Table of Contents Author Guidelines Submit a Manuscript
Security and Communication Networks
Volume 2017, Article ID 5101934, 16 pages
Research Article

A Novel Construction of Substitution Box Involving Coset Diagram and a Bijective Map

1Department of Mathematics, University of Education Lahore, Jauharabad Campus, Jauharabad, Pakistan
2Department of Mathematics, The Islamia University of Bahawalpur, Bahawalpur, Pakistan
3Department of Mathematics, Government College University Faisalabad, Faisalabad, Pakistan
4Department of Basic Sciences, University of Engineering and Technology, Taxila, Punjab, Pakistan
5Department of Mathematics, Quaid-i-Azam University, Islamabad, Pakistan
6Department of Information Technology, University of Education Lahore, Jauharabad Campus, Jauharabad, Pakistan

Correspondence should be addressed to Abdul Razaq; moc.liamg@uaqnekam

Received 15 August 2017; Accepted 10 October 2017; Published 20 November 2017

Academic Editor: Zheng Yan

Copyright © 2017 Abdul Razaq et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


The substitution box is a basic tool to convert the plaintext into an enciphered format. In this paper, we use coset diagram for the action of on projective line over the finite field to construct proposed S-box. The vertices of the cost diagram are elements of which can be represented by powers of , where is the root of irreducible polynomial over . Let denote the elements of which are of the form of even powers of . In the first step, we construct a matrix with the elements of in a specific order, determined by the coset diagram. Next, we consider defined by to destroy the structure of . In the last step, we apply a bijective map on each element of the matrix to evolve proposed S-box. The ability of the proposed S-box is examined by different available algebraic and statistical analyses. The results are then compared with the familiar S-boxes. We get encouraging statistics of the proposed box after comparison.

1. Introduction

In secure communication, the role of the nonlinear component for block ciphers (substitution box) is of significant importance. The concept of substitution box was given by Shannon in 1949 [1]. In order to create confusion during the process of enciphering the digital data, substitution box plays a central role [2]. If the S-box is not good, it means one has to compromise on the quality of encryption. The strength of the S-box affirms the capability of block ciphers. Several attempts have been made to increase the quality of the S-box. In order to assess the properties of well-known S-boxes, the cryptographers have drawn attention to the literature. Different techniques have been developed to inspect the statistical and algebraic structure of S-boxes. These analyses include linear approximation probability (LP) method, bit independence criterion (BIC), majority logic criterion (MLC), strict avalanche criterion (SAC), nonlinearity method, and differential approximation probability (DP) method.

In this paper, we establish a novel technique to construct substitution boxes by coset diagrams and bijective maps.

2. Coset Diagrams for Modular Group

The modular group, denoted by , has a finite presentation , where and are linear fractional transformations which map to and , respectively. Coset diagrams ([37]) are the graphical representation of the action of on , where is a prime. Since the order of is three, its three cycles are represented by triangles. The vertices of the triangles, which are elements of , are permuted anticlockwise by . Any two of vertices of the triangles are joined by an edge which represents . The heavy dots are used to denote fixed points of and , if they exist.

Consider the action of modular group on (Figure 1). The permutation representations of and can be calculated by and .The action of is not possible on , because image of 0 under does not belong to . Therefore, we choose for the action of instead of .

Figure 1: The coset diagram for the action of modular group on .

3. Coset Diagram Used in the Construction of Proposed Substitution Box

Consider a primitive irreducible polynomial over ; then . The element of (see Table 1) can be represented by some power of , where is the root of . Consider the action of on . Then the permutation representations of and can be calculated by and , respectively. So The coset diagram for this action has 86 orbits (fragments). It has one copy of (Figure 2) and 85 copies of (Figure 3). First, we find the orbit of coset diagram which contains (Figure 4).

Table 1: Representation of the elements of .
Figure 2: The orbit of the coset diagram for the action of modular group on .
Figure 3: The orbit of the coset diagram for the action of modular group on .
Figure 4: The copy of having the vertex .

In each , one can see that is a path from the vertex to the vertex , such that, during this journey, one has to pass each vertex of .

4. Algebraic Structure of Proposed Substitution Box

In the literature, algebraic techniques are being applied on Galois fields. In this novel technique, the initial sequence of Galois field is destroyed with the help of vertices of the coset diagram.

Let denote the elements of which are of the form of even powers of .

Our first aim is to write the vertices of coset diagram in a matrix. For this, we choose only those vertices which belong to .

Step 1. Our coset diagram has 86 orbits; we construct a matrix having entries from in the following way.
First, we find the orbit of coset diagram which contains Let us denote this orbit by and apply on , so that we reach . During this journey, we pass through , , , and and at the end reach . Write , and as first three elements of the first row of matrix.

After writing 3 vertices of any , in order to select the next copy from , we find a vertex , where , , , , , and are the vertices of , such that , where . If is already exhausted in previously chosen copies of , then we move to the copy of containing and so on. Apply on so that we pass through each vertex. Note that, in each , only three vertices belong to out of 6. Write these 3 vertices in matrix in order. The process continues until all the vertices of are exhausted. Next, pick from and write it as last element of the last row.

Step 2. Consider defined by ; the elements of can be represented by powers of (see Table 3), where is the root of irreducible polynomial over . In this step, we apply on each element of the matrix evolved in the first step. In this way, we obtain a matrix having entries from . Next, we convert each entry of the matrix into binary form and ultimately into decimal form (Table 4).

Before going to Step 3, let us define a map in the following way.

Let be the linear fractional transformation, obtained by the action of on ; that is, .

Clearly is of the form , where , and is a mapping from But, usually is not a bijective map.(i) Let there be elements of missing in the range of (ii) Let be repeated in the range of .(iii) Let be the smallest elements in whose images are , respectively.

Suppose that is the set of all those elements, except , whose images are , and is the set of missing elements in the range of . ThenIn this paper, we have taken .

Step 3. In this step, the bijective map defined byis applied on the matrix obtained at the end of Step 2 to evolve proposed S-box (Figure 5 and Table 5). More details of this last step are given in Table 2.

Table 2: Construction of S-box using linear fractional transformation.
Table 3: Representation of the elements of .
Table 4: matrix evolved after 2nd step.
Table 5: Proposed S-box evolved after 3rd step.
Figure 5: Flowchart for the construction of the proposed S-box.

5. Statistical Analysis and Simulation Results

In this section, we implement various security performance tests on newly created S-box to examine its special properties. The assessment of the characteristics of proposed S-box determines its application in different encryption methods and for security purposes. We use five different security performance tests, namely, linear approximation probability (LP), differential approximation probability (DP), nonlinearity, bit independence criterion (BIC), and strict avalanche criterion, to assess the cryptographic competence of substitution box. The results obtained from proposed S-box are then compared with the well-known S-boxes. The description of different types of tests implemented on these S-boxes is given below.

5.1. Nonlinearity

The concept of nonlinearity was first introduced by Pieprzyk and Finkelstein in 1988 [8]. It is the basic tool to measure the strength of the S-box. An S-box with bigger nonlinearity is more secure than that with lesser nonlinearity. The nonlinearity is expressed aswhere is Walsh spectrum and .

The average value of the nonlinearity of the proposed S-box is 106.75. In Table 6, nonlinearity of the proposed S-box is compared with multiple renowned substitution boxes. One can see that the nonlinearity of the proposed S-box is better than most of the familiar S-boxes.

Table 6: Nonlinearity of basic functions of various substitution boxes.
5.2. Bit Independence Criterion

According to bit independence criterion [9, 10], if any input bit is inverted, then the output bits and must change independently. In other words, the avalanche variables must be pairwise independent for a given set of avalanche vectors. We have tested the nonlinearity of bit independence criterion of S-box (Table 7). We also compared the minimum and average values of bit independence criterion along with square deviation of the proposed S-box with different renowned S-boxes (Table 8).

Table 7: Nonlinearity of bit independence criterion of the proposed S-box.
Table 8: Bit independence criterion of various substitution boxes.
5.3. Strict Avalanche Criterion

Strict avalanche criterion (SAC) introduced by Tavares and Webster is founded on the ideas of the avalanche and completeness effect [9, 10]. It is a formalization of the avalanche effect. If by complementing a single input bit all the output bits are changed with a 0.5 probability, SAC is said to be satisfied. Table 9 displays the outcomes of the strict avalanche criterion.

Table 9: Strict avalanche criterion of the proposed S-box.
5.4. Linear Approximation Probability

In linear approximation probability method, we examine the imbalance of an event [11]. The analysis is used to calculate the highest value of imbalance of the outcome of the event. The uniformity of the input bits should be similar to that of the output bits. Each th input bit is analyzed individually and its outcomes are checked in the output bits. The masks which are applied on the parity of both input and output bits are denoted by and , respectively. Mathematically,where represents the collection of all possible inputs and is the total number of elements. The results of this important analysis obtained from our S-box and different established S-boxes are given in Table 10. The comparison shows that our S-box is strong enough to deal with different linear attacks.

Table 10: Linear approximation probability analyses of different S-boxes.
5.5. Differential Approximation Probability

In this analysis, differential uniformity is determined by examining the mapping from the input bits to the output. The main focus of this test is to ensure differential uniformity; that is, the input differential must be associated with an output differential in a unique way.

It is represented bywhere and are the input and output differentials, respectively. We have applied differential approximation probability test on our S-box. The results are presented in Table 11.

Table 11: Differential probability of the proposed S-box.

6. Majority Logic Criterion

The majority logic criterion [12] is helpful in finding the premier candidate S-box fit for a certain kind of encryption application. In this criterion, image encryption strength of the S-box is investigated through statistical studies. A distortion in the image is created by encryption process; therefore, it is important to study the statistical characteristics. It is achieved with the help of various analyses such as entropy, contrast, correlation, energy, and homogeneity. The proposed S-box can further be used for encryption and multimedia security. In this paper, we have used two JPEG images, Pepper and Baboon, for MLC analysis. The results of these analyses in comparison with the other well-known S-boxes are depicted in Table 12. Figure 6 shows the result of image encryption with proposed S-box. The histogram of the original image and the encrypted images of Baboon and Pepper are shown in Figure 7. These results show that our S-box fulfills all the requirements to be declared as a very suitable S-box for encryption applications. Thus, it is recommended to become a part of algorithms designed for the secure transmission of information/data.

Table 12: Comparison of MLC for proposed S-box over different S-boxes.
Figure 6: Original image and the encrypted images using two rounds of encryption: (a) Pepper and (b) Baboon.
Figure 7: Histogram of the original image and the encrypted images: (a) Pepper and (b) Baboon.

7. Conclusion

In the present study, a strong S-box is created with the help of coset graph for the action of modular group and a bijective map. According to our information, this is the first use of coset graphs in the construction of S-box. The proposed S-box is highly secure and the results obtained from different analyses are nearly equal to the ideal ones. Therefore, it is very useful for secure communication.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.


  1. C. E. Shannon, “Communication theory of secrecy systems,” Bell Labs Technical Journal, vol. 28, pp. 656–715, 1949. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  2. J. Daemen and V. Rijmen, The Design of Rijndael-AES: The Advanced Encryption Standard, Springer, Berlin, Germany, 2002.
  3. P. J. Cameron, “encyclopaedia of design theory,” in Cayley Graphs and Coset Diagrams, pp. 1–9, 2013. View at Google Scholar
  4. B. Everitt, “Alternating quotients of the (3,q,r) triangle groups,” Communications in Algebra, vol. 25, no. 6, pp. 1817–1832, 1997. View at Publisher · View at Google Scholar · View at MathSciNet
  5. R. C. Lyndon and E. Paul, Combinatorial group theory, vol. 89, Springer, 2015.
  6. Q. Mushtaq and H. Servatius, “Permutation representation of the symmetry groups of regular hyperbolic tessellations,” Journal of the London Mathematical Society, vol. 2, no. 48, pp. 77–86, 1993. View at Google Scholar
  7. A. Torstensson, “Coset diagrams in the study of finitely presented groups with an application to quotients of the modular group,” Journal of Commutative Algebra, vol. 2, no. 4, pp. 501–514, 2010. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  8. J. Pieprzyk and G. Finkelstein, “Towards effective nonlinear cryptosystem design,” IEE Proceedings Part E Computers and Digital Techniques, vol. 135, no. 6, pp. 325–335, 1988. View at Publisher · View at Google Scholar · View at Scopus
  9. I. Vergili and M. D. Yücel, “Avalanche and bit independence properties for the ensembles of randomly chosen n × n s-boxes,” Turkish Journal of Electrical Engineering & Computer Sciences, vol. 9, no. 2, pp. 137–145, 2001. View at Google Scholar · View at Scopus
  10. A. F. Webster and S. E. Tavares, “On the design of s-boxes, advances in cryptology,” in Proceedings of CRYPTO’85, Springer, Berlin, Germany, 1986.
  11. E. Biham and A. Shamir, “Differential cryptanalysis of DES-like cryptosystems,” Journal of Cryptology, vol. 4, no. 1, pp. 3–72, 1991. View at Publisher · View at Google Scholar · View at Scopus
  12. I. Hussain, T. Shah, M. A. Gondal, and H. Mahmood, “Generalized Majority Logic Criterion to Analyze the Statistical Strength of S-Boxes,” Zeitschrift für Naturforschung A, vol. 67, no. 5, pp. 282–288, 2012. View at Publisher · View at Google Scholar
  13. M. T. Tran, D. K. Bui, and A. D. Doung, “Gray S-box for advanced encryption standard,” in Proceedings of the International Conference on Computer Intel Security, vol. 1, pp. 253–258, 2008.
  14. A. Gautam, G. S. Gaba, R. Miglani, and R. Pasricha, “Application of Chaotic Functions for Construction of Strong Substitution Boxes,” Indian Journal of Science and Technology, vol. 8, no. 28, pp. 1–5, 2015. View at Publisher · View at Google Scholar
  15. I. Hussain, T. Shah, H. Mahmood, M. A. Gondal, and U. Y. Bhatti, “Some analysis of S-box based on residue of prime number,” Proceedings of the Pakistan Academy of Sciences, vol. 48, no. 2, pp. 111–115, 2011. View at Google Scholar · View at Scopus
  16. I. Hussain, T. Shah, and H. Mahmood, “A new algorithm to construct secure keys for AES,” International Journal of Contemporary Mathematical Sciences, vol. 5, no. 25-28, pp. 1263–1270, 2010. View at Google Scholar · View at MathSciNet
  17. X. Y. Shi, Hu. Xiao, X. C. You, and K. Y. Lam, “A method for obtaining cryptographically strong 8*8 S-boxes,” in Proceedings of the International Conference on Advanced Information Networking and Applications, vol. 2, pp. 14–20, 2002.
  18. Skipjack and Kea, “Algorithm Specifications Version 2,”
  19. A. H. Alkhaldi, I. Hussain, and M. A. Gondal, “A novel design for the construction of safe S-boxes based on TDERC sequence,” Alexandria Engineering Journal, vol. 54, pp. 65–69, 2015. View at Publisher · View at Google Scholar
  20. G. Chen, Y. Chen, and X. Liao, “An extended method for obtaining S-boxes based on three-dimensional chaotic baker maps,” Chaos, Solitons & Fractals, vol. 31, no. 3, pp. 571–579, 2007. View at Publisher · View at Google Scholar · View at MathSciNet
  21. G. Tang, X. Liao, and Y. Chen, “A novel method for designing S-boxes based on chaotic maps,” Chaos, Solitons & Fractals, vol. 23, no. 2, pp. 413–419, 2005. View at Publisher · View at Google Scholar · View at Scopus
  22. M. Khan, T. Shah, and M. A. Gondal, “An efficient technique for the construction of substitution box with chaotic partial differential equation,” Nonlinear Dynamics, vol. 73, no. 3, pp. 1795–1801, 2013. View at Publisher · View at Google Scholar · View at MathSciNet · View at Scopus
  23. A. Belazi, M. Khan, A. A. A. El-Latif, and S. Belghith, “Efficient cryptosystem approaches: S-boxes and permutation–substitution-based encryption,” Nonlinear Dynamics, vol. 87, no. 1, pp. 337–361, 2017. View at Publisher · View at Google Scholar · View at Scopus
  24. A. Ullah, S. S. Jamal, and T. Shah, “A novel construction of substitution box using a combination of chaotic maps with improved chaotic range,” in Nonlinear Dynamics, vol. 88, pp. 2757–2769, Dynamics, 2017. View at Publisher · View at Google Scholar
  25. M. Khan, T. Shah, and S. I. Batool, “Construction of S-box based on chaotic Boolean functions and its application in image encryption,” Neural Computing and Applications, vol. 27, no. 3, pp. 677–685, 2016. View at Publisher · View at Google Scholar · View at Scopus