Generating S-Boxes from Semi-fields Pseudo-extensions

Block ciphers, such as the AES, correspond to a very important family of secret-key cryptosystems. The security of such systems partly relies on what is called the S-box. This is a vectorial Boolean function f : F n 2 ֒→ F n 2 , where n is the size of the blocks. It is often the only non linear opera-tion in the algorithm. The most well-known attacks against block ciphers algorithms are the known-plaintext attacks called differential cryptanal-ysis [4, 10] and linear cryptanalysis [11]. To protect such cryptosystems against linear and differential attacks, S-boxes are designed to fulfill some cryptographic criteria (balancedness, high nonlinearity, high algebraic de-gree, avalanche, or transparency [2, 12]) and are usually defined on finite fields, like F2n [7, 3]. Unfortunately, it seems difficult to find good S-Boxes, at least for bijective ones: random generation does not work [8, 9] and the one used in the AES or Camellia are actually variations around a single function, the inverse function in F2n . Would the latter function have an unforeseen weakness (for instance if more practical algebraic attacks are developped), it would be desirable to have some replacement candidates. For that matter, we propose to weaken a little bit the algebraic part of the design of S-Boxes and use finite semi-fields instead of finite fields to build such S-Boxes. Finite semi-fields relax the associativity and com-mutativity of the multiplication law. While semi-fields of a given order are unique up to isomorphism, on the contrary semi-fields of a given order can be numerous: nowadays, on the one hand, it is for instance easy to generate all the 36 semi-fields of order 2 4 , but, on the other hand, it is not even known how many semi-fields are there of order 2 8 . Therefore, we propose to build S-Boxes via semi-fields pseudo extensions of the form S 2 2 4 , where S 2 4 is any semi-field of order 2 4 , and mimic in this structure the use of the inverse function in a finite field. We report here the construction of 10827 S-Boxes, 7052 non CCZ-equivalent, with maximal nonlinearity, differential invariants, degrees and bit interdependency. Among the latter 2963 had fix points, and among the ones without fix points, 3846 had the avalanche level of AES and 243 1 the better avalanche level of Camellia. Among the latter 232 have a better transparency level than the inverse function on a finite field

C-DIFFERENTIALS AND GENERALIZED CRYPTOGRAPHIC PROPERTIES OF VECTORIAL BOOLEAN AND P-ARY FUNCTIONS

This dissertation investigates a newly defined cryptographic differential, called a c-differential, and its relevance to the nonlinear substitution boxes of modern symmetric block ciphers. We generalize the notions of perfect nonlinearity, bentness, and avalanche characteristics of vectorial Boolean and p-ary functions using the c-derivative and a new autocorrelation function, while capturing the original definitions as special cases (i.e., when c=1). We investigate the c-differential uniformity property of the inverse function over finite fields under several extended affine transformations. We demonstrate that c-differential properties do not hold in general across equivalence classes typically used in Boolean function analysis, and in some cases change significantly under slight perturbations. Thus, choosing certain affine equivalent functions that are easy to implement in hardware or software without checking their c-differential properties could potentially expose an encryption scheme to risk if a c-differential attack method is ever realized. We also extend the c-derivative and c-differential uniformity into higher order, investigate some of their properties, and analyze the behavior of the inverse function's second order c-differential uniformity. Finally, we analyze the substitution boxes of some recognizable ciphers along with certain extended affine equivalent variations and document their performance under c-differential uniformity.Commander, United States NavyApproved for public release. Distribution is unlimited

An analysis and a comparative study of cryptographic algorithms used on the internet of things (IoT) based on avalanche effect

Ubiquitous computing is already weaving itself around us and it is connecting everything to the network of networks. This interconnection of objects to the internet is new computing paradigm called the Internet of Things (IoT) networks. Many capacity and non-capacity constrained devices, such as sensors are connecting to the Internet. These devices interact with each other through the network and provide a new experience to its users. In order to make full use of this ubiquitous paradigm, security on IoT is important. There are problems with privacy concerns regarding certain algorithms that are on IoT, particularly in the area that relates to their avalanche effect means that a small change in the plaintext or key should create a significant change in the ciphertext. The higher the significant change, the higher the security if that algorithm. If the avalanche effect of an algorithm is less than 50% then that algorithm is weak and can create security undesirability in any network. In this, case IoT. In this study, we propose to do the following: (1) Search and select existing block cryptographic algorithms (maximum of ten) used for authentication and encryption from different devices used on IoT. (2) Analyse the avalanche effect of select cryptographic algorithms and determine if they give efficient authentication on IoT. (3) Improve their avalanche effect by designing a mathematical model that improves their robustness against attacks. This is done through the usage of the initial vector XORed with plaintext and final vector XORed with cipher tect. (4) Test the new mathematical model for any enhancement on the avalanche effect of each algorithm as stated in the preceding sentences. (5) Propose future work on how to enhance security on IoT. Results show that when using the proposed method with variation of key, the avalanche effect significantly improved for seven out of ten algorithms. This means that we have managed to improve 70% of algorithms tested. Therefore indicating a substantial success rate for the proposed method as far as the avalanche effect is concerned. We propose that the seven algorithms be replaced by our improved versions in each of their implementation on IoT whenever the plaintext is varied.Electrical and Mining EngineeringM. Tech. (Electrical Engineering

Construction of Balanced Boolean Functions with High Nonlinearity and Good Autocorrelation Properties

Boolean functions with high nonlinearity and good autocorrelation properties play an important role in the design of block ciphers and stream ciphers. In this paper, we give a method to construct balanced Boolean functions on $n$ variables, where $n\ge 10$ is an even integer, satisfying strict avalanche criterion (SAC). Compared with the known balanced Boolean functions with SAC property, the constructed functions possess the highest nonlinearity and the best global avalanche characteristics (GAC) property

A strong construction of S-box using Mandelbrot set an image encryption scheme

The substitution box (S-box) plays a vital role in creating confusion during the encryption process of digital data. The quality of encryption schemes depends upon the S-box. There have been several attempts to enhance the quality of the S-box by using fractal chaotic mechanisms. However, there is still weakness in the robustness against cryptanalysis of fractal-based S-boxes. Due to their chaotic behavior, fractals are frequently employed to achieve randomness by confusion and diffusion process. A complex number-based S-box and a chaotic map diffusion are proposed to achieve high nonlinearity and low correlation. This study proposed a Mandelbrot set S-box construction based on the complex number and Chen chaotic map for resisting cryptanalytic attacks by creating diffusion in our proposed algorithm. The cryptosystem was built on the idea of substitution permutation networks (SPN). The complex nature of the proposed S-box makes it more random than other chaotic maps. The robustness of the proposed system was analyzed by different analysis properties of the S-box, such as nonlinearity, strict avalanche criterion, Bit independent criterion, and differential and linear probability. Moreover, to check the strength of the proposed S-box against differential and brute force attacks, we performed image encryption with the proposed S-box. The security analysis was performed, including statistical attack analysis and NIST analysis. The analysis results show that the proposed system achieves high-security standards than existing schemes

A Chaos-Based Authenticated Cipher with Associated Data

In recent years, there has been a rising interest in authenticated encryptionwith associated data (AEAD)which combines encryption and authentication into a unified scheme. AEAD schemes provide authentication for a message that is divided into two parts: associated data which is not encrypted and the plaintext which is encrypted. However, there is a lack of chaos-based AEAD schemes in recent literature. This paper introduces a new128-bit chaos-based AEAD scheme based on the single-key Even-Mansour and Type-II generalized Feistel structure. The proposed scheme provides both privacy and authentication in a single-pass using only one 128-bit secret key. The chaotic tent map is used to generate whitening keys for the Even-Mansour construction, round keys, and random s-boxes for the Feistel round function. In addition, the proposed AEAD scheme can be implemented with true randomnumber generators to map a message tomultiple possible ciphertexts in a nondeterministic manner. Security and statistical evaluation indicate that the proposed scheme is highly secure for both the ciphertext and the authentication tag. Furthermore, it has multiple advantages over AES-GCM which is the current standard for authenticated encryption

The design of a secure data communication system

The recent results of using a new type of chosen-plaintext attack, which is called differential cryptanalysis, makes most published conventional secret-key block cipher systems vulnerable. The need for a new conventional cipher which resists all known attacks was the main inspiration of this work. The design of a secret-key block cipher algorithm called DCU-Cipher, that resists all known cryptanalysis methods is proposed in this dissertation. The proposed method is workable for either 64-bit plaintext/64-bit ciphertext blocks, or 128-bit plaintext/128-bit ciphertext blocks. The secret key in both styles is 128-bit long. This method has only four rounds and the main transformation function in this cipher algorithm is based on four mixed operations. The proposed method is suitable for both hardware and software implementation. It is also suitable for cryptographic hash function implementations. Two techniques for file and/or data communication encryption are also proposed here. These modes are modified versions of the Cipher-Block Chaining mode, by which the threat of the known-plaintext differential cyptanalytical attack is averted. An intensive investigation of the best known Identity-based key exchange schemes is also presented. The idea behind using such protocols, is providing an authenticated secret-key by using the users identification tockens. These kind of protocols appeared recently and are not standardized as yet. None of these protocols have been compared with previous proposals. Therefore one can not realize the efficiency and the advantages of a new proposed protocol without comparing it with other existing schemes of the same type. The aim of this investigation is to clarify the advantages and the disadvantages of each of the best known schemes and compare these schemes from the complixity and the speed viewpoint