Detection of non-trivial preservable quotient spaces in S-Box(es)

Substitution Box (S-Box) is employed in block ciphers to ensure non-linearity. An n -bit bijective S-Box is a member of the Symmetric Group S 2 n . Ideally, an S-Box must follow a stringent cryptographic profile. Designing an S-Box is a transparent and justified process. The concerning point for an...

Full description

Saved in:
Bibliographic Details
Published in:Neural computing & applications 2023-09, Vol.35 (25), p.18343-18355
Main Authors: Fahd, Shah, Afzal, Mehreen, Shah, Dawood, Iqbal, Waseem, Abbas, Yawar
Format: Article
Language:English
Subjects:
Algorithms
Artificial Intelligence
Computational Biology/Bioinformatics
Computational Science and Engineering
Computer Science
Cryptography
Data Mining and Knowledge Discovery
Design
Encryption
Hierarchies
Image Processing and Computer Vision
Original Article
Permutations
Probability and Statistics in Computer Science
Quotients
Subspaces
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Substitution Box (S-Box) is employed in block ciphers to ensure non-linearity. An n -bit bijective S-Box is a member of the Symmetric Group S 2 n . Ideally, an S-Box must follow a stringent cryptographic profile. Designing an S-Box is a transparent and justified process. The concerning point for an evaluator is the presence of vulnerabilities in the design of an S-Box, i.e., Kuznyechick. If a malicious designer keeps the non-trivial subspaces secret, it leads to sophisticated cryptanalytic attacks. This article investigates the behaviour of non-trivial subspaces in an S-Box and its Affine, Extended Affine (EA) and Carlet-Charpin-Zinoviev (CCZ) equivalence classes. This paper presents a novel algorithm for finding preservable quotient spaces in an S-Box, thus leveraging a way for shortlisting the potential candidates for an S-Box with backdoors. The proposed work emphasizes checking whether a target S-Box is a potential backdoor candidate. The backdoored designs proposed by KG Paterson, Carlo Harpes and Bannier are being identified and validated with the help of the proposed algorithm. Our findings establish that the additive linear structures responsible for the non-trivial subspace are not invariant under the EA and CCZ. Moreover, the analysis of 3 - b i t permutations reveals that almost 23% population of S 2 3 preserve the quotient subspaces. Irrespective of the linear structures in its non-linear layer, the NIST Lightweight competitors do not preserve the quotient spaces in both the input and output space.
ISSN:0941-0643
1433-3058
DOI:10.1007/s00521-023-08654-2