A Novel Optimization Method for Constructing Cryptographically Strong Dynamic S-Boxes

Abstract

The resistance of S-box-based cryptosystems to linear cryptanalysis is often determined by the nonlinearity (NL) and the linear approximation probability (LAP) of the underlying S-box. Constructing dynamic bijective S-boxes with high nonlinearity is a challenging problem. In this paper, we propose a novel S-box construction method based on the concept of constrained optimization. The proposed method uses a random-restart hill-climbing algorithm to construct randomized S-boxes and maximize the nonlinearity of each Boolean function under bijectivity constraints. The proposed algorithm dramatically reduced the S-box construction time. Compared to recent S-box construction methods, the proposed method strikes a better balance among the three design objectives of dynamic S-boxes, namely, cryptographic strength, dynamicity, and speed of construction. On the average, the proposed method constructs a new dynamic $8\times 8$ S-box with NL=112 every 118 ms, whereas a NL=110 S-box can be generated in 5.3 ms, which makes it suitable for real time applications. The proposed method also constructs $8\times 8$ S-boxes with NL=114, which is among the highest reported in literature. Moreover, we demonstrate the extensibility of the proposed constrained optimization formulation to improve other S-box design criteria. Namely, we propose an algorithm to optimize the LAP of an S-box while preserving its NL and bijectivity.