Security and Communication Networks

Security and Communication Networks / 2018 / Article

Research Article | Open Access

Volume 2018 |Article ID 3421725 | 9 pages | https://doi.org/10.1155/2018/3421725

An Injective S-Box Design Scheme over an Ordered Isomorphic Elliptic Curve and Its Characterization

Academic Editor: Vincenzo Conti
Received29 Sep 2018
Accepted07 Nov 2018
Published02 Dec 2018

Abstract

Elliptic curves (ECs) are considered as one of the highly secure structures against modern computational attacks. In this paper, we present an efficient method based on an ordered isomorphic EC for the generation of a large number of distinct, mutually uncorrelated, and cryptographically strong injective S-boxes. The proposed scheme is characterized in terms of time complexity and the number of the distinct S-boxes. Furthermore, rigorous analysis and comparison of the newly developed method with some of the existing methods are conducted. Experimental results reveal that the newly developed scheme can efficiently generate a large number of distinct, uncorrelated, and secure S-boxes when compared with some of the well-known existing schemes.

1. Introduction

A lot of advancements have been made in the field of computation methods in the past few decades. These advancements necessitate the improvements in the cryptosystems, since their security strength highly depends on the computational power. A cryptosystem is considered to be secure if it can create enough confusion/diffusion in the data [1]. Many well-known and commonly used cryptosystems including Data Encryption Standard (DES), Advanced Encryption Standard (AES), Twofish security system [2], Blowfish cryptosystem [3], and International Data Encryption Algorithm (IDEA) [4] use substitution box (S-box) for the data scrambling.

It is easy to observe that the cryptosystems using a single S-box are unable to create enough confusion/diffusion in the modern data with high correlation such as digital images [5]. Therefore, many cryptographers proposed the usage of multiple S-boxes for the encryption of such data. An S-box generation technique is said to be good for the encryption of highly correlated data, if it can efficiently generate a large number of secure and mutually uncorrelated S-boxes.

Many researchers have proposed different S-box generation schemes based on different mathematical structures. El-Ramly et al. [6] proposed an approach for the generation of strong S-boxes based on a Latin square. The length of the secret key used for these S-boxes is of 128 bits. Wu et al. [7] proposed Latin square doubly stochastic matrix to develop new S-boxes. Peng et al. [8] generated dynamic S-boxes using spatiotemporal chaotic system. Radhakrishnan et al. [9] developed an analytical approach to generate S-boxes. Wang et al. [10] proposed an S-box using chaos theory. Alkhaldi et al. [11] constructed S-boxes using tangent delay for ellipse cavity chaotic sequence and a particular permutation. The newly generated S-boxes have high resistance against linear and differential attacks. Khan and Azam [12] proposed a method for the construction of multiple S-boxes based on a group action and Gray codes. Similarly, Khan and Azam [13] presented another algorithm for the design of S-boxes based on affine and power mappings. It is shown computationally that all of the newly generated S-boxes have high security against modern attacks. However, each of these methods only generate 256 S-boxes.

Recently, elliptic curves (ECs) have received great attention in the field of cryptography. The ECs based cryptosystems provide higher security with smaller key size than classical cryptosystems [1418]. Jung et al. [19] characterized S-boxes over hyperelliptic curves. Hayat et al. [20, 21] proposed different methods for the generation of an S-box by using an elliptic curve (EC) over a prime field. Actually, the scheme in [21] is a generalization of the scheme in [20]. These techniques use -coordinates of the points on the EC followed by modulo 256 operation. Although, the schemes are capable of generating secure S-boxes, but each has time complexity , where is the underlying prime. Furthermore, the output of these algorithms is uncertain in the sense that it may or may not generate an S-box for each input parameters, and are independent of the underlying EC. Azam et al. [22] used some typical type of orderings on a class of Mordell elliptic curve (MEC) over a finite field to design an S-box in constant time. All these schemes can generate at most one S-box for a given EC.

The aim of this paper is to propose a novel method to efficiently construct a large number of distinct, mutually uncorrelated, and cryptographically strong injective S-boxes for a given EC. The proposed scheme uses -coordinates of the points on an ordered EC isomorphic to the given ordered MEC. The remaining part of the paper is arranged as follows: Section 2 contains some definitions and concepts which are necessary to understand this paper. The proposed algorithm and its characterization are given in Section 3. A detailed analysis and comparison of the newly developed method are given in Section 4. A summary of the paper is given in Section 5.

2. Preliminaries

An EC is one of the fundamental concepts in the field of arithmetic geometry and has many applications in the field of applied sciences. For a field and two integers such that , the elliptic curve over is defined to be the set of a symbol (identity of ) and all points satisfying the following cubic equationWe call , and the elliptic curve parameters of the EC . Two ECs and over the field are isomorphic if and only if there exists an integer such that and . We call the isomorphism parameter between and . In this setting, the isomorphism maps onto . It is easy to observe that isomorphism is an equivalence relation on the family of all ECs over the field .

Let be a prime. It is well-known that for prime there exists a unique finite field , up to the field isomorphism, with exactly elements. Note that the arithmetic operations over are performed with respect to the modulo (). There are total ECs over the field . The number of ECs isomorphic to a given EC over can be computed by Lemma 1 deduced from [23, Section 1.3 - 1.4].

Lemma 1. Let be a prime and be two integers. The number of ECs isomorphic to the EC is (1), if and has a non-zero element of group order 6;(2), if and has a non-zero element of group order 4;(3), otherwise.

Let be an EC. A bound on the number of points on the EC can be computed using Hasse’s theorem [24, 25]Note that the bound is independent of the parameters and . An EC over is said to be a Mordell elliptic curve (MEC), if . The following lemma gives the information of points on a special class of MECs.

Lemma 2 (see [25]). A MEC with () has exactly points with no repetition in their -coordinates.

We denote a MEC with () simply by and call it an EC unless stated otherwise.

Let be an EC with a total order and be an EC isomorphic to with the isomorphism parameter . We define an induced total order on aswhere .

An substitution box (S-box) is a mapping from to . Henceforth, S-box stands for injective S-box.

Azam et al. [22] defined three typical orderings namely natural N, diffusion D, and modulo diffusion M on a given EC for the generation of S-boxes. The main idea behind these ordering is the arrangement of the points with the same -coordinates. For the points on a given EC ,The natural ordering is the lexicographical order defined so that the points with the same -coordinates appear consecutively, while the diffusion and modulo diffusion orderings diffuse the points with the same -coordinates. The effect of these three orderings on the points of is shown in Table 1.


Ordering in non-decreasing order w.r.t. the ordering

0 0 2 2 5 5 7 7 9 9 10
N 1 10 3 8 4 7 5 6 2 9 0

0 2 5 0 2 10 9 5 7 7 9
D 1 3 4 10 8 0 2 7 5 6 9

9 0 5 7 7 2 9 5 0 2 10
M 2 1 7 5 6 3 9 4 10 8 0

3. The Proposed Scheme and Its Characterization

In this section, we present a simple and efficient method to generate a large number of distinct, mutually uncorrelated, and secure injective S-boxes based on the -coordinates of an EC for the encryption of highly correlated data. The proposed method takes inputs integers , a prime , two non-negative integers and , a positive integer such that and (mod ) and a total order on the EC . The output of the method is an injective S-box over the EC isomorphic to . The algorithm generates by choosing the -coordinates, with values less than , of the first points on the EC with respect to the induced ordering . Mathematically, can be expressed as where such that .

Note that the condition of is imposed so that the underlying EC has at least points.

Remark 3. By Lemma 2, the proposed method always output an S-box for each input parameters.

Lemma 4. The proposed method can be implemented in time.

Proof. By Lemma 2, we know that all integers from the interval will uniquely appear as -coordinate of the points on the EC . Thus, we can generate by finding and sorting the set with respect to the ordering .
Thus, by the group theoretic arguments we have where and are the multiplicative inverses of and in the field , respectively.
Assuming that is not a very large number, can be computed by using extended Euclidean algorithm in time . Therefore, finding for each and using them in the equation (mod ), we can easily compute the set in . The sorting operation on can be performed in time complexity . Hence, can be computed in .

We describe an efficient algorithm for the generation of proposed S-boxes based on Lemma 4 in Algorithm 1.

Input: Two integers , a prime , two non-negative integers and ,
  a positive integer such that and (mod ), and a total
  order on the EC .
Output: The proposed injective S-box .
  (1) Calculate the multiplicative inverse of in .
  (2) Sort all integers in the interval as: is a predecessor of , if
  , for any two integers .
  (3) output by selecting first integers from the sorted integers in .

Let be an EC with ordering and integers such that . We denote to be the number of distinct S-boxes generated by all ECs isomorphic to by using the proposed method. In Lemma 5, we drive an upper bound for the number .

Lemma 5. The number of distinct S-boxes generated by the proposed scheme is at most .

Proof. We know that in a MEC, . Also (mod 3), therefore 3 and 6 are not divisors of . Thus, by group theoretic argument does not have an element of order 6. So by Lemma 1(iii), the number of ECs isomorphic to is , and hence the proposed algorithm can generate at most distinct S-boxes by using .

Next, we prove a sufficient condition on so that the number of S-boxes generated due to the natural ordering is equal to the upper bound given in Lemma 5.

Lemma 6. For an integer such that , is .

Proof. Without loss of generality, we assume that the points on are arranged in non-decreasing order with respect to the ordering N and denotes its -th element. Note that, for a positive integer such that and , exactly one of the values is greater than , since their -coordinates are same on the EC . Thus, from the condition it follows that . The proof will complete, if we show that, for some and any such that the ECs and are different, it holds that i.e., . Without loss of generality, suppose on the contrary thatThis implies thatBut, in (11), since is additive inverse of . Thus, we haveWe show a contradiction for the case (13) and similar arguments can be used to prove for the case (14).
From , we have This implies that or , since is a prime. But, , and therefore holds. Thus by applying the multiplicative inverse , we get , and by group theoretic argument, either or the group order of is 3. But the former implies that are same, while the latter implies that 3 is a divisor of for (mod 3), which are contradictions. This implies that, , for all . Hence, each EC isomorphic to will generate a distinct S-box. Thus, by using Lemma 1, result follows.

Based on the computational results, we propose a stronger version of Lemma 6 which is independent of the underlying ordering on the EC . But, we did not manage to prove it rigorously.

Conjecture 7. For an integer such that , is .

4. Analysis and Comparison of the Proposed Method

A rigorous analysis of the proposed method is performed in this section. We used S-boxes generated by natural ordering N, diffusion ordering D and modulo diffusion ordering M for the analysis, since they are most commonly used in modern cryptosystems.

4.1. Security Analysis

We generated the S-boxes , and by sorting the ECs in non-decreasing order with respect to N, D, and M orderings for the security analysis. The S-boxes and are presented in Tables 24, respectively. A comparison of the experimental results with the strongest S-boxes generated by the algorithms in [2022, 2634] is also conducted in this section.


126 94 73 41 171 110 86 199 215 27 203 3 227 154 55 40
21 113 10 88 150 100 177 35 202 91 211 184 99 146 198 206
147 71 56 46 228 54 84 161 239 61 31 238 192 225 183 137
42 241 193 222 253 7 50 255 254 208 106 164 127 169 246 19
170 48 12 252 231 45 116 233 17 18 87 190 36 219 82 72
214 134 58 96 0 210 243 81 5 30 221 97 34 47 181 200
67 29 180 16 111 77 189 130 115 162 185 186 28 93 135 240
195 159 138 37 108 151 140 201 107 38 247 196 179 230 145 242
237 25 98 64 26 218 132 8 172 131 22 152 53 187 89 166
69 245 65 148 155 68 9 102 104 120 188 20 1 129 103 124
23 6 251 142 60 14 117 15 92 157 123 158 112 141 95 139
2 79 178 39 133 173 213 51 216 197 122 57 207 232 59 223
128 212 224 105 156 4 13 83 176 248 249 143 114 118 49 80
44 153 165 149 220 75 167 33 24 205 217 11 66 76 78 160
90 191 85 226 125 74 168 63 182 209 136 101 234 244 229 204
235 109 163 194 175 43 144 70 174 119 52 121 62 32 236 250


138 139 82 20 60 65 51 227 172 106 203 134 94 228 247 201
8 239 41 9 161 74 194 175 167 90 84 195 24 136 108 10
191 252 0 144 251 210 117 178 19 233 118 120 83 205 11 235
18 181 109 130 100 16 207 163 145 61 184 21 151 129 86 223
221 193 229 222 165 34 30 46 45 180 48 177 243 23 186 212
248 128 114 28 35 56 209 15 53 112 170 142 85 49 141 52
122 123 217 115 66 202 63 101 71 32 87 224 135 231 208 6
146 232 150 72 113 192 47 127 1 176 188 237 131 244 156 37
111 152 5 93 50 75 121 33 97 154 2 140 253 153 199 14
246 91 119 95 211 99 102 240 59 116 38 73 22 62 182 185
230 55 174 137 255 124 26 147 241 39 3 7 149 242 197 219
245 110 157 29 249 226 54 162 81 43 179 166 98 158 96 69
196 78 57 44 171 67 31 103 126 250 88 70 218 17 190 13
234 160 89 164 107 76 148 12 64 132 68 77 58 204 25 216
225 27 40 125 183 105 80 168 187 254 214 215 143 189 133 155
200 206 213 104 92 198 236 220 42 36 159 169 173 79 238 4


190 1 122 128 83 139 189 20 7 27 82 116 207 181 152 69
18 252 206 235 85 88 171 123 180 236 120 35 233 125 149 15
51 89 127 23 173 106 144 117 202 36 71 196 138 158 70 145
210 162 25 110 28 38 250 191 221 160 39 198 124 178 114 246
150 98 226 183 179 48 12 40 68 230 255 228 62 30 113 108
72 52 81 211 155 212 79 241 137 56 9 232 22 103 229 84
26 248 49 225 115 166 78 87 169 148 92 209 188 119 102 55
218 176 73 201 59 134 17 131 146 91 253 42 172 44 32 86
186 76 213 157 94 37 109 203 142 242 132 29 227 34 105 104
224 77 223 11 3 192 141 216 112 58 0 63 234 90 45 5
220 193 151 47 31 121 2 251 41 168 244 60 95 67 93 74
237 197 129 130 159 170 65 143 164 133 219 135 222 50 247 161
174 14 16 53 195 24 245 21 136 8 240 96 175 208 97 80
57 46 238 64 214 217 75 10 243 19 239 4 43 165 167 205
199 249 254 187 33 13 99 126 6 107 163 100 66 215 231 101
194 54 184 154 177 185 118 182 140 147 61 204 200 111 156 153

4.1.1. Linear Attacks

For a secure S-box it is necessary to have high security against linear cryptanalysis. The security of an S-box against linear attacks is quantified by computing its linear approximation probability LAP, non-linearity NL(), and algebraic complexity AC.

The linear approximation probability LAP is an approximation of by calculating the coincidence between input and output bits. For , the mathematical expression of LAP iswhere “” is the dot product over .

The non-linearity NL is the minimum distance of from all affine transformations on the Galois field , i.e.,where , , , and “” is the addition over .

The algebraic complexity AC is the number of non-zero coefficients in the linear polynomial [35] representation of .

An S-box is said to be highly secure against linear attacks if its LAP is small, while NL and AC are large. The LAP, NL and AC of the listed S-boxes are presented in Table 5. It is clear from the table that the LAP of the proposed S-boxes is low, while their NL and AC are high enough to resist the linear attacks efficiently. Note that the average value of LAP of the proposed S-boxes is which is less than that of the S-boxes in [21, 22, 27, 31], while their average NL and AC are 106 and 254 which are higher than that of [20, 26, 27, 29, 3133] and [28, 30, 31], respectively. This implies that the proposed method is capable of generating S-boxes with high security against linear attacks than some of the listed S-boxes.


S-boxesLinear Attacks DAP Analysis of Boolean Functions
LAPNLAC SAC(max)SAC(min)BIC(max)BIC(min)

Ref. [20]0.14061042550.03910.62500.39060.53130.4707
Ref. [21]0.1484106 2540.03910.57810.43750.53520.4648
Ref. [22] 0.1484 106255 0.0391 0.6406 0.40630.53710.4707
Ref. [26]0.13281032550.03910.57030.39840.53520.4727
Ref. [27]0.14841022540.03910.60940.37500.52150.4707
Ref. [28]0.14061062510.03910.59380.43750.53130.4648
Ref. [29]0.1091042550.04690.59300.39000.4990.454
Ref. [30]0.06211290.01560.56200.45300.5040.48
Ref. [31]0.2109742530.05470.68750.10940.55080.4023
Ref. [32]0.13281002550.05470.60940.42190.53130.4746
Ref. [33] 0.13281002550.03910.59360.42190.53710.4688
Ref. [34]0.1251102550.0391056250.43750.55470.4727
0.18751062530.03910.60940.40630.52730.4648
0.14841062550.03910.56250.42180.51950.4648
0.13281062550.03910.57810.39060.53520.4648
0.13281062550.03910.64060.40620.52130.4727
0.13281062540.03910.59380.43750.53520.4766
0.13281062540.03910.59380.40630.53520.4727

4.1.2. Differential Attacks

In these attacks, the S-box is approximated by understanding the effect of input differentials on the outputs. The differential approximation probability DAP of is a well-known method to measure its resistance against differential attacks. It is computed by finding the coincidence between the difference of outputs and the inputs differing with some value. For ,The smaller is the DAP, the higher is the resistance of against differential attacks. The results of this test for the listed S-boxes are given in Table 5. The DAP of the newly generated S-boxes is 0.0391, while the DAP of the S-boxes in [2022, 2628, 3134] is at least 0.0391. Thus it follows that S-boxes based on the presented technique have high resistance against differential attacks than the listed S-boxes.

4.1.3. Analysis of Boolean Functions

It is essential for a secure S-box to create confusion/diffusion in the data up to a certain level [1]. The confusion/diffusion creation capabilities of an S-box are measured by analyzing its Boolean functions. The strict avalanche criterion (SAC) and the bit independence criterion (BIC) are the two standard methods to analyze these capabilities. Let be -th Boolean function of and with weight The SAC of is implemented by computing the matrix , whereSimilarly, the BIC is applied by calculating the matrix , whereAn S-box satisfies the SAC and the BIC if all non-zero entries of and are close to . The results of these tests are represented by listing the maximum and minimum non-zero values of their matrices in Table 5. The average of maximum and minimum values of SAC and BIC of the newly constructed S-boxes are and and 0.52895 and 0.4694, respectively. This implies that the entries of and are approaching the optimal value . Hence, it is evident from the experiments that the proposed S-box design method is capable of generating cryptographically secure S-boxes.

4.2. Statistical Analysis

Statistical analyses are performed on the proposed scheme to quantify its efficiency for the generation of dynamical S-boxes for the encryption of highly correlated data.

4.2.1. Distinct S-Boxes

An S-box generation technique is said to be good for the generation of dynamical S-boxes and highly resistive against the brute force attack, if it can generate a large number of distinct S-boxes. For a given prime and for each EC , we have generated all distinct S-boxes by using all ECs isomorphic to . The number of distinct S-boxes for some primes is listed in Table 6.


257 263 269 281 293

Distinct S-boxes by the proposed method due the ordering 65536 68644 71824 78400 85264
65536 68644 71824 78400 85264
65536 68644 71824 78400 85264

Distinct S-boxes by [20, 21] 0

Distinct S-boxes by [22]256 262 268 280 292

Note that, with the increase in the value of , the number of S-boxes generated by the proposed method also increases. Thus, by choosing some large prime, the proposed method can generate a large number of dynamic S-boxes, and therefore it can easily resist the brute force attacks. For the comparison, the maximum possible number of S-boxes that can be generated by the other schemes [2022] over an EC is also listed in Table 6. It is evident from Table 6 that the proposed method is more suitable for the generation of dynamic S-boxes than the listed schemes.

4.2.2. Correlation Test

An S-box design technique is good for the encryption of highly correlated data, if its S-boxes can generate enough confusion/diffusion in the data. The confusion/diffusion creation capability of an S-box scheme can be evaluated by computing the correlation coefficient (CC) and the number of fixed points in its S-boxes. The CCs of distinct S-boxes for some values of and are shown in Figure 1. For each listed and , the S-boxes are indexed in an increasing order with respect to their isomorphism parameter .

The average CCs between the S-boxes in Figures 1(a)1(d) are 0.0085, 0.0026, 0.0015, and 0.00034, respectively, which are very close to 0. Therefore, the newly generated S-boxes are highly uncorrelated. Furthermore, we have calculated the average number of fixed points in all S-boxes for the primes used in Table 6. The results are shown in Table 7.


257 263 269 281 293

Avg. # fixed points by the proposed method and ordering 0.9929 0.99791.00610.99760.9912
1.05541.08281.0643 1.0687 1.0782
1.00010.99911.00180.9998 0.9970

Avg. # fixed points by [22] 0.9766 1.0611 0.9291 1.1107 1.2089

Experimental results show that the average number of the fixed points generated by the proposed method is at most 1 (by rounding to the nearest integer). Hence, by correlation test and fixed point test, it is evident that the proposed S-box design technique is capable of generating high confusion/diffusion in a highly correlated data.

4.3. Complexity Analysis

It is necessary for a good S-box design scheme to generate secure S-boxes efficiently. By Lemma 4, the time complexity of the proposed method for the generation of S-box is , where is the underlying prime. A comparison of the time complexity of different S-box schemes over ECs is given in Table 8. It is evident from the comparison that the proposed S-box generation method is efficient than the techniques in [20, 21].


S-box [20] [21] [22]Proposed method

Time complexity

5. Conclusion

An efficient method for the generation of a large number of distinct, uncorrelated, and cryptographically secure injective multiple S-boxes is presented in this paper. The proposed scheme uses an elliptic curve (EC) isomorphic to a given ordered Mordell elliptic curve (MEC) over , where (mod 3). It is proved that the proposed method can be implemented efficiently in . An upper bound is derived on the number of S-boxes generated by the proposed method for the EC . It is also shown that the upper bound can be achieved for the natural ordering if . Furthermore, a detailed security analysis and comparison of the proposed method with some of the existing schemes is conducted. Experimental results reveal that the newly developed method can efficiently generate cryptographically secure, dynamic, and uncorrelated S-boxes. Hence, the proposed method is secure for the encryption of highly correlated data.

Data Availability

All formulas and parameters for the data used in this paper are given. Therefore, one can easily generate the data.

Conflicts of Interest

There are no conflicts of interest regarding the publication of this article.

Acknowledgments

This project is partially funded by JSPS KAKENHI Grant no. 18J23484.

References

  1. C. E. Shannon, “Communication theory of secrecy systems,” Bell Labs Technical Journal, vol. 28, no. 4, pp. 656–715, 1949. View at: Publisher Site | Google Scholar | MathSciNet
  2. B. Schneier, The Twofish Encryption Algorithm: A 128-Bit Block Cipher, John Wiley and Sons Inc, New York, NY, USA, 1999, ISBN: 0471353817.
  3. B. Schneier, “Description of a new variable-length key, 64-bit block cipher (Blowfish),” in Fast Software Encryption, vol. 809 of Lecture Notes in Computer Science, pp. 191–204, Springer, Berlin, Germany, 1994. View at: Publisher Site | Google Scholar
  4. X. Lai and J. L. Massey, “A proposal for a new block encryption standard,” in Advances in cryptology---{EUROCRYPT} '90 (Aarhus, 1990), vol. 473 of Lecture Notes in Comput. Sci., pp. 389–404, Springer, Berlin, 1991. View at: Publisher Site | Google Scholar | MathSciNet
  5. N. A. Azam, “A Novel Fuzzy Encryption Technique Based on Multiple Right Translated AES Gray S-Boxes and Phase Embedding,” Security and Communication Networks, vol. 2017, Article ID 5790189, 9 pages, 2017. View at: Publisher Site | Google Scholar
  6. S. El-Ramly, T. El-Garf, and A. Soliman, “Dynamic generation of s-boxes in block cipher systems,” in Proceedings of the Eighteenth National Radio Science Conference. NRSC'2001, pp. 389–397, Mansoura, Egypt. View at: Publisher Site | Google Scholar
  7. Y. Wu, J. P. Noonan, and S. Agaian, “Dynamic and implicit latin square doubly stochastic S-boxes with reversibility,” in Proceedings of the 2011 IEEE International Conference on Systems, Man, and Cybernetics, SMC 2011, pp. 3358–3364, USA, October 2011. View at: Google Scholar
  8. J. Peng, S. Jin, L. Lei, and X. Liao, “Construction and analysis of dynamic S-boxes based on spatiotemporal chaos,” in Proceedings of the 11th IEEE International Conference on Cognitive Informatics and Cognitive Computing, ICCI*CC 2012, pp. 274–278, Japan, August 2012. View at: Google Scholar
  9. S. V. Radhakrishnan and S. Subramanian, “An analytical approach to s-box generation,” Computers and Electrical Engineering, vol. 39, no. 3, pp. 1006–1015, 2013. View at: Publisher Site | Google Scholar
  10. Y. Wang, K.-W. Wong, C. Li, and Y. Li, “A novel method to design S-box based on chaotic map and genetic algorithm,” Physics Letters A, vol. 376, no. 6-7, pp. 827–833, 2012. View at: Publisher Site | Google Scholar
  11. A. H. Alkhaldi, I. Hussain, and M. A. Gondal, “A novel design for the construction of safe S-boxes based on TDERC sequence,” Alexandria Engineering Journal, vol. 54, pp. 65–69, 2015. View at: Publisher Site | Google Scholar
  12. M. Khan and N. A. Azam, “Right translated AES gray S-boxes,” Security and Communication Networks, vol. 8, no. 9, pp. 1627–1635, 2015. View at: Publisher Site | Google Scholar
  13. M. Khan and N. A. Azam, “S-boxes based on affine mapping and orbit of power function,” 3D Research, vol. 6, article 12, 2015. View at: Publisher Site | Google Scholar
  14. V. S. Miller, “Use of elliptic curves in cryptography,” in Advances in Cryptology—CRYPTO'85, H. C. Williams, Ed., vol. 218 of Lecture Notes in Computer Science, pp. 417–426, Springer, 1986. View at: Publisher Site | Google Scholar | MathSciNet
  15. N. Koblitz, A Course in Number Theory and Cryptography, Springer, New York, NY, USA, 1994. View at: MathSciNet
  16. F.-H. Hsiao, “Applying elliptic curve cryptography to a chaotic synchronisation system: neural-network-based approach,” International Journal of Systems Science, vol. 48, no. 14, pp. 3044–3059, 2017. View at: Publisher Site | Google Scholar | MathSciNet
  17. X. Fang and Y. Wu, “Investigation into the elliptic curve cryptography,” in Proceedings of the 3rd International Conference on Information Management, ICIM 2017, pp. 412–415, China, April 2017. View at: Google Scholar
  18. H.-Y. Chien, “Elliptic Curve Cryptography-Based RFID Authentication Resisting Active Tracking,” Wireless Personal Communications, vol. 94, no. 4, pp. 2925–2936, 2017. View at: Publisher Site | Google Scholar
  19. J. H. Cheon, S. Chee, and C. Park, “S-boxes with Controllable Nonlinearity,” in Advances in Cryptology — EUROCRYPT ’99, vol. 1592 of Lecture Notes in Computer Science, pp. 286–294, Springer Berlin Heidelberg, Berlin, Heidelberg, 1999. View at: Publisher Site | Google Scholar
  20. U. Hayat, N. A. Azam, and M. Asif, “A Method of Generating 8 × 8 Substitution Boxes Based on Elliptic Curves,” Wireless Personal Communications, vol. 101, no. 1, pp. 439–451, 2018. View at: Publisher Site | Google Scholar
  21. U. Hayat and N. A. Azam, “A novel image encryption scheme based on an elliptic curve,” Signal Processing, vol. 155, pp. 391–402, 2019. View at: Publisher Site | Google Scholar
  22. N. A. Azam, U. Hayat, and I. Ullah, Efficient Construction of S-boxes Based on a Mordell Elliptic Curve Over a Finite Field, 1809, https://arxiv.org/pdf/1809.11057.pdf.
  23. H. W. Lenstra Jr., “Factoring integers with elliptic curves,” Annals of Mathematics, vol. 126, no. 3, pp. 649–673, 1987. View at: Publisher Site | Google Scholar | MathSciNet
  24. S. Turner, D. Brown, K. Yiu, R. Housley, and T. Polk, “Elliptic Curve Cryptography Subject Public Key Information,” RFC Editor RFC5480, 2009. View at: Publisher Site | Google Scholar
  25. L. C. Washington, Elliptic Curves Number Theory and Cryptography, Discrete Mathematics and its Applications, Discrete Mathematics and its Applications, Chapman & Hall/CRC, University of Maryland College Park, College Park, MD, USA, 2nd edition, 2008. View at: MathSciNet
  26. G. Tang, X. Liao, and Y. Chen, “A novel method for designing S-boxes based on chaotic maps,” Chaos, Solitons and Fractals, vol. 23, no. 2, pp. 413–419, 2005. View at: Google Scholar
  27. G. Chen, “A novel heuristic method for obtaining S-boxes,” Chaos, Solitons & Fractals, vol. 36, no. 4, pp. 1028–1036, 2008. View at: Publisher Site | Google Scholar
  28. Y. Wang, L. Yang, . Min Li, and S. Song, “A method for designing S-box based on chaotic neural network,” in Proceedings of the 2010 Sixth International Conference on Natural Computation (ICNC), pp. 1033–1037, Yantai, China, August 2010. View at: Publisher Site | Google Scholar
  29. J. Kim and R. C.-W. Phan, “Advanced differential-style cryptanalysis of the NSA's Skipjack block Cipher,” Cryptologia, vol. 33, no. 3, pp. 246–270, 2009. View at: Publisher Site | Google Scholar
  30. J. Daemen and V. Rijmen, The Design of Rijndael: AES-The Advanced Encryption Standard, Springer, Berlin, Germany, 2002. View at: Publisher Site | MathSciNet
  31. A. Gautam, G. S. Gaba, R. Miglani, and R. Pasricha, “Application of Chaotic Functions for Construction of Strong Substitution Boxes,” Indian Journal of Science and Technology, vol. 8, no. 28, pp. 1–5, 2015. View at: Publisher Site | Google Scholar
  32. G. Chen, Y. Chen, and X. Liao, “An extended method for obtaining S-boxes based on three-dimensional chaotic baker maps,” Chaos, Solitons & Fractals, vol. 31, no. 3, pp. 571–579, 2007. View at: Publisher Site | Google Scholar | MathSciNet
  33. F. Özkaynak and A. B. Özer, “A method for designing strong S-Boxes based on chaotic Lorenz system,” Physics Letters A, vol. 374, no. 36, pp. 3733–3738, 2010. View at: Publisher Site | Google Scholar
  34. Y. Wang, P. Lei, and K.-W. Wong, “A method for constructing bijective S-box with high nonlinearity based on chaos and optimization,” International Journal of Bifurcation and Chaos, vol. 25, no. 10, 1550127, 15 pages, 2015. View at: Publisher Site | Google Scholar | MathSciNet
  35. R. Lidl and H. Niederreiter, Introduction to Finite Fields and their Applications, Cambridge University Press, Cambridge, UK, 1st edition, 1994. View at: Publisher Site | MathSciNet

Copyright © 2018 Naveed Ahmed Azam et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


More related articles

616 Views | 349 Downloads | 1 Citation
 PDF  Download Citation  Citation
 Download other formatsMore
 Order printed copiesOrder

Related articles

We are committed to sharing findings related to COVID-19 as quickly and safely as possible. Any author submitting a COVID-19 paper should notify us at help@hindawi.com to ensure their research is fast-tracked and made available on a preprint server as soon as possible. We will be providing unlimited waivers of publication charges for accepted articles related to COVID-19. Sign up here as a reviewer to help fast-track new submissions.