Abstract

Substitution box (-box), being the only nonlinear component, contributes to the confusion creating capability of a cryptosystem. Keeping in view the predominant role of -box, many design algorithms to synthesize cryptographically stronger -boxes have gained pivotal attention. A quick review of these algorithms shows that all these ideas mainly concentrate on the choice of bijective Boolean functions, with nonobservance to the irreducible polynomial that generates the Galois field. In this paper, we propose that the selection of irreducible polynomial has a deep influence on the highly desirable features of an -box such as nonlinearity, strict avalanche, bit independence, linear approximation probability, and differential approximation probability. We underpin our claim by investigating a detailed model, which deploys the same algorithm but different polynomials and produces unusual changes in the results regarding the performance parameters of -box.

1. Introduction

Electronic exchange of data has undoubtedly revolutionized the communication in recent years but, on the other hand, the secure transfer of confidential material over Internet has become the biggest challenge nowadays. It definitely demands seriously high level of security. The main problem is to avoid unauthorised access to the secret data. To achieve the desired level of security, many techniques such as cryptography, watermarking, and steganography have been the major focus of research for past few years [15]. In this paper, we deal with cryptography.

Cryptography is categorized into two types, symmetric key cryptography and asymmetric key cryptography. The symmetric key cryptography can be further split into two types: block ciphers and the stream ciphers. Advanced Encryption Standard is an example of block cipher that was officially adopted by the US government as the Federal Information Processing Standard (FIPS) in May 2002. AES algorithm [6] is based on four steps: round key addition, byte substitution, shift row, and mix column, but the most influential of all these is the byte substitution step. This step relies on a substitution box (-box), which serves as the only nonlinear component in any substitution-permutation network (SPN).

It has been established that the substitution box (-box) is a standout in different block ciphers and is a widely used mechanism in any substitution-permutation network as a source to produce nonlinearity [6]. It renders an absolutely complex, unforeseeable layout to requite various blocks of bits in output data. To extend high resistance against unexpected surveillance, -box structure is required to fulfil certain standards. The indispensable involvement of -box to induce complexity and nonlinearity motivates studying the properties and algorithms for safer and more reliable -boxes. In this regard, many advanced structural developments are witnessed in literature. Khan et al. [7] proposed a technique for -box construction based on chaotic Lorenz systems. Hussain et al. presented -box algorithms using generalized Bakers map [8] and projective general linear group [9]. Algebraic, analytical, and chaotic approaches for -box are studied in [1013]. Özkaynak et al. [14] applied fractional-order chaotic Chen system, to develop -box. Tian and Lu [15] structured dynamic chaos-based -box in conjunction with DNA sequence operation. Some other more efficient algorithms could be reviewed in [6, 1620]. In addition to this, applications of -boxes in digital image encryption, steganography, and watermarking have become quite popular and influential in recent years [4, 11, 13, 21].

The study of innovation in design algorithms for -boxes witnesses that the change of model and the selection of Boolean function contribute little to the performance indices of an -box. We, in this paper, propose that the performance of an -box is highly related to the background Galois field. The fact that finite fields of the same order are isomorphic is definitely of worth but the scrambling effect of a nonlinear Boolean function applied on two different fields of the same order might vary. Since in cryptography, an -box is the salient component used to produce confusion in the data, it is worth studying that the confusion creating ability is associated with the choice of the irreducible polynomial used to form the background Galois field.

In [9], Hussain et al. presented an algorithm for generating -box through the application of a linear fractional transformation on the Galois field , structured by the polynomial . We in the proposed work show that the same algorithm used for a different polynomial exhibits highly improved values of nonlinearity, strict avalanche criterion (SAC), bit independent criterion (BIC), linear approximation probability (LAP), and differential approximation probability (DAP). By comparing the numerical results of these tests, we prove that different polynomials produce significantly different results. This observation leads to revising the existing models by choosing different background polynomials as it could be more influential in improvement of ideas rather changing the whole scheme.

We organize the contents of this paper as follows. In Section 2, we discuss the properties of the background Galois field . The detailed algorithm for the design of the -box is presented in Section 3. Section 4 deals with the analyses of -boxes against several common attacks and the comparison of respective results. We further compare the cryptographic standing of both of the newly synthesized -boxes with the state-of-the-art AES -box. Conclusion is presented in Section 5.

2. Generating Polynomial and the Galois Field

For any prime , Galois field is expressed as the factor ring where is an irreducible polynomial of degree . For we choose an irreducible polynomial of degree that generates the maximal ideal of the principal ideal domain . We know that the multiplicative group of the resultant field is cyclic and hence each nonzero element of the field can be expressed as a power of the generator .

In order to support our claim regarding the effect of polynomial, we choose two irreducible primitive polynomials and of degree , to construct Galois fields and , respectively, where and , as used in [9]. We may choose other polynomials as well to compare our calculations but the selected pair beautifully serves for the purpose. Let represents the multiplicative group of the Galois field, . The exponential form of elements of the multiplicative group , along with their inverses, is represented in Table 1; however the elements of are presented in Table of [9]. In the next section, we use these calculations to develop the corresponding -boxes.

3. Algorithm for -Box

An   -box is defined by a vector Boolean function , defined as where and each of ’s is regarded as a component Boolean function.

For a field , the general linear group is a group formed by all invertible matrices. A projective general linear group of degree over a field is defined to be the quotient group of by its center. For this paper, we form the   -box by considering the action of the Galois field on the projective linear group ; that is, we take a function defined as follows:

In (2), is known as a linear fractional transformation (LFT) with and satisfying the nondegeneracy condition . The ease of implementation, lesser computational labour, and high algebraic complexity of an LFT are the prime features that give incentive to employ this map for byte substitution. We may choose any values for LFT parameters that satisfy the aforementioned condition but, for the presented calculations, we, in particular, choose the same values as in [9], so that a comparison could be set easily. We consider and . The images of the map , when applied on and , produce our -boxes and , respectively, as shown in Tables 2 and 3.

4. Performance Analysis of -Boxes

The cryptographic strength if the -boxes, generated in the foregoing section, are examined through the most widely used analysis techniques such as nonlinearity, bit independence, strict avalanche, and linear and differential approximation probabilities. In the following subsections we present all these performance indices one by one and compare the performance of and with one another, as well as, with the ever-prevailing algorithm AES.

4.1. Nonlinearity

Nonlinearity analysis measures the distance of the reference function from all of the affine functions. Nonlinearity criterion outlines the total number of bits that must be altered in the truth table of a Boolean function to get close to the nearby affine function [22].

Table 4 shows that, for , the average nonlinearity measure is , which is the highest figure attained by the AES -box. Figure 1 shows the comparison which clearly depicts outstanding performance of as compared to .

4.2. Linear Approximation Probability

The measure of unevenness of an event is determined by linear approximation probability. This analysis is used to evaluate the maximum imbalance of the outcome. Mathematically, the linear approximation probability for a given -box is defined as follows: where represents the set of all possible inputs and and are the input and output masks, respectively. Numerical results presented in Table 5 and compared in Figure 2 show that the linear approximation probability of is much better than .

4.3. Differential Approximation Probability

For further analysis, we use the differential approximation probability, which determines the differential uniformity demonstrated by an -box. The mathematical expression for DP is given by the following: In the above-mentioned expression input and output differentials are represented by and , respectively. The smaller the differential uniformity, the stronger the -box. It is evident from Table 5 and Figure 3 that in terms of the differential approximation probability is much stronger than .

4.4. Strict Avalanche Criterion

This criterion examines the changes in the output bits caused as a result of single input bit change. This is one of the most desirable features of any cryptographic design that when we change a single input bit, changes must occur in half of the output bits. In other words an -box, is said to satisfy SAC if, for a change in an input bit, the probability of change in the output bit is . The results are shown in Table 5 and Figure 4.

4.5. Bit Independence Criterion

The independent behavior of the pair of variables and the variations of input bits are considered as important factors of bit independence criterion. In bit independence criterion, input bits are transformed exclusively, and then output results are scrutinized for their independency [23]. Bit independence has great worth in cryptographic structures. The goal of reaching the maximum complexity and perplexity in a system can be achieved through this property of increasing independence between the bits. In cryptographic systems, the increased independence between bits is an essential requirement as it makes harder to understand and forecast the design of the system.

The numerical results of BIC when applied to the proposed -box are given in Table 5 and are compared in Figure 5. It can be observed that according to these results our -box is pretty similar to the AES -box and is much better than .

One can observe that overall performance of is much better than that of . The performance parameters for seem to be pretty close to that of AES -box. The algorithm used for both and is the same but the primitive polynomial selected to generate the Galois field is different, which really contributes to the outputs.

5. Conclusion

The kernel of the presented work lies in the fact that the choice of the background Galois field and its generating primitive polynomial matters to the function and performance of the substitution boxes. This fact leads to the fascinating idea that, rather than the development of new algorithms, the improvement of the existing algorithms is worth studying as its least laborious but most effective. We propose, on the basis of the example discussed, that the effect of the choice of generating polynomial may lead to an intensive research in future to modify the design models of -boxes. It will definitely affect the applications of -boxes in other branches of the digital communication, such as steganography, watermarking, and image encryption.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this paper.

Acknowledgments

The authors are grateful to the Sarhad University of Science and Information Technology (Pakistan), for providing partial funding for this research work.