic, patients lose their brain control due to their delusionary beliefs about the world around them. The loss of control stimulates uncertain and indistinct neural activities in different parts of the brain. These delusions could include grandiose, erotomaniac, and persecutory. Another characteristic of schizophrenic patients is the variation in the presentation of their sensory hallucinations, which differs between each patient. These hallucinations could be auditory, visual, tactile, gustatory, or olfactory. These hallucinations are also responsible for the arbitrariness of neural activities in brain regions. The third characteristic is a derailment, in which patients have variations in the thinking patterns and these disorganized thinking patterns are also a cause of irregular neural activity in different brain regions. The last characteristic is grossly disorganized or catatonic behavior, which causes variation in their presentation of motor behavior due to the imbalanced neural activities. These involuntary motor behaviors can range from childlike “silliness” to unpredictable agitation, which causes difficulty in goaldirected behavior.
Protecting secret information is a global challenge, and block cipher has been a standout among the most reliable option by which security is accomplished [9–12]. Block ciphers belong to the family of deterministic algorithms that operate on the fixed length of bits (n), called a block. A block cipher algorithm divides the plaintext into several fixedlength blocks of n bits, to produce a block of ciphertext of k bits. Block cipher combines both confusion and diffusion components within a round function and repeats the function multiple times to produce a ciphered text. Advanced Encryption Standard and Data Encryption Standard are the most prominent block ciphers. For the block ciphers, differential and linear attacks are considered very powerful attacks [13–17]. The main objective of the differential attack is to find the nonrandom pattern of the output, and for this objective, the attacker attempts to impose a certain set of input to track the differences in the output. Similarly, the main objective of the linear attack is to try to learn the linear association between the parity bits of cipher text, plaintext, and the symmetric key. Responsibility to make the correlation between ciphertext and the key, as undetectable as possible, is only on the confusion component, as well as resistance against the cryptanalysis attacks totally depends upon the confusion component [13–22]. The confusion component of the block cipher is normally known as substitution box (Sbox) or nonlinear block cipher primitive. Nonlinear block cipher primitive transforms m bits input to n bits output by using S: {0,1}^{n}⟶{0,1}^{k}.
The ultimate goal of this research is to propose a methodology for the problem “how to construct the nonlinear primitive of block cipher using the strength of true randomness.” The core concept of this research is to extract true random bits, by calculating the difference between each electrode reading of one patient and those of all other patients, and to design a technique for the generation of nonlinear primitive of block cipher. The remaining study is arranged as follows: Section 2 presents our main contribution; Section 3 describes attacks on existing confusion component designs; Section 4 explains the proposed scheme; Section 5 presents the results and its evaluation; and Section 6 presents the application of the proposed dynamic confusion components in image encryption technique.
2. Contribution
The main contribution of this research is as follows:(a)A novel method is proposed, to generate true random bits from the psychological perception of schizophrenic patients. As test, one million true random bits are assessed through the NIST statistical test suite, and the results proved that the psychological perception of schizophrenic patients is outstanding source of true randomness.(b)Instead of algebraic structures and chaotic systems, our technique relies on inevitable natural randomness, which are existing in EEG of schizophrenic patients for the design of confusion component, and as a result, attacks of algebraic and chaosbased techniques are not applicable and irrelevant for our proposed technique.(c)To the best of our knowledge, this nature of research is performed for the first time, in which psychiatric disorder is utilized for the design of any block cipher primitive.(d)This research opens up new avenues in cryptographic primitive design through the fusion of computing, neuroscience, and mathematic.(e)As the application of our proposed dynamic confusion components, an image cipher based on confusiondiffusion principal is also developed and the resultant encrypted images are examined through various security analyses and statistical tests. All the results of these tests are passed, and it also confirms that the proposed confusion components are competent enough for the image cipher.
3. Attacks on Confusion Component Design Schemes
As mentioned earlier, chaos and algebraicbased techniques are extensively used to design the confusion component. Chaos and algebraicbased techniques provide favorable features for the design of confusion components; however, researchers have also identified various cryptanalysis on these techniques including interpolation attacks [9–12], Gröbner basis attack [13–19], SAT solver [20–27], linear and differential attacks [28–42], XL attacks [43–45], and XSL attack [9, 46–55]. Similarly, chaosbased techniques are also commonly applied in the designs of confusion components [56–68], dynamical degradation of chaotic systems [69–73], predictability [74–85], discontinuity in chaotic sequences [70, 86–90], small number of control parameters [76, 77, 91, 92], finite precision effect [70–72, 86, 88], and short quantity of randomness [71, 72, 86, 88–90, 93–96].
On the other side, a lot of researchers endorse the true random numbers for cryptography due to the purpose that true random numbers are unpredictable, unreproducible, and irreversible, even if their inner structure and past responses are known to the adversary. [1–8]. Our proposed technique extracts true random bits, from the readings of patient’s electrode scalp sites (Fz, FCz, Cz, FC3, FC4, C3, C4, CP3, CP4) during the sensory task.
4. Proposed Design
The proposed technique has two phases: true random bits extraction and dynamic generation of confusion components. The system architecture diagram is depicted in Figure 1 and the whole design is explained in the following phases.
Phase 1. True random bits extraction(a)Acquire EEG readings from the basic sensory button press task The dataset that is used in this research was obtained from Refs. [97, 98], and for this, fortynine schizophrenia patients were selected by professional and clinical psychologists after the initial screening of schizophrenia symptoms. Symptoms of the schizophrenia are assessed through three standardized psychological instruments: Scale for Negative Symptoms (SANS), Scale for Positive Symptoms (SAPS), and Positive and Negative Syndrome Scale (PANSS). The age range of the schizophrenia patients is 20 to 60 (μ = 42.82, σ = 13.12) years, and different subtypes of schizophrenic patients included such as residual schizophrenia, paranoid schizophrenia, undifferentiated schizophrenia, schizophrenia unknown subtype, schizoaffective disorder, and disorganized schizophrenia. Eventrelated potential (ERP) averages of nine electrode scalp sites (Fz, FCz, Cz, FC3, FC4, C3, C4, CP3, CP4) are obtained, and readings of the electroencephalography are continuously digitalized at 1024 Hz. The topological positions of the 64channel, activeelectrode layout is illustrated in Figure 2 [98]. The sensory task given to the participants consisted of a button press at every 1–2 seconds, to deliver 1000 Hz, 80 dB sound pressure level, and tones with zero delay between press and tone onset. The task was stopped after 100 tones had been delivered.(b)Difference calculation between each electrode reading of one patient and each electrode reading of all other patients Each reading of the 1st channel is subtracted, from the 1st channel reading, of all other patients. Similarly, each reading of the 2nd channel is subtracted, from the 2nd channel reading of all other patients. Subtracted readings of every channel are stored individually in vector data structure and then parsed into binary format. This process is repeated over the readings of 64 channels and 4900 vectors generated. As test, one million of these binary bits are assessed through the NIST statistical test suite, and the results of Table 1 proved that the psychological perception of schizophrenic patients is a good source of true randomness.(c)True Random Bits FusionThe output of the last step is fused through the proposed DIFFERENCE_FUSION () algorithm, which is attached in annexed (Figure S1). A visual representation of the algorithm is depicted in Figure 3. This algorithm takes true random bits in the multiple of four vectors and then traverse in a specific order based on zordering. If the value of quadrant NW is 0, then retrieve bits from left to right, and if the value of quadrant NW is 1, then retrieve bits from right to left. Two variations of the zordering scheme are implemented here: the first is local z, which operates on 2 × 2 bits, and the second is global z, which operates on 2 × 2 local z.
Phase 2. Dynamic generation of confusion components(a)Differencebased TwoDimensional Map Generation (D2DMG) Vectors of the last step are passed as parameters to the D2DMG() algorithm for the generation of twodimensional maps. Visual representation of the algorithm is depicted in Figure 4, and the D2DMG() algorithm is attached in annexed (Figure S2).(b)Dynamic Confusion Component Generator (DCCG)Pairwise randomly traverse all vectors from Phase 1 and then assign arbitrary indexes. Arbitrary indexes are produced simply by applying the module 3 operation on every byte of the vector. Here, arbitrary indexes work as indexes of the vector elements. To get the values of the confusion component, parameters (pair of vectors with their arbitrary index and map with its index) are passed to the ConfusionValuesGenerator() algorithm. ConfusionValuesGenerator algorithm is attached in annexed (Figure S3), and the visual representation of the algorithm is depicted in Figure 5. Due to the pure randomized nature, on every call, this algorithm returns 0 to 8 values. Resultant stream of the ConfusionValuesGenerator( ) algorithm was passed to the DCCG() algorithm for the generation of dynamic confusion components. The DCCG algorithm returns dynamic confusion components depending upon the size of stream; the DCCG algorithm is attached in annexed (Figure S4). From the results, six confusion components are randomly picked as samples, and first randomly picked confusion component and its inverse is shown in Tables 2 and 3 respectively, and the remaining five confusion components are shown in annexed (Table S1). The reverse Sbox algorithm is shown in Algorithm 1.

5. Results Evaluation
In this section, sample confusion components of Section 4 are evaluated through the standard confusion component evaluation criteria [32–44], which includes bit independence criterion(BIC), linear approximation probability (LP), strict avalanche criterion (SAC), nonlinearity score, and differential approximation probability (DP).
5.1. Nonlinearity
Nonlinearity is one of the most important confusion component properties, which indicates the resistance ability of confusion components against the linear attacks, and the nonlinearity of cipher is expressed by the nonlinearity score. It is known as the smallest distance of Boolean function from the set of affine functions. The nonlinearity score is the total number of bits altered to get the nearest affine function in the Boolean truth table. To calculate the nonlinearity score, the distance of all affine functions and Boolean function is determined. When the initial distance is calculated, the nearest affine function is achieved by changing the amount of bit values in the Boolean function’s truth table. The Walsh spectrum defines the nonlinearity of a Boolean function by using the following formula:where is defined aswhere is a nbit vector and . The dot product between x and is denoted as :
The nonlinearity score of our randomly picked confusion components 1,2,3,4,5,6 is 110.50, 106.75, 106.50, 106.75, 107.50, and 107.25, respectively. In Table 4 we can see that the nonlinearity score of our proposed confusion components is higher or equal from the stateoftheart techniques(year 2020 to 2021).
5.2. Strict Avalanche Criteria (SAC)
SAC specify that all the output bits will be modified with 1/2 probability by flipping a bit of input. SAC analyze the impact of avalanche effects in encryption. The change in the input generates a number of changes in the output. Having an even output pattern prevents linear attacks. Therefore, the changes in the output bits must be independent. SAC counts the number of changed output bits caused by complementing a single bit of input. All output bits will deviate with the probability of one half for an algorithm to be more secure. To test the SAC of the confusion component, we used the dependency matrix. Sbox fulfils the SAC property, if all the elements and mean value in the dependency matrix are approximately equal to 0.5. The offsets of the dependence matrix are calculated by the following formula:where is the transpose of matrix Or _{r,w}
The SAC (average) score of our randomly picked six confusion components (1,2,3,4,5,6) is 0.498779, 0.500244, 0.503662, 0.497314, 0.500732, and 0.508545, respectively. These results proved that our proposed confusion components are enough capable. The SAC result of confusion component1 presented in Table 5 is the sample
5.3. BIT Independent Criterion (BIC)
BIC is used to analyze the output bits behavior by changing the input bits. Confusion component holds the BIC property when output bits behave independently from each other. BIC characteristic states that output bits j and k will modify individually if any single input bit i is reversed. This will improve the proficiency of confusion function. The independence between pair of avalanche variables is measured through the coefficient of correlation. The bit independence of the j^{th} and k^{th} bits of B^{ei} is
Shannon’s confusion function(C) is represented as C: {0, 1}^{n} ⟶{0, 1}^{n}. BIC parameter for Shannon’s confusion function is measured by the given mathematical expression:
The shift in output bits is an important parameter for determining the strength of the encryption process. The average BIC score of our randomly picked confusion components from 1 to 6 is 0.50105, 0.50272, 0.50112, 0.50223, 0.50105, and 0.50105, respectively. These results proved that our proposed confusion components strongly fulfill the bit independent criteria. The SACBIC results of confusion component1 presented in Table 6 are the sample.
5.4. Linear Approximation Probability (LP)
LP is another important criteria for evaluating Shannon’s confusion component. LP is the function’s capability to avoid linear attacks and is the highest value of the disparity of an event. The input bit’s parity selected by the mask and the output bit’s parity selected by the mask are equal. The masks of input and output bits are evaluated to obtain the imbalance of an event. Linear approximation probability is measured by the following mathematical expression:where represents the input mask and represents the output mask in the above equation. X represents the set of all possible inputs, and 2^{n} is the total number of elements in the confusion component. The maximum LP score of our confusion components(1 to 6) is 0.1171875,0.1328125,0.12500, 0.1328125, 0.140625, and 0.140625, respectively; these results also fulfills the LP criteria.
5.5. Differential Approximation Probability (DP)
DP characteristic examines the XOR distribution among the input and output bits. In order to be resilient against the differential attacks, the XOR values of all outputs must have equal probability with the XOR values of all inputs. In the differential approximation table, the probability of all the XOR values of input and the probability of all XOR values of output are equal. The exclusiveor distribution among the inputs and outputs of Sbox is calculated by
Here X represents the set of all possible input values and 2^{i} represents cardinality of set. The maximum DP score of our confusion components (1 to 6) is 0.046875, 0.046875, 0.046875, 0.054688, 0.039062, and 0.054688, respectively; here, we can see that these results also fulfills the DP criteria. As a sample, the DP results of the confusion component1 are presented in Table 7.
6. Application of Proposed Dynamic Confusion Components in Image Encryption
As the application of our proposed dynamic confusion components, an image cipher based on confusiondiffusion principal is developed, which is depicted in Figure 6. The structure of the mage cipher is depicted in Figure 6. It consists of repeating rounds of dynamic confusion layers, static diffusion layer, and the key addition, which make them hard for cryptanalysis. For the key generation process, the chaotic interval of the logistic map and tent map is enhanced by synthesizing the parameters of both maps to obtain the increased keyspace [86]. The chaotic field of the logistic map only lies in the range between , and similarly, the chaotic field of the tent map lies in the range between . Logistic map and tent map are defined in (10) and (11), respectively, and their enhanced chaotification structure of logistic tent system(LTS) is defined in (12). Finally for the subkey generation, divide the resultant values of LTS into the blocks of 256 bytes. In the same way for the permutation process, apply XOR operation on the values generated from (11) and (12). These resultant values are in the range between 0 and 255. Select first 256 distinct values as permutation. We examined the encrypted images through various security analyses and statistical tests including NPCR, UACI, correlationcoefficient analysis, and 2D, 3D histogram analysis. All the results of these tests are passed; it also confirms that the proposed confusion is competent enough for the image cipher:
6.1. Resistance against Differential Analysis
The key requirement of the encryption algorithm is its ability to resist the differential attacks. Differential cryptanalysis is difficult when a small shift in original image will generate completely different ciphered image. We examined the image encryption results on various standard color test images (Lena, pepper, nature, bird, baboon, grapes, sparrow, butterfly), and here as a sample, original image pepper over the RGB channels is shown in Figures 7(a)–7(c) and their correspondent cipher pictures are presented in Figures 7(d), 7(e), and 7(f). The NPCR and UACI are the two frequently used tests of the image cipher to check the strength against the differential attacks. NPCR is defined as follows [124, 125]:
(a)
(b)
(c)
(d)
(e)
(f)
D_{(i,j)} is described as D_{(i,j)} = 0 if I (i, j) = J(i, j), D_{(i,j)} = 1 if I(i, j) = J(i, j)
UAIC measure the mean variation of pixel intensity of two encrypted images at same location. It is determined bywhere and indicate the pixel value of two encrypted images at location . W represents the number of rows and H presents the number of columns of the plain image. The encryption security is improved with a large UACI value. The NPCR and UACI are measured through the following formulas:where is the number of bits used to denote the various bit planes of an image. High values of UACI and NCPR have strong resistance against differential attacks. Table 8 indicates the values of NPCR and UACI. NPCR and UACI values of our encrypted images are near to 99.63 and 336.50, respectively, which are very good results.
6.2. Correlation Coefficient Analysis
Neighbor pixels of the unencrypted images are extremely correlated and can show visual traits to the adversaries. An efficient cipher technique would reduce the correlation between adjacent pixels of an encrypted image in all the three directions. Before the encryption, the correlation coefficient value should be around 1 and after the encryption should be around 0. Adjacent pixel pairs of the test image pepper are plotted in Figures 8, 9 and 10. From the both original and encrypted images, 1000 pixels are plotted in the diagonal, horizontal, and vertical direction. Correlation coefficient among two neighboring pixels are calculated bywhere x_{i} and y_{i} show the values of two adjacent pixels and N is the total number of duplets. The mean value of x_{i} is denoted by E(x), and the mean value of y_{i} is denoted by E(y). The calculated value of the correlation coefficient in plain images is closer to 1 along diagonal, horizontal, and vertical directions, whereas the value of correlation coefficient in encrypted image is closer to 0. We can see that the values of the correlation coefficient over the encrypted images are totally different from the values of plain images, so the correlation coefficient attack fails to provide any clue of the original image. The results of the correlation coefficient analysis on horizontal, vertical, and diagonal directions are displayed in Table 9.
(a)
(b)
(c)
(d)
(e)
(f)
(a)
(b)
(c)
(d)
(e)
(f)
(a)
(b)
(c)
(d)
(e)
(f)
6.3. Histogram Analysis
The histogram is the graphical representation of the distribution of pixels in the picture by measuring a number of pixels at each intensity level. Analyzing the histogram shows how pixels are distributed over encrypted image. Effective cipher encrypts the original image into the cipher image, which contains random RGB pixel. In Figure 11, we can see that 3D histogram of the standard test images shows some information, but in Figure 12, encrypted test images have uniformly random pixel values. The histogram of the encrypted and original images are completely different, so the attacker cannot extract any relation between encrypted image and plain image.
7. Conclusion
Randomness is a fundamental feature in nature and a valuable resource for the cryptography. First time, this nature of research is performed in which psychiatric disorder is utilized for the generation of truly random bits, and based on these true random bits, confusion components are constructed. Instead of algebraic and chaoticbased approaches, our technique relies on inevitable natural randomness, which exists in the EEG of schizophrenic patients, and as a result, attacks of chaos and algebraicbased techniques are bypassed in our proposed approach. For the evaluation of the true random bits, NIST statistical test suite was adopted, and for the evaluation of the confusion component, standard evaluation criteria were adopted. As a test case, one million true random bits are assessed through the NIST statistical test suite, and the results proved that the psychological perception of schizophrenic patients is a good source of true randomness. Confusion components are evaluated through SAC, LP, DP, BIC, and nonlinearity. The outcomes of these criteria verified that the proposed confusion component is effective for block ciphers. We will expand this research in future, for the dynamic generation of lattice primitives [70].
Data Availability
The datasets “EEG data from basic sensory task in Schizophrenia,” which analyzed during the current study are available in the Kaggle repository at https://www.kaggle.com/datasets/broach/buttontonesz.
Conflicts of Interest
The authors declare no conflicts of interest.
Acknowledgments
The authors extend their gratitude to the Deanship of Scientific Research at King Khalid University for funding this work through research groups program under grant number R. G. P. 2/109/43. The author would like to thank Brain Roach and Dr. Ford for sharing their EEG dataset. The initial data collection was supported by the National Institute of Mental Health.
Supplementary Materials
Figure S1: DIFFERENCE_FUSION() algorithm. Figure S2: D2DMG() algorithm. Figure S3: CONFUSIONVALUES_GENERATOR() algorithm. Figure S4: DCCG() algorithm. Table S1: confusion components. . (Supplementary Materials)