Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Next Article in Journal
Thermodynamics of a Phase-Driven Proximity Josephson Junction
Previous Article in Journal
Enhanced Negative Nonlocal Conductance in an Interacting Quantum Dot Connected to Two Ferromagnetic Leads and One Superconducting Lead
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

A Novel S-Box Design Algorithm Based on a New Compound Chaotic System

1
Hunan Police Academy, Changsha 410138, China
2
School of Computer Science and Engineering, Central South University, Changsha 410083, China
3
School of Computer Science, Guangzhou University, Guangzhou 510006, China
*
Authors to whom correspondence should be addressed.
Entropy 2019, 21(10), 1004; https://doi.org/10.3390/e21101004
Submission received: 1 October 2019 / Revised: 11 October 2019 / Accepted: 12 October 2019 / Published: 14 October 2019
(This article belongs to the Section Multidisciplinary Applications)

Abstract

:
Substitution-boxes (S-Boxes) are important non-linear components in block cryptosystem, which play an important role in the security of cryptosystems. Constructing S-Boxes with a strong cryptographic feature is an important step in designing block cipher systems. In this paper, a novel algorithm for constructing S-Boxes based on a new compound chaotic system is presented. Firstly, the new chaotic system, tent–logistic system, is proposed, which has better chaotic performance and wider chaotic range than the tent and logistic system, and can not only increase the randomness of the chaotic sequences but also expand the key space of cryptosystems. Secondly, a novel linear mapping is employed to construct the initial S-Box. Then, the permutation operation on the initial S-Box is performed by using chaotic sequence generated with the tent–logistic system, which improves the cryptographic features of the S-Box. The idea behind the proposed work is to make supplementary safe S-box. Detail tests for cryptographic strength of the proposed S-Box are performed by using different standard benchmarks. The test results and performance analysis show that our proposed S-Box has very smaller values of linear probability (LP) and differential probability (DP) and a satisfactory average value of nonlinearity compared with other S-Boxes, showing its excellent application potential in block cipher system.

1. Introduction

With the rapid development of network communication and big data applications, information security has become a more and more popular topic. Scholars have proposed a variety of information security technologies, including information encryption [1,2,3,4,5], watermarking [6,7], privacy protection [8,9,10], and so on. Among them, cryptography is the most basic technology in information security. In symmetric cryptographic systems, block encryption algorithms are widely used, such as in the data encryption standard (DES), advanced encryption standard (AES), and other systems. In a block cipher system, there is an important non-linear component called the substitution box (abbreviated as S-Box). S-Boxes play an important role in the security of symmetric cryptosystems. AES is considered to be an effective cryptosystem to a large extent. One of the important components of AES is its S-Box, which is based on the inversion and affine transformation of GF(28) elements. Due to the popularity of AES in communication systems, S-Box has attracted more and more attention. However, the S-Box component that is used in AES is fixed. If we construct this component dynamically, the encryption strength of the cryptosystem would be greater than before.
In view of the importance of S-Box in block cipher system, the design of S-Box with strong cryptographic performance has always been the goal of cryptosystem designers. Many S-Box construction methods have been proposed [11,12,13,14,15]. In order to obtain a ciphertext block corresponding to a plaintext block, a byte conversion called the substitution byte (sub-byte) process is generated with an S-Box. In the sub-byte process, each element will be mapped using an S-Box. The S-Box is used to transform the bit input randomly. As a result, the output bit sequence has strong resistance to linear and differential attacks. Several approaches such as the analytical approach [12], algebraic techniques [14], Boolean function [16], cubic polynomial mapping methods [17], and triangle groups [18] have been applied to S-Boxes construction.
In recent years, chaotic systems have been widely applied in the design of S-Boxes because of their good cryptographic characteristics [19], such as random-like behavior [20], non-periodicity [21], and extreme sensitivity to initial conditions [22]. In [23], Lambic applied discrete chaotic map to design S-Box. In [24], Lambic proposed an efficient algorithm for obtaining random bijective S-boxes based on chaotic maps and the composition method. The advantages of Lambic’s method are the low complexity and the possibility to achieve large key space. Çavusoglu [13] designed a strong S-Box generation algorithm based on the chaotic scaled Zhongtang system. Ullah [25] constructed S-Box with the help of the chaotic system and linear fractional transformation. Belazi and El-Latif [26] proposed a simple S-Box method based on the chaotic sine map. In Ref. [27], a novel method to construct cryptographically strong bijective substitution-boxes based on a 5D hyper-chaotic system was presented. Khan et al. [28] proposed the S-Box construction method based on chaotic Boolean functions. Belazi et al. [29] proposed an efficient S-Box method based on the chaotic logistic-sine map. Wang et al. [30] constructed S-Box by using a hyper-chaotic system with infinite equilibria. Liu et al. [15] constructed S-Box based on the spatiotemporal chaotic system.
However, these chaotic S-Box construction schemes mentioned above have not yet had a high score of linear probability (LP) and differential probability (DP), and the ability to resist linear and differential attacks were not ideal. In addition, the process of S-Box construction existing in the previous schemes is very complex and inefficient. Compared with high-dimensional continuous-time chaotic systems, low-dimensional discrete chaotic systems can generate chaotic sequences with higher efficiency. Moreover, some studies show that the complexity of discrete systems is higher than that of continuous systems [31,32,33]. However, the common low-dimensional discrete mapping chaotic systems have a narrow chaotic range and unsatisfactory chaotic characteristics. Using such chaotic systems to construct S-Boxes will reduce the key space of cryptographic systems, and the cryptographic performance is not ideal. In order to solve this problem, it is necessary to design new discrete chaotic systems with better performance.
There are two ways to implement a cryptographic system: one is software implementation, the other is hardware implementation. The hardware is quite important when trying to expand the key space of a cryptosystem. Therefore, hardware implementation is an important issue worth considering. In [34], authors provided the hardware implementation of a pseudo-random number generator (PRNG) based on three chaotic maps: the Bernoulli shift map, tent, and zigzag maps. It was found that some chaotic maps are more suitable for cryptographic applications, like the Bernoulli shift map that requires low field-programmable gate array (FPGA) resources, and provides high throughput. In [35], the authors show an application in the encryption of very high-resolution digital images based on the design of a digital chaos generator by using arbitrary precision arithmetic.
To improve the shortcomings of existing chaos based S-Box construction methods, this paper presents a novel and efficient S-Box construction method by using a new compound chaotic system. It can improve the linear probability (LP) and differential probability (DP) properties of the S-Box, and enhance the robustness of cryptosystem against linear analysis attack and differential attack. The innovations of this work are as follows:
(1) A new compound chaotic system, tent–logistic system (TLS), is proposed, which has a wider chaotic range and better chaotic performance than the old ones, so it is more suitable for cryptographic applications.
(2) A simple and effective S-Box construction method by using a novel linear mapping and the tent–logistic chaotic system is proposed, which can improve the efficiency of S-Boxes construction.
(3) The proposed S-Box has a higher score of LP and DP than some old S-Boxes, showing that our proposed S-Box has obvious advantages in resisting the attacks of differential cryptanalysis and linear cryptanalysis.
The rest of this paper is organized as follows. Section 2 proposes the new tent–logistic system (TLS) model. Section 3 describes the simple and effective S-Box construction method based on the tent–logistic system. Section 4 shows cryptographic performance analysis of the proposed S-Box, and makes a comparison with some recently designed S-Boxes. Section 5 completes the research paper with conclusions.

2. The Proposed New Chaotic System

One-dimensional (1D) discrete chaotic systems have many advantages in applications to cryptography because of their simple structures. The general mathematical model of 1D discrete mapping system can be expressed as:
x ( n + 1 ) = f [ x ( n ) ] ,
where f[x] denotes functions with regard to x. x(0) is the initial state value of the system and {x(1), x(2), ...} is the output sequence of state values. For 1D discrete maps, the definition of Lyapunov exponent is as:
λ = lim n 1 n ( i = 1 n log | f [ x i ] | ) ,
where, f′[x] denotes the derivative of function f[x] to x. If λ > 0, then the chaotic behaviors exist in the system. In this section, we firstly reviewed two famous 1D chaotic maps: the logistic and tent chaotic maps. Then, we proposed a new discrete compound chaotic system, which has better chaotic performance and wider chaotic range than logistic and tent maps.

2.1. Logistic Chaotic Map

The logistic map is one of famous 1D chaotic maps, which has a simple mathematical structure yet complex chaotic behavior. The mathematical model of Logistic map is [36]:
x ( n + 1 ) = μ × x ( n ) × ( 1 x ( n ) ) ,
where μ is the system parameter in the range of [0, 4]. In order to determine the range of parameters corresponding to its chaotic phenomena, we calculated Lyapunov exponents under different parameters μ and found the chaotic rang of logistic map was μ ∈ [3.57, 4]. The bifurcation diagram of logistic map is shown in Figure 1a and the state distribution under μ = 3.78 is shown in Figure 1b.
There are three drawbacks in the logistic map. One is the chaotic range of the system is limited to μ ∈ [3.57, 4]. Even within this range, there are some parameters that make the logistic map to have no chaotic behaviors. Another drawback is the non-uniform distribution of state values in the range of [0, 1]. In [37], authors point out that the logistic map for μ = 3.9 has aperiodic behavior. Instead of using the range of 3.57 ≤ μ ≤ 4, one can fix the value of μ, however, which results in a lower key space. These drawbacks reduce the application value of the logistic map.

2.2. Tent Chaotic Map

Tent map is another discrete 1D chaotic system, which has the tent-like shape in its bifurcation diagram. The mathematical model of the tent map is as follows [38]
x ( n + 1 ) = { f 1 [ x ( n ) ] = μ / 2 × x ( n ) x ( n ) < 0.5 f 2 [ x ( n ) ] = μ / 2 × ( 1 x ( n ) ) x ( n ) 0.5 ,
where μ is the system parameter in the range of [0, 4]. By Equation (4), we could get the Lyapunov exponent of the tent map as λ= log(μ/2), so when μ > 2, λ > 0, and when μ = 4, λ = λmax = log(2) = 0.6931. Its chaotic property is shown in the bifurcation analysis in Figure 2a. Both analysis results indicate that its chaotic range was μ ∈ [2, 4]. The state distribution under μ = 3.78 is shown in Figure 2b. The tent map had the same problems as the logistic map: the small chaotic range and the no uniform distribution of the output state values.

2.3. The Tent–Logistic System

To solve the problems existing in logistic and tent maps, we proposed a new compound system by combining the logistic and tent maps, and called the new system the tent–logistic system (TLS). Its mathematical model is as follows:
x ( n + 1 ) = { f 1 [ x ( n ) ] = 4 ( 9 μ ) / 9 × x ( n ) × ( 1 x ( n ) ) + 2 μ / 9 × x ( n ) x ( n ) < 0.5 f 2 [ x ( n ) ] = 4 ( 9 μ ) / 9 × x ( n ) × ( 1 x ( n ) ) + 2 μ / 9 × ( 1 x ( n ) ) x ( n ) 0.5 ,
where μ is the system parameter in the range of [0, 9]. When μ = 0, Equation (5) degenerates to the best chaotic logistic map, while μ = 9, Equation (5) degenerates to the best chaotic tent map. Therefore, both the best chaotic logistic and tent maps can be regarded as special cases of Equation (5).
Proposition 1.
In the whole range μ ∈ [0, 9], system (5) is a map f: xi∈(0, 1)→xi+1∈(0, 1).
Proof. 
 
(1) When μ = 0, Equation (5) degenerates to the chaotic logistic map fL: xi∈(0, 1)→xi+1∈(0, 1).
(2) When μ = 9, Equation (5) degenerates to the chaotic tent map fT: xi∈(0, 1)→xi+1∈(0, 1).
(3) When 0 < μ < 9 and x(n) < 0.5, f1′[x(n)] = (36 – 2μ) / 9 – (72 – 8μ) × x(n) / 9 > (36 – 2μ) / 9 – (72 – 8μ) × 0.5 / 9 = 2μ / 9 > 0. Hence, f1[x(n) < 0.5] < f1[0.5] = 1.
(4) When 0 < μ < 9 and x(n) ≥ 0.5, f2′[x(n)] = (36 – 6μ) / 9 – (72 – 8μ) × x(n) / 9 ≤ (36 – 6μ) / 9 – (72 – 8μ) × 0.5 / 9 = –2μ / 9 < 0. Hence, f2[x(n) ≥ 0.5] ≤ f2[0.5] = 1. f2[x(n) > 0.5] < f2[0.5] = 1. □
The bifurcation diagram and the state distribution diagram of the TLS are shown in Figure 3. From Figure 3a, one can see that the chaotic range was the whole range μ∈[0, 9], which was much larger than those of the logistic or tent maps. Its output sequences uniformly distributed within [0, 1] (see Figure 3b). Hence, the TLS had better chaotic performance than the logistic and tent maps.
The new tent–logistic system has two advantages compared with logistic and tent maps. First, the chaotic range of the tent–logistic system was far wider than those of the logistic and tent map. If the system parameter μ was used as the secret key of a cryptosystem, the key space of the cryptosystem with the new system would be much larger. Second, the output sequences of the tent–logistic system distributed evenly throughout the entire value range between 0 and 1. These advantages guarantee that the proposed tent–logistic system was more suitable for cryptographic applications.

2.4. Entropy Analysis of the New Chaotic System

There are many techniques to evaluate the system complexity from time sequence [39,40,41]. One of the most famous methods is approximate entropy [41]. The greater the approximate entropy, the higher the complexity of the time sequence. To measure the complexity of sequences generated by different chaotic systems, the approximate entropy values of the sequence generated by the three chaotic maps are calculated and shown in Figure 4. From Figure 4, one can see that the approximate entropy values of sequence generated by the tent–logistic map were the largest ones among the three chaotic maps in the cases of most μ values. It verified that the sequence generated by the tent–logistic map had larger complexity than tent and logistic maps.

2.5. NIST Randomness Test of PRNG with the New System

In this section, a pseudo-random number generator (PRNG) was designed by using the tent–logistic map. The specific steps of generating random number are as follows:
(1) Set the initial state value x0, the system parameter μ, and the positive integer N0 and L.
(2) Iterate the chaotic tent–logistic map (5) N0 times to eliminate harmful effects of transient processes.
(3) Continue to iterate the chaotic tent–logistic map (5) L times and generate a random sequence X = [x1, x2,... xL].
(4) Through the nonlinear transformation of Equation (6), the random sequence X is transformed into the random sequence Y = [y1, y2, ..., yL].
y i = mod ( floor ( x i × 1 0 14 ) , 256 ) ,   i   =   1 ,   2 , ,   L ,
where, floor(x) returns a maximum integer less than or equal to x and mod(x, 256) returns the remainder of x divided by 256. Therefore, each element in Y is an integer with the size of one byte and in the range of [0, 255], which is especially suitable for image encryption.
(5) Transform each yi to a 8-bit binary number, then we could obtain a bit sequence B = {b1, b2, ..., b8L}, which is especially suitable for stream cipher application.
The random number generator test standard is the Federal Information Processing Standard issued by the National Institute of Standards and Technology (NIST). The NIST test suite includes 17 tests, which focus on a sort of different types of non-randomness that could exist in a sequence. NIST test software mainly uses two performance indicators: pass rate and p-value to determine the random performance of the sequence. The number of sequences to be tested is m, the significant level is α. If the p-values of N sequences are greater than α, then the pass rate is N/m. The default value of α is 0.01. To test the random performance of the bit sequences generated by our PRNG, we set the parameters as: x0 = 0.66, μ = 4.5, L = 12.5 × 106, and N0 = 500. Then, a bit sequence was generated, which had the length of 100 × 106 bits. The bit sequence was divided into 100 sub-sequences of equal length, each of which was 106 bits in length. By this way, 100 sequences of 106 bits were produced. The results from all statistical tests are given in Table 1. The min p-value in Table 1 was 0.045675, which was larger than 0.01. The minimum pass rate for each statistical test was 98 for 100 binary sequences. Therefore, the sequence generated with the new tent–logistic system and the generation algorithm could be considered to have high randomness. It is worth noting that the smaller number of sequences was used for random excursions tests in the Table 1. It was due to the fact that random excursions and random excursions variant tests were not applicable to binary sequences with insufficient number of cycles. Therefore, only samples with the number of cycles exceeding 500 were evaluated for these tests. In our test, there were 57 samples with the number of cycles exceeding 500.

3. Proposed New S-Box Design

3.1. Introduction of S-Boxes

An S-Box is the only non-linear component in a block cipher system. It plays an important role in symmetric block cipher cryptosystems. An S-Box is like a black box. It transforms any input plaintext block into a ciphertext block, which can confuse the relationship between ciphertext and plaintext. A general m × n S-Box is a map: {0, 1}m→{0, 1}n. When n = m, it means that data are neither compressed nor expanded during encryption transformation. In this case of n = m, the S-Box can realize completely reversible transformation. Most S-Boxes commonly used in cryptography are m = n. The function and basic principle of an n × n S-Box can be shown in Figure 5.
An n × n S-Box is a number set of {0, 1, 2, ..., 2n − 1}, which is represented by a 2n/2 × 2n/2 matrix Sb. S boxes that are 8 × 8 are the most commonly used type of S-Box, especially widely used in digital image encryption system [42]. In this paper, we focused on the design algorithm of an 8 × 8 S-Box. An 8 × 8 S-Box is a number set of {0, 1, 2, ..., 255}, which is represented by a 16 × 16 matrix Sb = {Sb(i, j)|i = 1, 2,..., 16; j = 1, 2, ..., 16} shown in Table 2. For 8 × 8 S-Boxes, there are a total of ( 2 8 ! ) different forms of variation. Among ( 2 8 ! ) different forms of variation, the simplest 8 × 8 S-Box arranges elements in an orderly manner from small to large values. As the result, elements in the simplest 8 × 8 S-Box has the form: Sb(i, j) = (i-1) × 16 + j-1.
The process of converting plaintext byte x into ciphertext byte y through an S-Box with matrix Sb can be expressed by the function S[x] as:
{ i = floor ( x / 16 ) + 1 , j = mod ( x , 16 ) + 1 y = S [ x ] = Sb ( i , j ) ,
where, floor(a) rounds a to the nearest integer less than or equal to a. mod(a, m) returns the remainder after division of a by m, where a is the dividend and m is the divisor. Equation (7a) is a process in which each pixel value in a plain image is substituted with an element value in the S-Box. For example, if x = 55, then i = floor(55/16) + 1 = 3 + 1 = 4, j = mod (55, 16) + 1 = 7 + 1 = 8. Consequently, y = S[x] = Sb(i, j) = Sb(4, 8). For the simplest 8 × 8 S-Box, we could obtain the following results easily as: S[0] = Sb(1, 1) = 0, S[1] = Sb(1, 2) = 1, ..., S[255] = Sb(16, 16) = 255. Namely, y = S[x] = x. It is obvious that the simplest 8 × 8 S-Box can not alter any input plaintext value, so the simplest 8 × 8 S-Box can not be used in the encryption system.
Corresponding to the transformation y = S[x] in the encryption procedure, we defined the inverse transformation x = S 1 [ y ] in the decryption procedure. The steps of calculating S 1 [ y ] are as follows:
{ Find   i   and   j   in   Sb   such   that   Sb ( i , j ) = y x = S 1 [ y ] = ( i 1 ) × 16 + j 1 .

3.2. The Proposed Algorithm for Generating S-Box

Many researchers have done extensive research on the design methods of S-Boxes with different cryptographic strength. However, most of these methods are complex and inefficient, so the time cost of generating S-Boxes is large. Here, we proposed a very simple and efficient design methods to construct strong S-Boxes based on the new chaotic map and a nonlinear mapping. The new method takes advantage of the excellent chaotic characteristics of the tent–logistic map. The detailed steps of generating new S-Boxes are given below.
Step 1: Set a integer parameter A such that A > 0 and Ak × 257, k = 1, 2, 3,....
Step 2: Let T ← [0, 1, 2, ..., 255], then we obtained an array T, which contained 256 distinct integers in the range of [0, 255].
Step 3: Based on T and A to obtain a new array R by the following linear mapping:
R(i) = mod((A×(T(i)+1)), 257), i = 1, 2, ..., 256
where T(i)∈{0, 1, ...,255}, A is a positive integer satisfying Ak × 257, and k is a positive integer. (A/257) is not an integer, and (T(i)+1)/257 is also not an integer. As a result, (A×(T(i)+1)) cannot be divided exactly by 257. Namely, mod((A×(T(i)+1)), 257) ≠ 0. Therefore, Equation (8) is a map: T(i)∈{0,1,2,...,255} → R(i)∈{1, 2, ..., 256}.
Step 4: Let R(i) ← R(i) – 1, then R(i)∈{0, 1, ..., 255}, i = 1, 2, ..., 256. We obtained a 1D array R = {R(i)}.
Step 5: Transform the 1D array R into a 2D matrix Rb, and then Rb could be considered as the initial S-Box.
Step 6: Set the parameters μ, initial state value x0 of the tent–logistic map, and an integer L that was far larger than 256. Then iterate the tent–logistic map L times to generate a chaotic sequence of length L. In order to improve the sensitivity of output chaotic sequence to its initial state value, we discarded the first (L-256) elements of the original chaotic sequence, and then we could obtain a new chaotic sequence of length 256, which is represented by X.
Step 7: Sort the chaotic sequence X, then we could get a position index array J = {J(1), J(2), ..., J(256)}, J(i)∈{1, 2, ..., 256}. Due to the non-periodicity and ergodicity of chaotic sequences, it will inevitably lead to that J(i)≠J(j) as long as ij.
Step 8: Calculate the 1D array S1 as follows:
S1(i) = T(J(i)), i = 1, 2,..., 256.
Step 9: Transform the 1D array S1 into a 2D matrix Sb, and this was the proposed S-Box.
By the proposed method, the length of chaotic sequences to be used in constructing a 16 × 16 sized S-Box matrix was 256. The purpose of taking L far larger than 256 is to execute (L-256) times pre-iterations, which could enhance the sensitivity of S-Box to the initial value x0 of the chaotic system. In the process of concrete realization, the proposed new S-Box was generated by the above S-Box generation algorithm with parameters were set as {x0 = 0.66, μ = 4.5, A = 56, L = 65536}, which is shown in Table 3. The number in the first row of Table 3 represents the column number of the S-Box matrix, while the number in the first column of Table 3 represents the row number of the S-Box matrix.

4. Performance Tests

In this section, we tested the cryptographic strength of our proposed new S-Box given in Table 3 with widely used standard S-Box performance evaluation criteria.

4.1. Bijectiveness

A function S: x∈N → y∈N is bijective if and only if it is one-to-one map. From Equation (7a) and Table 3, it is obvious that one can obtain a distinct value y∈N corresponding to a certain x∈N. Conversely, from a certain y∈N, one can find a distinct value in the matrix SB that equal to y and obtain a distinct value pair (i, j). By the inverse transformation S−1[y] defined by Equation (7b), one can obtain a distinct value x. Therefore, function S corresponding to S-Box of Table 3 is bijective.

4.2. Strict Avalanche Criterion (SAC)

The strict avalanche criterion (SAC) [11,12] is a crucial feature for any cryptographic S-Box. SAC requires that if a single j-th bit in the input value x is changed, the probability of causing the change of the i-th bit in the output cipher text value y should be 0.5. Namely, the probability p(i, j) should be 0.5 for all i = 1, 2, ..., n, and j = 1. 2, ..., n. An S-Box having p(i, j) values of SAC closer to 0.5 has satisfactory uncertainty. Dependency matrix providing the SAC values of an S-Box. Table 4 listed the dependency matrix of the proposed S-Box for strict avalanche criterion (SAC). The values corresponding to the positions of i-th row and j-th column in the table are p(i, j) values. It is evident from Table 4 that p(i, j) values of the S-Box was very close to 0.5 (an average value of p(i, j) was 0.505), showing that the proposed S-Box satisfied the SAC criterion.

4.3. Nonlinearity

The nonlinear mapping of an S-Box can also be expressed as:
y = y 1 y 2 y n = S [ x ] = S 1 [ x ] S 2 [ x ] S n [ x ] ,
where, y i = S i [ x ] { 0 , 1 } and S i [ x ] is an n-bit Boolean function, i = 1, 2, ..., n. In order to effectively resist linear cryptanalysis attack, an S-Box must have high nonlinear relationship between its input and output values. The nonlinearity of an n-bit Boolean function S i [ x ] is used to measure the nonlinear strength of an n × n S-Box, which can be calculated by:
N L i = 1 2 ( 2 n Max x { 0 , 1 } n | WS _ S i [ x ] | ) ,
where, WS_Si[x] is the Walsh spectrum of function Si[x], and it is calculated as:
WS _ S i [ x ] = z { 0 , 1 } n ( 1 ) S i [ x ] x · z ,
where, x · z denotes the dot product of x and z, which is calculated as:
x · z = ( x 1 × z 1 ) ( x 2 × z 2 ) ( x n × z n ) ,
where denotes the modulo 2 addition. NLi is the nonlinearity value of the i-th constituent Boolean functions in an S-Box. The larger the nonlinearity, the better the performance of an S-Box against linear cryptanalysis attack. The nonlinearity values of all eight constituent Boolean functions in the proposed S-Box are listed in Table 5. The minimum of nonlinearity was 104, the maximum of nonlinearity was 110, and the average value of nonlinearity was 106.3. Table 5 also lists the nonlinearity values of the initial S-Box, the nonlinearity values of which were much less than those of the final S-Box. The results show that the nonlinearity of the final S-Box was greatly improved by introducing chaotic sequence to scramble the initial S-Box.

4.4. Bit Independence Criterion (BIC)

According to the criterion of BIC [11,12], when the k-th bit of the input data block changes (flips), the i-th bit and j-th bit of the output data block changes independently (or without any dependence on each other). Then it means that the response of the output bit values of the S-Box to the change of an input bit is independent. To measure this feature of an S-Box, the bit independence criterion for strict avalanche criterion (BIC–SAC) was introduced. To determine the BIC–SAC results, we could calculate the sum of ( S i [ x ] S j [ z ] S i [ x ] S j [ x ] ) for all input x∈{0, 1, ..., 255}, where z and x were only one bit different every time. If the average BIC–SAC values for all input x∈{0, 1, ..., 255} were close to 0.5, and then the S-Box met BIC–SAC very well. For our proposed S-Box, the BIC–SAC results are listed in Table 6, which had the average value 0.49937. The results show that our proposed S-Box met BIC–SAC very well.
Another indicator of bit independence criterion was the BIC results for nonlinearity. To determine the BIC results for nonlinearity, we could calculate the nonlinearity values for each output bit value of ( y i y j ) for all input x∈{0, 1, ..., 255}, where i = 1, 2, ..., n and j = 1, 2, ..., n. For our proposed S-Box, the BIC results for nonlinearity are listed in Table 7, which had the average value 103.8. The experimental results show that our proposed S-Box met BIC for nonlinearity very well.
It is crystal clear from Table 6 and Table 7 that average SAC and nonlinearity values for BIC were 0.499 and 103.8, respectively. According to Ref. [12], if an S-Box exhibits SAC and nonlinearity, it fulfills BIC. The obtained scores of 0.499 and 103.8 for our proposed S-Box clearly manifested an exceedingly strong nonlinearity interrelation among the output bits. These test results fully validated BIC of our proposed S-Box.

4.5. Linear Probability

A secure cryptosystem should have strong confusion and diffusion effects. Strong S-Boxes help cryptosystems to achieve strong confusion and diffusion effects through nonlinear mapping between input and output data. The lower linear probability (LP) of an S-Box, the higher the nonlinear mapping feature and the stronger the performance resistance against the linear cryptanalysis. Therefore, linear probability (LP) was used to measure the resistance of an S-Box to linear cryptanalysis, which was calculated by:
L P = Max α x , β x 0 | # { x N | x · α x = S ( x ) · β x } 2 n 1 2 | ,
where, N = {0, 1, ... , 255}, α x and β x are the corresponding input and output masks ( α x ∈N, β x ∈N), “.” denotes the dot product operation mentioned above, and #{x∈N|X} denotes the number of x satisfying the condition X. The maximal value of LP of our proposed S-Box was only 0.125, and thus provides good resistance against linear cryptanalysis.

4.6. Differential Probability

Differential cryptanalysis [43] is another effective method to decipher ciphertext. This method is to find the plaintext pairs and corresponding ciphertext pairs having the same differentials. By these plaintext pairs and corresponding ciphertext pairs, the attackers can gain some part of the key. In order to measure the performance of S-Box against differential cryptanalysis, the differential probability (DP) is introduced, which is calculated by:
D P = Max Δ x 0 , Δ y ( # { x N | S ( x ) S ( x Δ x ) = Δ y } 2 n ) ,
where, Δ x = x x and Δ y = y y are differentials corresponding to input pair (x, x’) and output pair (y, y’), respectively. An S-Box with smaller differential probability (DP) has a stronger ability to resist differential cryptanalysis. The maximal value of DP of our proposed S-Box was only 0.039. This small value indicates that the proposed S-Box had strong resistance to differential cryptanalysis attacks.

4.7. Performance Comparison

In order to compare the cryptographic performance of S-Boxes proposed in this paper with some recently proposed S-Boxes, the performance index values of these S-Boxes are listed in Table 8. From Table 8, it can be seen that our S-Box had the smaller values of LP and DP than most of the other S-Boxes in Table 8. The results show that our S-Box had obvious advantages in resisting the attacks of differential cryptanalysis and linear cryptanalysis. Our S-Box had an average value of nonlinearity greater than most of the other S-Boxes in Table 8. The results also indicate that the SAC value (0.505) of our proposed S-Box was very near to the ideal value of SAC (0.5). The BIC value of the proposed S-Box was also quite good ensuing gratification of the BIC test. It is worth noting that the initial S-Box obtained by this algorithm has poor nonlinearity (see the penultimate row of Table 8). By introducing the chaotic sequence to disturb the initial S-Box, the final S-Box obviously enhanced the nonlinearity. In our opinion, it is very important for randomly generated S-boxes to obtain similar quality as good S-boxes. In addition to these quality evaluation indicators, the novelty, time, and space overhead of the algorithm are also very important evaluation criteria.

5. Conclusions

The application of a new chaotic system and novel linear mapping for constructing S-Boxes was presented in this paper. The innovations of this work were as follows:
  • A new compound chaotic system, the tent–logistic system (TLS), was proposed, which had a wider chaotic range and better chaotic performance than the old ones. The TLS could not only increase the randomness of the constructed S-Box but also expanded the key space of cryptosystems.
  • A simple and effective S-Box construction method was proposed. The novel linear mapping was employed to construct the initial S-Box and the TLS was used to scramble the initial S-Box. The efficiency of constructing S-Boxes was higher and the cryptographic features of the S-Box were better.
  • The proposed S-Box had a higher score of LP and DP than some old S-Boxes, showing that our proposed S-Box had obvious advantages in resisting the attacks of differential cryptanalysis and linear cryptanalysis.
Detail tests for cryptographic strength of the proposed S-Box were performed by using different standard benchmarks. The test results and performance analysis show that our proposed S-Box had very smaller values of LP and DP and a satisfactory average value of nonlinearity compared with other S-Boxes. It means that our proposed S-Box provided good resistance against linear cryptanalysis and differential cryptanalysis and had potential in the block cipher system.
In the future research, we think that it is possible to optimize this S-Box based on the tent–logistic map applying metaheuristics, similar to the optimization performed for continuous chaotic systems as shown in [46]. In addition, we could apply this S-Box in designing image encryption schemes.

Author Contributions

Conceptualization, C.Z. and Q.L.; methodology, G.W.; software, C.Z.; validation, C.Z., Q.L. and G.W.; formal analysis, C.Z.; investigation, Q.L.; resources, Q.L.; data curation, Q.L.; writing—original draft preparation, Q.L.; writing—review and editing, C.Z. and G.W.; visualization, C.Z.; supervision, G.W.; project administration, Q.L.; funding acquisition, G.W.

Funding

This research was funded by [the Open Research Fund of Key Laboratory of Network Crime Investigation of Hunan Provincial Colleges] grant number [No. 2018WLFZZC002]; [the Science and Technology Project of Hunan Province of China] grant number [No. 2017SK1040]; [the National Natural Science Foundation of China] grant number [No. 61632009].

Acknowledgments

The authors are thankful to the reviewers for their comments and suggestions to improve the quality of the manuscript.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Wang, X.; Çavuşoğlu, Ü.; Kacar, S.; Akgul, A.; Pham, V.-T.; Jafari, S.; Alsaadi, F.; Nguyen, X. S-box based image encryption application using a chaotic system without equilibrium. Appl. Sci. 2019, 9, 781. [Google Scholar] [CrossRef]
  2. Zhang, X.-P.; Guo, R.; Chen, H.-W.; Zhao, Z.-M.; Wang, J.-Y. Efficient image encryption scheme with synchronous substitution and diffusion based on double s-boxes. Chin. Phys. B 2018, 27, 080701. [Google Scholar] [CrossRef]
  3. Zhang, Q.; Liu, Q.; Wang, G. PRMS: A personalized mobile search over encrypted outsourced data. IEEE Access 2018, 6, 31541–31552. [Google Scholar] [CrossRef]
  4. Zhu, C.X.; Wang, G.J.; Sun, K.H. Cryptanalysis and improvement on an image encryption algorithm design using a novel chaos based s-box. Symmetry 2018, 10, 399. [Google Scholar] [CrossRef]
  5. Zhu, C.; Wang, G.; Sun, K. Improved cryptanalysis and enhancements of an image encryption scheme using combined 1d chaotic maps. Entropy 2018, 20, 843. [Google Scholar] [CrossRef]
  6. Wu, Q.; Wu, M. Adaptive and blind audio watermarking algorithm based on chaotic encryption in hybrid domain. Symmetry 2018, 10, 284. [Google Scholar] [CrossRef]
  7. Thakur, S.; Singh, A.K.; Ghrera, S.P.; Mohan, A. Chaotic based secure watermarking approach for medical images. Multimed. Tools Appl. 2018. [Google Scholar] [CrossRef]
  8. Zhang, S.; Li, X.; Tan, Z.; Peng, T.; Wang, G. A caching and spatial k-anonymity driven privacy enhancement scheme in continuous location-based services. Future Generat. Comput. Syst. Int. J. Esci. 2019, 94, 40–50. [Google Scholar] [CrossRef]
  9. Zhang, S.; Wang, G.; Bhuiyan, M.Z.A.; Liu, Q. A dual privacy preserving scheme in continuous location-based services. IEEE Int. Things J. 2018, 5, 4191–4200. [Google Scholar] [CrossRef]
  10. Zhang, S.; Wang, G.; Liu, Q.; Abawajy, J.H. A trajectory privacy-preserving scheme based on query exchange in mobile social networks. Soft Comput. 2018, 22, 6121–6133. [Google Scholar] [CrossRef]
  11. Webster, A.F.; Tavares, S.E. On the design of s-boxes. In Conference on the Theory and Application of Cryptographic Techniques; Williams, H.C., Ed.; Springer: Berlin/Heidelberg, Germany, 1986; pp. 523–534. [Google Scholar]
  12. Adams, C.; Tavares, S. The structured design of cryptographically good s-boxes. J. Cryptol. 1990, 3, 27–41. [Google Scholar] [CrossRef]
  13. Çavuşoğlu, Ü.; Zengin, A.; Pehlivan, I.; Kaçar, S. A novel approach for strong s-box generation algorithm design based on chaotic scaled zhongtang system. Nonlinear Dyn. 2017, 87, 1081–1094. [Google Scholar] [CrossRef]
  14. Hussain, I.; Anees, A.; Al-Maadeed, T.; Mustafa, M. Construction of s-box based on chaotic map and algebraic structures. Symmetry 2019, 11, 351. [Google Scholar] [CrossRef]
  15. Liu, L.; Zhang, Y.; Wang, X. A novel method for constructing the s-box based on spatiotemporal chaotic dynamics. Appl. Sci. 2018, 8, 2650. [Google Scholar] [CrossRef]
  16. Mahmood, S.; Farwa, S.; Rafiq, M.; Riaz, S.M.J.; Shah, T.; Jamal, S.S. To study the effect of the generating polynomial on the quality of nonlinear components in block ciphers. Secur. Commun. Netw. 2018, 2018, 1–8. [Google Scholar] [CrossRef]
  17. Zahid, A.; Arshad, M. An innovative design of substitution-boxes using cubic polynomial mapping. Symmetry 2019, 11, 437. [Google Scholar] [CrossRef]
  18. Rafiq, A.; Khan, M. Construction of new s-boxes based on triangle groups and its applications in copyright protection. Multimed. Tools Appl. 2019, 78, 15527–15544. [Google Scholar] [CrossRef]
  19. Farwa, S.; Shahy, T.; Muhammad, N.; Bibiz, N.; Jahangir, A.; Arshad, S. An image encryption technique based on chaotic s-box and arnold transform. Int. J. Adv. Comput. Sci. Appl. 2017, 8, 360–364. [Google Scholar] [CrossRef]
  20. Zhu, S.; Zhu, C.; Wang, W. A novel image compression-encryption scheme based on chaos and compression sensing. IEEE Access 2018, 6, 67095–67107. [Google Scholar] [CrossRef]
  21. Zhu, S.; Zhu, C.; Wang, W. A new image encryption algorithm based on chaos and secure hash sha-256. Entropy 2018, 20, 716. [Google Scholar] [CrossRef]
  22. Zhu, S.; Zhu, C. Image encryption algorithm with an avalanche effect based on a six-dimensional discrete chaotic system. Multimed. Tools Appl. 2018, 77, 29119–29142. [Google Scholar] [CrossRef]
  23. Lambic, D. A novel method of s-box design based on discrete chaotic map. Nonlinear Dyn. 2017, 87, 2407–2413. [Google Scholar] [CrossRef]
  24. Lambic, D. A novel method of s-box design based on chaotic map and composition method. Chaos Solitons Fractals 2014, 58, 16–21. [Google Scholar] [CrossRef]
  25. Ullah, A.; Jamal, S.S.; Shah, T. A novel construction of substitution box using a combination of chaotic maps with improved chaotic range. Nonlinear Dyn. 2017, 88, 2757–2769. [Google Scholar] [CrossRef]
  26. Belazi, A.; El-Latif, A.A.A. A simple yet efficient s-box method based on chaotic sine map. Optik 2017, 130, 1438–1444. [Google Scholar] [CrossRef]
  27. Al Solami, E.; Ahmad, M.; Volos, C.; Doja, M.; Beg, M. A new hyperchaotic system-based design for efficient bijective substitution-boxes. Entropy 2018, 20, 525. [Google Scholar] [CrossRef]
  28. Khan, M.; Shah, T.; Batool, S.I. Construction of s-box based on chaotic boolean functions and its application in image encryption. Neur. Comput. Appl. 2016, 27, 677–685. [Google Scholar] [CrossRef]
  29. Belazi, A.; Khan, M.; El-Latif, A.A.A.; Belghith, S. Efficient cryptosystem approaches: S-boxes and permutation–substitution-based encryption. Nonlinear Dyn. 2017, 87, 337–361. [Google Scholar] [CrossRef]
  30. Wang, X.; Akgul, A.; Cavusoglu, U.; Pham, V.-T.; Vo Hoang, D.; Nguyen, X. A chaotic system with infinite equilibria and its s-box constructing application. Appl. Sci. 2018, 8, 2132. [Google Scholar] [CrossRef]
  31. Sun, K.-H.; He, S.-B.; Yin, L.-Z.; Li-Kun, A.D.-L.D. Application of fuzzyen algorithm to the analysis of complexity of chaotic sequence. Acta Physica Sinica 2012, 61. [Google Scholar]
  32. Sun, K.-H.; He, S.-B.; He, Y.; Yin, L.-Z. Complexity analysis of chaotic pseudo-random sequences based on spectral entropy algorithm. Acta Physica Sinica 2013, 62, 010501. [Google Scholar]
  33. He, S.-B.; Sun, K.-H.; Zhu, C.-X. Complexity analyses of multi-wing chaotic systems. Chin. Phys. B 2013, 22. [Google Scholar] [CrossRef]
  34. Gerardo de la Fraga, L.; Torres-Perez, E.; Tlelo-Cuautle, E.; Mancillas-Lopez, C. Hardware implementation of pseudo-random number generators based on chaotic maps. Nonlinear Dyn. 2017, 90, 1661–1670. [Google Scholar] [CrossRef]
  35. Flores-Vergara, A.; García-Guerrero, E.E.; Inzunza-González, E.; López-Bonilla, O.R.; Rodríguez-Orozco, E.; Cárdenas-Valdez, J.R.; Tlelo-Cuautle, E. Implementing a chaotic cryptosystem in a 64-bit embedded system by using multiple-precision arithmetic. Nonlinear Dyn. 2019, 96, 497–516. [Google Scholar] [CrossRef]
  36. May, R.M. Simple mathematical models with very complicated dynamics. Nature 1976, 261, 459–467. [Google Scholar] [CrossRef] [PubMed]
  37. Ahmad, J.; Hwang, S.O. Chaos-based diffusion for highly autocorrelated data in encryption algorithms. Nonlinear Dyn. 2015, 82, 1839–1850. [Google Scholar] [CrossRef]
  38. Zhou, Y.; Bao, L.; Chen, C.L.P. A new 1d chaotic system for image encryption. Signal Process. 2014, 97, 172–182. [Google Scholar] [CrossRef]
  39. He, S.B.; Sun, K.H.; Wang, H.H. Multivariate permutation entropy and its application for complexity analysis of chaotic systems. Phys. A Stat. Mech. Appl. 2016, 461, 812–823. [Google Scholar] [CrossRef]
  40. He, S.B.; Sun, K.H.; Wang, R.X. Fractional fuzzy entropy algorithm and the complexity analysis for nonlinear time series. Eur. Phys. J. Spec. Top. 2018, 227, 943–957. [Google Scholar] [CrossRef]
  41. Pincus, S.M. Approximate entropy as a measure of system-complexity. Proc. Natl. Acad. Sci. USA 1991, 88, 2297–2301. [Google Scholar] [CrossRef]
  42. Zhu, S.; Wang, G.; Zhu, C. A secure and fast image encryption scheme based on double chaotic s-boxes. Entropy 2019, 21, 790. [Google Scholar] [CrossRef]
  43. Li, C.; Li, S.; Lo, K.-T.; Kyamakya, K. A differential cryptanalysis of yen–chen–wu multimedia cryptography system. J. Syst. Softw. 2010, 83, 1443–1452. [Google Scholar] [CrossRef]
  44. Khan, F.A.; Ahmed, J.; Khan, J.S.; Ahmad, J.; Khan, M.A.; Hwang, S.O. A new technique for designing 8 x 8 substitution box for image encryption applications. In Proceedings of the 9th Computer Science and Electronic Engineering, Colchester, UK, 27–29 September 2017. [Google Scholar]
  45. Daemen, J.; Rijmen, V. The Design of Rijndael: Aes-the Advanced Encryption Standard; Springer Science & Business Media: Berlin, Germany, 2002. [Google Scholar]
  46. Silva-Juarez, A.; Rodriguez-Gomez, G.; Fraga, L.G.d.l.; Guillen-Fernandez, O.; Tlelo-Cuautle, E. Optimizing the kaplan–yorke dimension of chaotic oscillators applying de and pso. Technologies 2019, 7, 38. [Google Scholar] [CrossRef]
Figure 1. Bifurcation diagram and the state distribution of logistic system. (a) Bifurcation diagram and (b) the distribution of state values.
Figure 1. Bifurcation diagram and the state distribution of logistic system. (a) Bifurcation diagram and (b) the distribution of state values.
Entropy 21 01004 g001
Figure 2. Bifurcation diagram and the state distribution of the tent system. (a) Bifurcation diagram and (b) the distribution of state values.
Figure 2. Bifurcation diagram and the state distribution of the tent system. (a) Bifurcation diagram and (b) the distribution of state values.
Entropy 21 01004 g002
Figure 3. Bifurcation diagram and the state distribution of the tent–logistic system. (a) Bifurcation diagram and (b) the distribution of state values.
Figure 3. Bifurcation diagram and the state distribution of the tent–logistic system. (a) Bifurcation diagram and (b) the distribution of state values.
Entropy 21 01004 g003
Figure 4. Approximate entropy values of a sequence generated by different chaotic maps.
Figure 4. Approximate entropy values of a sequence generated by different chaotic maps.
Entropy 21 01004 g004
Figure 5. The function and basic principle of an n × n S-Box.
Figure 5. The function and basic principle of an n × n S-Box.
Entropy 21 01004 g005
Table 1. Results of applying National Institute of Standards and Technology (NIST) test to our pseudo-random number generator (PRNG).
Table 1. Results of applying National Institute of Standards and Technology (NIST) test to our pseudo-random number generator (PRNG).
NIST Statistical Testp-ValuePass RateResults
Frequency (monobit)0.91141399/100pass
Block Frequency (m = 128)0.89776399/100pass
Cumulative Sums (Forward)0.637119100/100pass
Cumulative Sums (Reverse)0.779188100/100pass
Runs0.202268100/100pass
Longest Run of Ones0.89776398/100pass
Rank0.401199100/100pass
FFT0.57490398/100pass
Non-Overlapping Templates (m = 9, B = 000000001)0.04567599/100pass
Overlapping Templates (m = 9)0.83430899/100pass
Universal0.23681098/100pass
Approximate Entropy (m = 10)0.57490399/100pass
Random-Excursions0.55442057/57pass
Random-Excursions Variant0.47498656/57pass
Serial Test 1 (m = 16)0.096578100/100pass
Serial Test 2 (m = 16)0.93571699/100pass
Linear complexity (M = 500)0.090936100/100pass
Table 2. The matrix Sb of an 8 × 8 S-Box.
Table 2. The matrix Sb of an 8 × 8 S-Box.
i/j123...1516
1Sb(1,1)Sb(1,2)Sb(1,3)Sb(1,15)Sb(1,16)
2Sb(2,1)Sb(2,2)Sb(2,3)Sb(2,15)Sb(2,16)
3Sb(3,1)Sb(3,2)Sb(3,3)Sb(3,15)Sb(3,16)
Sb(i, j)
15Sb(15,1)Sb(15,2)Sb(15,3)Sb(15,15)Sb(15,16)
16Sb(16,1)Sb(16,2)Sb(16,3)Sb(16,15)Sb(16,16)
Table 3. The proposed new S-Box.
Table 3. The proposed new S-Box.
i/j12345678910111213141516
11147539161611422515018012623215517112914326
2186762342475318518722710619299319421521920
31101051126052901882218482081072012421219
4491919113897238140220122631391461671372888
51354222183616818132911783148190127102236
62058212119925214767133204111982101732431184
7174230593017621160622021451952091199645141
82454478294317712194156381515021324422142
9170226101721521152172163109239371041963189
10198218571242713417574871088922412523765118
11197515866421572292552112075520316912356149
1224225420010095694623402517610321617879
132402531311518311324693711532497724810172250
143541132253347223868115413623313686454
15166120841719321408573927016418216206130
161442281117980159116128235512411653423116258
Table 4. Dependency matrix of the proposed S-Box for the strict avalanche criterion (SAC).
Table 4. Dependency matrix of the proposed S-Box for the strict avalanche criterion (SAC).
i/j12345678
10.51560.50000.46880.51560.53130.51560.54690.5156
20.53130.53130.50000.46880.51560.43750.43750.4219
30.62500.53130.51560.53130.50000.46880.54690.5000
40.56250.46880.60940.43750.39060.51560.45310.5625
50.51560.50000.53130.50000.53130.50000.51560.5000
60.51560.48440.51560.54690.51560.46880.45310.4688
70.48440.50000.51560.51560.53130.46880.45310.4844
80.48440.48440.53130.50000.54690.51560.54690.5313
Table 5. Nonlinearities of constituent Boolean functions of the proposed S-Box.
Table 5. Nonlinearities of constituent Boolean functions of the proposed S-Box.
S-Box/SiS1S2S3S4S5S6S7S8Average
Initial S-Box545454545454545454
Final S-Box108106104104104106108110106.3
Table 6. Bit independence criterion for SAC.
Table 6. Bit independence criterion for SAC.
Boolean FunctionS1S2S3S4S5S6S7S8
S1-0.47850.47070.49410.50980.49020.51370.5117
S20.4785-0.52150.49020.52540.50390.49020.5098
S30.47070.5215-0.52150.49800.49610.49800.5020
S40.49410.49020.5215-0.47270.49410.51170.4961
S50.50980.52540.49800.4727-0.47660.51560.5098
S60.49020.50390.49610.49410.4766-0.48050.5059
S70.51370.49020.49800.51170.51560.4805-0.4941
S80.51170.50980.50200.49610.50980.50590.4941-
Table 7. Bit independence criterion for nonlinearity.
Table 7. Bit independence criterion for nonlinearity.
Output bit pair Functiony1y2y3y4y5y6y7y8
y1-102106106104106100102
y2102-10410298102108108
y3106104-106104106104106
y4106102106-104100106102
y510498104104-100102106
y6106102106100100-102104
y7100108104106102102-106
y8102108106102106104106-
Table 8. Performance comparison of different S-Boxes.
Table 8. Performance comparison of different S-Boxes.
S-Box MethodSACNonlinearity
Min. Max. Average
BIC–SACBIC-NLLPDP
Ref. [1]0.495104110106.50.498103.80.1410.039
Ref. [15]0.498102108104.50.508104.60.1250.047
Ref. [17]0.507104108106.80.507103.90.1400.054
Ref. [23]0.503106108106.80.502103.80.1330.039
Ref. [24]0.501108112109.30.506108.20.0940.031
Ref. [29]0.496102108105.30.499103.80.1560.039
Ref. [30]0.520104110106.30.501104.20.1330.039
Ref. [44]0.502102108103.50.501103.00.1330.039
AES [45]0.5041121121120.5041120. 0620.016
Initial S-Box0.4385454540.50177.10.2891.000
Final S-Box0.505104110106.30.499103.80.1250.039

Share and Cite

MDPI and ACS Style

Lu, Q.; Zhu, C.; Wang, G. A Novel S-Box Design Algorithm Based on a New Compound Chaotic System. Entropy 2019, 21, 1004. https://doi.org/10.3390/e21101004

AMA Style

Lu Q, Zhu C, Wang G. A Novel S-Box Design Algorithm Based on a New Compound Chaotic System. Entropy. 2019; 21(10):1004. https://doi.org/10.3390/e21101004

Chicago/Turabian Style

Lu, Qing, Congxu Zhu, and Guojun Wang. 2019. "A Novel S-Box Design Algorithm Based on a New Compound Chaotic System" Entropy 21, no. 10: 1004. https://doi.org/10.3390/e21101004

APA Style

Lu, Q., Zhu, C., & Wang, G. (2019). A Novel S-Box Design Algorithm Based on a New Compound Chaotic System. Entropy, 21(10), 1004. https://doi.org/10.3390/e21101004

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop