Nonlinearity of nonbalanced and nearly bent boolean functions based on Galois ring

Abstract

Designing of nonlinear confusion component of block cipher is one of the most important and inevitable research problem. Nowadays mostly heuristic search schemes were utilized for the construction of these confusion component. To construct, a cryptographically secure confusion component several algebraic structures were utilized. The thirst for new algebraic structure for the construction of these nonlinear confusion component has always been a point of interest. In this communication, we have utilized a maximal cyclic subgroup of unit of Galois ring. The offered algorithm is more general as compared to Galois field. The class of Boolean functions over Galois ring fall in mixed category which are not completely balanced. Boolean functions having higher nonlinearity and others cryptographic aspects added an inevitable significance in the construction of modern block ciphers. The primary idea of this article is to structure non-balanced Boolean functions on n variables, where n is an even integer, sustaining strict avalanche criterion (SAC) and bit independent criterion (BIC). By comparing SAC with available cryptographic Boolean functions, the constructed multivalued Boolean function acquire highest nonlinearity which does not follow the existing nonlinearity bound of Boolean functions. These newly proposed S-boxes consists of n basic Boolean functions which satisfy the balancedness and non-balancedness criterion. Therefore, these S-box structure lies within a less balanced and more bent Boolean function categories.

Keywords

S-box Galois Ring maximal cyclic subgroup

1 Introduction

Security of digital information plays an important role in this digital advanced era. Emerging area of this digitally advanced era are namely internet of thing (IoTs) and artificial intelligence which uses various types of deep and machine learning techniques for intelligent decision. The question arises how to add information security aspects in this new and emerging technologies? Several new information privacy mechanisms were developed so far which provides data security which is based on modern characteristics. Modern information security techniques were developed based on Feistel and substitution-permutation (SP) networks. The Feistel ciphers are generally uses fixed components whereas SP networks uses dynamic components at each round. The thirst of designing new confusion and diffusion components were one of the utmost vital problems in information security. The development of modern block ciphers mainly based confusion and diffusion as proposed by Claude Shannon in 1949. The complexity between encryption key and encrypted information can be made as complex as possible by using suitable confusion whereas the relation between plaintext and ciphertext can be made as strong as possible by using diffusion. The confusion and diffusion can be attained through substitution and permutation. The idea of confusion and diffusion were used in some famous encryption algorithm for example data encryption standard (DES), SHARK, PRESENT, Blow-fish, Two-fish, international data encryption algorithm (IDEA), and advanced encryption standard (AES). These encryption algorithms used Feistel and SP-networks [1 –40].

Designing new confusion and diffusion component of stream and block ciphers includes various mathematical structures. Several new mathematical structures-based confusion components were developed. These includes Galois field, symmetry groups, finite group, LA-semi groups, chaotic dynamical systems, Latin square and some other weak structures [41 –50]. While designing nonlinear confusion component of block cipher namely S-box must satisfy various cryptographic criterion. To achieve good confusion characteristic in modern block cipher there must be a robust nonlinear component with high nonlinearity. There are various types of cryptographic Boolean functions were added in literature to food the requirement of modern block ciphers. Several new Boolean functions were designed by testing against different cryptographic applications and characteristics. The most imperative cryptographically desirable standards for any Boolean functions includes balancedness, high nonlinearity, strict avalanche criterion (SAC), correlation immunity (CI) of rationally high order, low autocorrelation (AC), high algebraic degree (AD), algebraic immunity (AI), transparency order (TO), linear approximation (LA), differential approximation (DA), sum of deviation (SD) and sum of square deviation (SSD). The linkages among various cryptographic aspects of Boolean functions were investigated and attain more attention because of its implementation and development. But its still a question of interest is to obtain a universal algebraic structure which satisfy all relevant cryptographic characteristics. Mostly up till now Galois field is used to construction nonlinear confusion component with optimal nonlinearity. With this we have possibly structural attacks due to its binary nature. To prevent such attacks while designing such robust component of modern ciphers there is always a room of improvement is these mathematical structures. The benefits of using structures other than binary added complexity but on the other side it makes it possible to add more computational and implementation complexity. Such mathematical structures are more generalized with least possible conditions, we can construct but its far away from traditional implementation at hardware level. For this, we must define some linkages between Galois field and maximal cyclic subgroup of Galois ring. We have defined one to one mapping between maximal cyclic subgroup of Galois ring and Galois field of same cardinality. This makes it possible to reduce computational complexity while implantation [51 –65].

The central parts of our article here is to concern about the assets and advancements of another class of S-box to be specific Boolean functions that achieve high nonlinearity, fulfil SAC, and remains non-balanced. We introduced an innovative scheme for developing exceptionally maximal cyclic subgroup of a Galois ring based nonlinear non-balanced functions. It is extremely intriguing to take note of that these non-balanced functions got by utilizing proposed strategy, accomplish nonlinearity greater than that achievable by any recently recognized development technique. We additionally start the investigation into the methodical development of profoundly nonlinear non-balanced functions fulfilling the SAC and BIC of SAC rule [66 –80].

Using investigative tactics, we have achieved works with profiles unachievable by previous methods. The variety of assets referred demonstrates that empirical hunt is a stretchy structure for Boolean function scrutiny. Implementing additional aspects of cryptology theory into the maximal cyclic subgroup of Galois ring may confirm a productive opportunity for future research. The structure of Galois ring is little manipulated in current cryptology. We urge other scholars to be concerned about it. Using insightful philosophies, we have achieved functions with profiles unachievable by various systems. The extent of assets tended to show that accurate pursue is a stretchy development for Boolean function assessment. The distinction in premise changes shows that a little notion can enhance exploratory ways of managing incredible effect. Accepting further parts of cryptology theory into the maximal cyclic subgroup of Galois ring may exhibit a useful street for future investigation. The development of Galois ring is negligible exploited in cutting edge cryptology [81 –96].

The structure of this manuscript is as respects. In section 2, the notations and the mandatory preliminaries associated to Boolean functions and their cryptographic assets are outlined which will be essential for the successive sections are evaluated. In section 3, our construction of proposed S-boxes which are based on Galois ring are presented. The analysis of cryptographically robust S-box is discussed in section 4. The results and discussions related to obtain outcomes are stated in segment 5. Finally, section 6 concludes the work.

2 Boolean functions and cryptographic assets of substitution boxes

This segment comprises of preliminaries characteristics related to nonlinear confusion component of block cipher which are fundamentally based on Boolean functions.

2.1 Properties of Boolean Functions

This segment will provide some basic definitions of Boolean functions. Let GF (2) ⁿ be the vector space with n dimension over the Galois field GF (2). GF (2) ⁿ comprise of 2ⁿ vectors created in a binary structure of size n. The vector space is outfitted with the scalar product with < . , .>: GF (2) ⁿ × GF (2) ⁿ → GF (2) $< u, v > = \oplus_{j = 1}^{m} u_{j} \cdot v_{j},$ (1)

Definition 1: A n variables Boolean function g : GF (2) ⁿ → GF (2) ⁿ (or just a function on GF (2) ⁿ and (0, 1)-sequence is specified with (g (β₀) , g (β₁) , . . . , g (β_2ⁿ-1)), also named the truth table of g, where β₀ = (0, . . . , 0) , β₁ = (0, . . . , 1) , . . . , β_2ⁿ-1 = (1, . . . , 1), are in lexicographical order.

Definition 2: A vector Boolean function is a function that maps a Boolean vector to another Boolean vector: $ζ : GF (2)^{n} \to GF (2)^{n}$ (2)

This function ζ accepts n bits as input and returns m bits as output.

Definition 3: To every Boolean function g : GF (2) ⁿ → GF (2), we relate its character form or sign function, represented by $\overset{⌢}{g} : GF (2)^{n} \to R^{*} \subseteq C^{*}$ , and described by $\overset{⌢}{g} (x) = (- 1)^{g (x)}$ (3)

The (1, - 1)-structure is specified by ((-1) ^g(β₀), . . . , (-1) ^g(β_2ⁿ-1)), and β_j are defined in the definition 1.

Definition 4: For a Boolean function g : GF (2) ⁿ → GF (2) , the Hamming-weight is the quantity of ones in the truth table of g. Later, we present the concept of distance among two Boolean functions.

Definition 5: For two Boolean functions g, h : GF (2) ⁿ → GF (2) , we describe the Hamming-distance as the number of cases where g and h vary, that is $d (g, h) = # {x \in GF (2)^{n} | g (x) \neq h (x)} .$ (4)

Definition 6: For a Boolean function g, the imbalance Imb (g) is equal to the difference between the number of inputs that map to zero and the number of inputs that map to one. The imbalance can be any integer number between -2ⁿ and 2ⁿ. We have $Imb (g) = 1 / 2 (# {a | g (a) = 0} - # {a | g (a) = 1}) .$ (5)

A balanced Boolean function is a function with imbalance zero.

Definition 7: The autocorrelation function $r_{\overset{⌢}{g}}^{⌢} (a)$ with a shift a ∈ GF (2) ⁿ is specified as $r_{\overset{⌢}{g}}^{⌢} (a) = \sum_{x \in GF (2)^{n}} \overset{⌢}{g} (x) \overset{⌢}{g} (x \oplus a)$ (6)

Definition 8: Let g be a function defined on GF (2) ⁿ. Let a ∈ GF (2) ⁿ is termed as a linear structure of a ∈ GF (2) ⁿ if $r_{\overset{⌢}{g}}^{⌢} (a) = 2^{n}$ (7)

i-e., if $\overset{⌢}{g} (x) . \overset{⌢}{g} (x \oplus a)$ is constant.

Definition 9: The correlation among two Boolean functions is specified by $\begin{matrix} C (g, h) = 2 Pr (g (x) = h (x)) - 1 \\ = 2 [\frac{2^{n} - d (g, h)}{2^{n}}] - 1 = \frac{2^{n + 1} - 2 d (g, h)}{2^{n}} - 1 \\ = 1 - \frac{d (g, h)}{2^{n - 1}} . \end{matrix}$ (8)

Correlation is a rational number between –1 and 1.

Definition 10: The nonlinearity of a Boolean function is determined by: $N_{g} = d (g, A_{n}) = {min}_{α \in A_{n}}^{d} (g, α) .$ (9)

The affine function exhibits zero nonlinearity. The nonlinearity N_g > 0 if the Boolean function g is not affine. A high level of nonlinearity is required when developing a good cryptosystem. It assesses a cryptographic system’s capacity to avoid being written as a linear set of equations using functions, and it ensures challenge to linear cryptanalysis proposed by [44].

Definition 11: For a function g on GF (2) ⁿ the Walsh transform is a map Ω : GF (2) ⁿ → R specified by $Ω (g) (u) = \sum_{x \in GF (2)^{n}} g (x) (- 1)^{< u, x >},$ (10)

where <u, x> is the canonical scalar product.

Definition 12: [65] A Boolean function is a function that takes two arguments and yields a single. If any fixed subset of k, 1 ≤ k ≤ n, variables have any fixed set of values, the probability of fixed set of values of k variables, given the value of g (x), is always 2^-k, no matter what the fixed set of values is supposed to be order k correlation immune.

Definition 13: A n variables Boolean function that is correlation immune of order k and balanced is known as k-resilient function.

Definition 14: A function g : GF (2) ⁿ → GF (2) ^m has an average 1/2 of avalanche effect of the output bits vary when a single input bit is added that is, $\frac{1}{2^{n}} \sum_{u \in GF (2)^{n}} wt (g (x^{i}) - g (x)) = \frac{m}{2}, \forall i = 1, 2, . . ., n .$ (11)

Definition 15: A function g: GF (2) ⁿ → GF (2) ^m which turns n bits input into m resultant bits is known as complete if each output bit differs on every input bit, i.e. alter when an individual input bit is added, defined by: $\begin{matrix} \forall i = 1, . . ., n, j = 1, . . ., m, \exists x \in GF (2)^{n} \\ with (g (x^{i}))_{j} \neq (g (x))_{j} . \end{matrix}$ (12)

Every ciphertext bit must be dependent on all output bits if a cryptographic transformation is complete.

Definition 16: A function g: GF (2) ⁿ → GF (2) ^m meets the strict avalanche criterion if every output bit variate with a probability 1/2 when a single input bit is complemented i.e.

$\begin{matrix} Pr (g (x^{i}))_{j} \neq Pr (g (x))_{j} = \frac{1}{2}, \forall i = 1, . . ., n, \\ j = 1, . . ., m, \end{matrix}$ (13)

Definition 17: For a function g: GF (2) ⁿ → GF (2) ^m the dependence matrix A is a matrix with size n × m whose (i, j) ^th element a_ij signifies the total inputs for which supplementing the i^th input bit outcomes in a variation of the j^th output bit,

$\begin{matrix} a_{ij} = # {x \in GF (2)^{n} | wt ((g (x^{i}))_{j} - (g (x))_{j}}, \\ \forall i = 1, . . ., n, j = 1, . . ., m \end{matrix}$ (14)

Definition 18: For a function g : GF (2) ⁿ → GF (2) ^m the distance matrix B is a matrix with size n × (m + 1) whose (i, j) ^th element b_ij signifies all the inputs for which complementing i^th input bit outcomes in a variation of the j^th output bit, i.e.

$\begin{matrix} b_{ij} = # {x \in GF (2)^{n} |} (g (x^{i}) - g (x)) = j}, \\ \forall i = 1, . . ., n, j = 1, . . ., m . \end{matrix}$ (15)

Definition 19: For g : GF (2) ⁿ → GF (2) and a∈ GF (2) ⁿ, a ≠ 0, we defined the function by $g_{a} (x) = g (x) \oplus g (x \oplus a),$ (16)

where g_a is known as a directional derivative g of in the direction of a.

Definition 20: For an n varia Boolean function the autocorrelation function is described as $r_{g} (a) = \sum_{i = 0}^{2^{n} - 1} g (x_{i}) g (x_{i} \oplus a),$ (17)

for all every a ∈ GF (2) ⁿ.

Definition 21: A n variables Boolean function g is stated to fulfil the k degree propagation criterion (PC (k)) if replacing any i (1 ≤ i ≤ k) of the n bits in the x input effects in the resultant of the function being altered for precisely half of the 2ⁿ vectors x.

2.2 Multivalued confusion component

A logical step from the single output, the theory of Boolean functions is an extension of that theory that allows for many outputs. The term “S-box” refers to a collection of Boolean functions. S-boxes come in a variety of shapes and sizes depending on the dimension and uniqueness of the input and output bits. Below are some essential S-box definitions, as well as a brief overview of various S-box kinds relevant to this study.

An n × m substitution box (S-box) is a mapping from n input bits to m output bits, S : GF (2) ⁿ → GF (2) ^m. The output vector S (x) = (s₁, s₂, . . . , s_m) can be rotted into m component functions S_i: GF (2) ⁿ → GF (2) , i = 1, 2, . . . , m . There are inputs as 2ⁿ and feasible outputs as 2^m for an n × m S-box. There are three categories of S-boxes: Straight, compressed, and expansion S-boxes.

Any number of inputs can be assigned to any number of potential outputs, and all of the feasible turnouts are not embodied in the S-box when using a square n × m box together with n = m (which gets in a certain bits and produces the equivalent bits).

One that produces fewer bits than it accepts is called a n × m compression S-box with n > m. DES’s S-box serves as an excellent illustration of this. There are six bits in each S-box, yet each S-box only outputs four. A n × m S-box expansion with nm produces more bits than it consumes. Each of its possible 2^m outputs are signified in the S-box in an identical number of instances. The S-box has a total of 2^n-m instances of each potential output entry. The only time that regular n × m ‘S-boxes’ occur while n > m; otherwise, they are unbalanced.

In terms of compression and expansion, there are problems. Reversibility, or the ability to decrypt, is the first concern. Reversing the effects of an S-box is difficult since the overall number of bits is altered. Compression S-boxes have a second problem, which is the loss of data. Before the S-box in the DES algorithm, certain bits are reproduced. As a result, the compression process just removes duplicate bits, not actual data. Compression or expansion S-boxes, in general, will complicate your S-box design significantly. As a result, straight S-boxes are significantly more prevalent.

2.3 Some cryptographic assets of S-boxes

S-boxes are conceptually equivalent to the Boolean functions covered in earlier sections, but the methods used to obtain these features are fundamentally different. Many Boolean functions make up an S-box, hence when analysing the cryptographic qualities of an Substitution box, it is not enough to look at the cryptographic features of each Boolean function. The following list of key S-box attributes serves as an excellent illustration of this point.

An S-box with size n × m that is balanced has all its Boolean functions and linear combinations balanced. As a result of this balance, there is no exploitable bias since the equal amount of output bits in the entire output vector combinations assures that an assailant is incapable to irrelevantly estimate either the functions or their output.

The Shannon idea of confusion [31] describes a way to ensure that the ciphertext and key material have a complicated connection in a cipher system. As a result of this extrapolation, it has been hypothesized that the root of the ambiguity is a strong dependence on a substitute. Nonlinear components are used to create a cipher system that is difficult to decipher. In cryptographic cipher systems, substitution boxes are the primary source of nonlinearity. An S-box with size n × m has its nonlinearity measured for the first time.

Definition 22: For an S-box S with size n × m, the nonlinearity is symbolized by N_{S
_n,m}, described as the least feasible nonlinearity of all its elements outcomes Boolean functions and their linear combinations. Consider S = (s₁, s₂, . . . , s_m) where s_i are Boolean functions of n-variable ∀ i = 1, . . . , m. Consider h_i denotes the set of linear combinations of s_i, i = 1, . . . , m. Then the nonlinearity of S can be determined as follows: $N_{S_{n, m}} = min_{h} {N_{S_{n, m}} (h_{j})} (j = 1, . . ., 2^{m} - 1) .$ (18)

The computation of a n × m S-box nonlinearity s value turn into computationally infeasible as n and m rise. In the next part, we’ll describe some of the most successful cryptanalytic assaults that are currently known to exist.

Definition 23: Let S = (s₁, s₂, . . . , s_m) be an n × m S-box where s_i are Boolean functions of n-variable ∀ i = 1, . . . , m. Consider the set of linear combinations of s_i, i = 1, . . . , m is denoted by h_j (which incorporates the functions h_i). Therefore, the algebraic degree of S, symbolized by deg(S_n,m) , is described as $deg (S_{n, m}) = min_{h} {deg (h_{j})} (j = 1, . . ., 2^{m} - 1) .$ (19)

Shannon also introduced the term “diffusion” to go along with his idea of confusion [31]. Cipher redundancy spreads throughout a cipher’s full (or substantial) material to minimize the possibility of detecting its statistical structure, as discussed in this article. The avalanche qualities of a cipher system have long been linked to diffusion and the use of cipher components that display good avalanche characteristics. The following definitions are required to measure various properties of S-boxes:

Definition 24: Let S = (s₁, s₂, . . . , s_m) be an S-box with size n × m where s_i are Boolean functions of n-variable ∀ i = 1, . . . , m. Let h_j be the set of linear combinations of s_i, i = 1, . . . , m, each with an autocorrelation function, ${\hat{r}}_{h_{i}} (a)$ . Therefore, the absolute maximum value of autocorrelation of S is described as: ${| {AC}_{S_{n, m}} |}_{max} = max_{h} | r_{h_{j}} (a) |,$ (20)

with j = 1, . . . , 2^m - 1 and a ∈ {1, . . . , (2) ⁿ - 1}.

Definition 25: Let S = (s₁, s₂, . . . , s_m) be an S-box of size n × m, where s_i, i = 1, . . . , m and Boolean functions of n-variable. Consider the linear combinations of s_i, i = 1, . . . , m is denoted by h_j. Afterwards strict avalanche criterion (SAC) is stated to appease by S if all h_j, j = 1, . . . , 2^m - 1 fulfils SAC.

Definition 26: Let S = (s₁, s₂, . . . , s_m) be an S-box of size n × m, where s_i, i = 1, . . . , m are Boolean functions of n-variable. Consider h_j represents linear combinations set of s_i, i = 1, . . . , m. Afterwards propagation criteria of order k, PC (k), is considered to fulfil by S, if every h_j, j = 1, . . . , 2^m - 1 appeases PC (k).

Definition 27: Let S = (s₁, s₂, . . . , s_m) be an S-box of size n × m, where s_i,, i = 1, . . . , m are Boolean functions of n-variable. Consider h_j represents linear combinations set of s_i, i = 1, . . . , m. Afterwards S is a CI (t) S-box if all h_j,j = 1, . . . , 2^m - 1 are CI (t) Boolean functions.

Definition 28: Let S = (s₁, s₂, . . . , s_m) be an S-box of size n × m, where s_i, i = 1, . . . , m are Boolean functions of n-variable. Consider h_j represents linear combinations set of s_i, i = 1, . . . , m. Afterwards S is a t-resilient S-box if all h_j, j = 1, . . . , 2^m - 1 are t-resilient Boolean functions.

2.4 Bit Independent Criterion (BIC)

In 1985, Tavares and Webster presented new criteria for S-boxes dubbed the bit independent criterion (BIC) [52]. This characteristic specifies that when any single input bit i is reversed, the output bits j and k should change independently for every i, j and k ∈ (1, 2, . . . , n). This measure seems to improve the efficacy of the confusion component. The bit independence that corresponds to the impact of changing the i^th input bit on the j^th and k^th bits of is B^{e
_i}: $BIC (b_{j}, b_{k}) = max_{1 \leq i \leq n} | corr (b_{j}^{e_{i}}, b_{k}^{e_{i}}) | .$ (21)

For the S-box function h : GF (2) ⁿ → GF (2) ⁿ, the bit independent criterion (BIC) is then well-demarcated as follows: $BIC (h) = max_{l 1 \leq j, k \leq n j \neq k} BIC (b_{j}, b_{k}),$ (22)

which reveals how near is fulfilling the BIC [52].

2.5 Linear and differential cryptanalysis of S-boxes

A theoretical assault on the Data Encryption Standard (DES) using linear cryptanalysis was initially presented in 1993 at the Eurocrypt conference by M. Matsui [38, 62] and later applied effectively in the practical cryptanalysis of DES [44]. If you’re interested in learning more about linear cryptanalysis, you’ll need to know that it works on the premise of finding linear terminologies using plaintext bits, ciphertext bits, and subkey bits [63]. Many plaintext-ciphertext pairings have been utilized to figure out the key bit values in this well-known plaintext attack [63].

In 1990, E. Biham and A. Shamir suggested differential cryptanalysis as an assault against DES at the Crypto conference [64]. Here is how Heys summarises the central idea: To decipher the ciphertext, differential cryptanalysis takes use of the superior probability of various plaintext differences and differences in round three’s ciphertext. That means that the key may be deduced by selecting a specific piece of plaintext and then calculating its output. Linear and differential probability are defined in this section.

Definition 29: For an vector Boolean function (S-boxes) g : GF (2) ⁿ → GF (2) ⁿ, the XOR table with size 2ⁿ × 2ⁿ, with its column and rows represented by 0, 1, 2, . . . , 2ⁿ - 1 . Point (i, j) in the XOR table comprises of input vectors: $| {P \in GF (2)^{n} : g (P) \oplus g (P \oplus τ_{i}) = τ_{j}} |,$ (23)

such that 0 ≤ i, j ≤ 2ⁿ - 1, τ_i and τ_j are n-bit binary descriptions of symbols i and j. When the S-box is used for cryptography, it can be used to make a pair of input and output XOR pairs, which are called input/output pairs. Differential cryptanalysis can break into XOR pairs with a lot of XOR table entries. If you choose S-boxes with low XOR table entries, you can protect your cipher from differential cryptanalysis. The only omission is the value (0,0) that has the value of 2ⁿ. When you look at each row in an XOR table, the overall input vector pairs (P, P ⊕ τ_i) is 2ⁿ, which is how many pairs there are in total [67].

Definition 30: For a given vector Boolean function g : GF (2) ⁿ → GF (2) ^m it is defined the linear approximation table which elements are ${LAT}_{g} (a, b) = # {x \in GF (2)^{n} | a . x = b . g (x)} - 2^{n - 1},$ (24)

where a ∈ GF (2) ⁿ, b ∈ GF (2) ^m ∖ {0} .

Definition 31: For any certain Δ_x, Δ_y, Γ_x, Γ_y ∈ GF (2) ⁿ, the differential and linear approximation probabilities for every vector Boolean function (S-box) are described as:

${LP}^{S_{i}} (Γ_{y} \to Γ_{x}) = (2 \times \frac{# {x \in GF (2)^{n} | x Γ_{x} = S_{i} (x) Γ_{y}}}{2^{n}} - 1),$ (25)

${DP}^{S_{i}} (Δ_{x} \to Δ_{y}) = (\frac{# {x \in GF (2)^{n} | S_{i} (x) \oplus S_{i} (x \oplus Δ_{x}) = Δ_{y}}}{2^{n}})$ (26)

where xΓ_x, represents the parity (0 or 1) of the bitwise multiplication of Γ_x and x.

Definition 32: The maximum differential and linear approximation probabilities of vector Boolean function (S-boxes) are described as: $p = max_{i} max_{Γ_{x}, Γ_{y}} {LP}^{S_{i}} (Γ_{y} \to Γ_{x}),$ (27) $q = max_{i} max_{Δ_{x}, Δ_{y}} {DP}^{S_{i}} (Δ_{x} \to Δ_{y}) .$ (28)

2.6 Fundamental assets of Galois Rings

We start with certain fundamental explanations of commutative rings with their corresponding polynomial extension.

Definition 33: Consider a commutative ring R with identity.

1. An element u is a unit in R if there exists an element v in R such that u . v = 1, where 1 is the identity of R.

2. Nonzero element a of ring R is known as zero divisor if there exists a nonzero element b in R such that a . b = 0.

Definition 34: A commutative ring R with identity is a local ring if and only if all non-unit elements form an additive abelian group. Otherwise, a commutative ring R with identity is local if it has a distinctive maximal ideal. For example, $ℤ_{p^{k}}$ where k is any positive integer and p is a prime integer is a local ring.

Definition 35: Consider (R, M) be a local commutative ring with identity having K (= R/M). φ : R → R/M is a canonical epimorphism, described as $φ (a) = \overset{⌢}{a} = a + M, \forall a \in R$ . Let φ (x) = a₀ + a₁x + ⋯ + a_mx^m ∈ R [x] be an irreducible polynomial and is supposed to be a fundamental irreducible over R if $φ (φ (x)) = \bar{φ} (x) = a_{0}^{⌢} + a_{1}^{⌢} x + . . . . + a_{m}^{⌢} x^{m} \in K [x]$ is irreducible over K.

2.6.1 Mathematical formulation of GR (p^k, s)

There are some interesting characteristics of polynomial extension fields namely Galois extension field over ℤ_p, (p is prime modulo) is vanished in its finite extension of ℤ_{p
^k}. Let us consider polynomial ring of integer over local ring ℤ_{p
^k} [x] in variable x and primitive irreducible polynomial φ (x) over ℤ_{p
^k} of degree s to investigate the basic properties of Galois ring extension. The Galois extension of local ring ℤ_{p
^k} of degree s represented with notion $R = GR (p^{k}, s) = ℤ_{p^{k}} [x] / < φ (x) >$ and its corresponding Galois extension field over $ℤ_{p}$ is denoted by $K = GF (p, s) = ℤ_{p} [x] / < \bar{φ (x)} >$ . An abelian group with zero-divisors is formed. As a result, the Galois ring R is local one. In the Galois ring R, every element with a coefficient unit element in ℤ_{p
^k} is a unit. Abelian group R* is the group of units of Galois ring R in multiplication, and may be stated as a direct product of cyclic groups. The maximum cyclic subgroup G_n, whose components are the roots of xⁿ - 1, is the cyclic group of relevance in cryptography and coding theory.

3 Formulation of new confusion component of block cipher over GR (2³, 8)

We design an 8 × 8 S-box in this segment by utilising the maximum cyclic subgroup G₂₅₅ of the group of units of the Galois ring GR (2³, 8). The S-box is used to encrypt images. We employ the computational approaches described in [5] to get the maximum cyclic subgroup G₂₅₅ for this design.

3.1 Maximal Cyclic Subgroup of Group of Units of GR (2³, 8)

For the local ring $ℤ_{2^{3}}$ , the residue field is the binary field $ℤ_{2}$ . The polynomial $φ (x) = x^{8} + x^{4} + x^{3} + x^{2} + 1 \in ℤ_{2^{3}} [x]$ is a fundamental irreducible polynomial. Galois ring GR (2³, 8) of order 8⁸ is achieved by assembling the factor ring $\frac{ℤ_{8 [x]}}{(ϕ (x))}$ , whose elements are of the form ${a_{0} + a_{1} x + a_{2} x^{2} + . . . + a_{6} x^{6} + a_{7} x^{7} : a_{i}^{,} s \in ℤ_{8}}$ . The corresponding GF (2, 8) of order 256 turn into $\frac{ℤ_{2 [x]}}{(ϕ (x))}$ and its elements are attained by utilizing the identity u⁸ + u⁴ + u³ + u² + 1 under mod 2 and mod $\bar{φ (u)}$ . By contemplating as the root of $\bar{φ (x)}$ in $ℤ_{2}$ , a maximum cyclic subgroup of the group of units of GR (2³, 8) is produced. We obtain u²⁵⁵ = 1 using the procedure described in [5], which calculates the consecutive powers of u mod 2 and mod $\bar{φ (x)}$ . Thus, the maximal cyclic subgroup of GR (2³, 8) of units contains 255 elements. Allow α to be the root of φ (x). to locate these components x. Then, using the successive powers of α mod 8 and mod φ (α), we have α¹⁰²⁰ = 1. Thus, the elements of G₂₅₅ are generated by β = α⁴. The outcomes are shown in Table 1.

Table 1
Maximal cyclic subgroup G₂₅₅ elements of the group of units of GR(2³,8) with polynomial φ (x) = x⁸ + x⁴ + x³ + x² + 1

Exponent form Polynomial form

0 10000000

1 00001000

2 70777000

3 10110077

4 00112232

5 66321147

6 77370203

7 06035204

8 36351047

⋮ ⋮

254 02217011

Exponent form	Polynomial form
0	10000000
1	00001000
2	70777000
3	10110077
4	00112232
5	66321147
6	77370203
7	06035204
8	36351047
⋮	⋮
254	02217011

3.2 New Formulation of confusion component based on Galois Ring

The proposed mechanism of nonlinear confusion component of block cipher is created on Galois ring GR (2³, 8) with its unit joins with zero element say G₂₅₅ ∪ {0}. We have defined a mapping from unit element along with zero element to itself for instance mappings from G₂₅₅ ∪ {0} to G₂₅₅ ∪ {0}: $S : G_{255} \cup {0} \to G_{255} \cup {0}$

This construction of S-box involved the following mappings:

Define an inverse map I : G₂₅₅ → G₂₅₅ by the following expression: $I (x) = x^{- 1}, for each x \in G_{255}$

The scalar multiplication function g is described as g (x) = ax, where a is a fixed element taken from G₂₅₅.

Our proposed S-box is based on two types of mappings namely inverse and scalar mappings. In this way, we can represent construction of our nonlinear confusion component as a composition of these two functions as: $I \circ g (x) = {(ax)}^{- 1} .$

Apply action of S₂₄ on the output of step, 3 we get 24! S-boxes.

By choosing various scalars from G₂₅₅, 255 various S-boxes can be constructed. The S-box provided in the Table 2 is composed by choosing scalar.

Table 2
Nonlinear confusion component of block ciphers with 24 bits element

0 1788455 11042196 4045249 8307629 138509972 13492179 3867691 2388624 1 4056 32711 16515649 5055040 15766774 6360831

8476208 15735539 12705991 5759658 1569714 4982088 154944 14057187 2277153 13573981 3290903 6078565 12653436 8364023 9865743 4054744

13377323 3044103 6561 10096583 7688352 11095475 4111028 8970141 6446203 7874787 2733574 5595885 15863154 15444768 13521166 5120547

15573222 2615534 6685770 16045024 5232571 2475019 3813612 15823333 3375473 14770440 3408562 1072832 16676803 8854689 5544855 8194239

2221680 4291754 8428145 8428145 3470847 2371385 13298502 16096794 1186479 12248807 12738842 5800098 13220536 15337709 2030017 8546457

1701026 5352681 9831086 10768608 7810179 6908502 5360178 7011884 929805 10541034 13355771 1544796 243650 8162637 7297144 2991123

3257582 3850861 585116 13644346 8044101 8485853 3065457 5692580 9165211 217163 363219 1123876 7633 14487495 2678896 16347194

2869113 36595077 11540917 16155847 8378584 2446091 700595 233693 938447 1130019 15935093 10130070 10595423 3255726 10933422 11612827

8662133 5285190 1898174 7336121 11603849 5714736 16034325 13819006 1835483 147520 393508 1047008 9532809 14403441 10850188 4194792

13995008 1380072 1656944 16364631 7419885 147573 348452 836275 4011644 4621749 1012696 3213201 4569904 6557997 10533255 15023997

1505589 10373401 403812 9688422 14082507 5291866 12461181 12028902 1419464 10020462 16587578 14388279 1156744 7960238 358641 9043505

7001577 15324763 8622699 11876815 16178229 159221051 904602 13533804 6540120 4773132 147579 373028 808237 4544003 3522227 13795885

808152 5113748 2413920 2021147 1665855 12292402 6702671 1370852 12256122 9136784 3350546 15724182 59850 10236602 12452741 8924768

7292166 16389716 9476199 365823 4827567 4916014 14803344 3861002 15384705 2449564 14925426 528205 15708544 3391117 14088781 16035433

16705980 10628314 3754918 10331060 11276270 6207296 3218845 10905847 16138850 5657572 14740387 14566586 9909604 13821461 12185498 5158185

1965213 13421737 367228 10615215 15127145 4484763 12337218 7765828 9848097 13617636 14315084 3457314 16418300 6985880 3444575 14556408

4 Cryptographic investigations of confusion component of Block Cipher

The suggested S-box must be tested to determine its utility in encryption. Any S- box’s strength may be determined by looking at several features stated in the literature. The differential analysis of DES [64] and the information-theoretic analyses utilizing extracts from Shannon’s unique idea [30] are two widely used cryptanalysis approaches. Stringent avalanche criteria (SAC), non-linearity, bit independence criterion (BIC), differential and linear approximation probability are some of the aspects of the offered S-box that we investigate here. The findings of these studies are cautiously reviewed to verify the robustness of the suggested S-box. In the following sections, we will go through the specifics of these tests and how they affected our understanding of the S-overall box’s strength. There has been a slew of side-channel attacks on various cryptographic schemes since Kocher originally described them in 1996 [84]. One of the most potent assaults in opposition to iterated block ciphers is the DPA. Prouff developed DPA assaults in standings of correlation coefficients among two Boolean functions in [85] and introduced transparency order for Substitution boxes in block ciphers (TO). This statistic measures S-boxes’ resistance against DPA assaults.

4.1 Nonlinearity

The confusion capability of modern encryption algorithms is highly dependent on its nonlinear substitution boxes (S-boxes). The nonlinearity is one of most significant cryptographic attributes which quantitatively measures this aspect. Higher the nonlinear of S-box higher is the robustness of proposed mechanism. With this characteristics complexity of input and output bit patterns are utilized to assess the behaviour of individual Boolean functions involved in S-boxes. In nonlinearity, least distance of a particular function is measure from all its corresponding affine function. To determine the nonlinearity of an encryption procedure, the number of adjustments mandatory to get the nearest affine functions is relevant. The mathematical expression which involved Walsh spectrum is given as follows [80]: $N_{g} = 2^{m - 1} (1 - 2^{m} max | S_{g} (w) |) .$ (29)

The Walsh spectrum S_g (w) is defined as $S_{g} (w) = \sum_{w \in F_{2^{m}}} (- 1)^{g (x) \otimes χ . w} .$ (30)

The nonlinearity of projected nonlinear confusion component is given in Table 3.

Table 3

Nonlinearity of non-balanced functions

Functions	N _g	Functions	N _g	Functions	N _g
g ₀	8388586	g ₈	8388578	g ₁₆	8388580
g ₁	8388584	g ₉	8388588	g ₁₇	8388586
g ₂	8388586	g ₁₀	8388580	g ₁₈	8388582
g ₃	8388580	g ₁₁	8388582	g ₁₉	8388586
g ₄	8388580	g ₁₂	8388586	g ₂₀	8388580
g ₅	8388588	g ₁₃	8388584	g ₂₁	8388586
g ₆	8388586	g ₁₄	8388582	g ₂₂	8388580
g ₇	8388582	g ₁₅	8388582	g ₂₃	8388588

Generally, cryptographic Boolean functions should meet many conditions at the same time, including strong nonlinearity, rigorous avalanche criterion, and bit independence criterion. The linear cryptanalysis found by Matsui is sensitive to numerous cryptanalytic assaults on a low nonlinearity function (1994). In the past, nonlinearity was seen as an essential requirement for quality control. Nonlinearity is critical to prevent encryption schemes like DES, as demonstrated by recent improvements in linear cryptanalysis performed by Matsui. Cryptic analysis that utilizes the low non-linearity of S-boxes utilized in the block cipher FEAL, and DES has proved effective.

Bended functions are well-known for their strong nonlinearity and ability to meet the propagation condition for any non-zero vectors that they encounter (Dillon, 1972). Because of this, bending functions cannot be used in practice because of two limitations. When the number of input coordinates corresponds to the number of output coordinates, there are two drawbacks.

Our proposed S-box consists of Boolean functions which are not balanced as a whole and exist for an even number of coordinates. Also, our proposed S-box does not follow the existing bound on nonlinearity which is a discovery in the field of cryptographic criteria. The components of the proposed S-box namely even the number of Boolean functions exhibits characteristics of balancedness and bentness, but these Boolean functions don’t satisfy the nonlinearity bounds as fulfilling the by bent Boolean functions. These classes of Boolean functions are more general as associated to the existing Boolean functions. The suggested S-box is fundamentally based on the non-balanced and non-bent Boolean functions. We have proposed a different bound for the nonlinearity of these non-balanced and non-bent Boolean functions. The comparison of the different bounds is also depicted in Table 4.

Table 4

Contrast among the nonlinearity bounds of Boolean functions

Construction	neven	N _g
Canteaunt et al. [14]	n ≥ 8	$2^{n - 1} - 2^{\frac{n}{2}}$
Stanica [94]	n ≥ 4	2^n-2
Satanica [94]	n ≥ 8	$2^{n - 1} - 2^{\frac{n}{2}}$
Stanica nd Sung [96]	n ≥ 8	$2^{n - 1} - 2^{\frac{n}{2}}$
Maitra [16]	n ≥ 6	$2^{n - 1} - 2^{\frac{n}{2} - 1} - 2^{\frac{n}{2} - 1}$
Stanica and Sung [96]	n ≥ 4	$2^{n - 1} - 2^{\frac{n}{2}}$
Xiaohu Tang et al. [93]	n ≥ 10	$2^{n - 1} - 2^{\frac{n}{2} - 1} - 2^{⌈ \frac{n}{4} ⌉ - 1}$
Our proposed bound	n = 2t	2^2t-1 - 2^{2t-2^j+1} - 2^{t-2^k+1}
and t ≥ 6

4.2 Comparison with already exiting results in the literature

For simplicity, we suppose $N_{1} = 2^{n - 1} - \frac{2 ln 2}{π} n 2^{\frac{n}{2}},$ $N_{2} = 2^{n - 1} - \frac{ln 2}{2} n 2^{\frac{n}{4}} - 1,$ $N_{3} = max {6 ⌊ \frac{2^{n - 1}}{2 n} ⌋ - 2, 2^{n - 1} - (\frac{ln 2}{3} (n - 1) + \frac{3}{2}) 2^{\frac{n}{2}}}$ signify the nonlinearity’s lower bounds in [90 –92], correspondingly, where n = 2^tm with gcd(2, m) =1 . Also the nonlinearity bound available in [93] $N_{4} = 2^{n - 1} - \sum_{i = 0}^{t - 1} 2^{\frac{n}{2^{i + 1}}} - 2^{\frac{m - 1}{2}}$ is much better than N₁, N₂ and N₃. More specifically, by a monotonous calculation, we can validate that N₄ is greater than N₁, N₂ and N₃ if n ≥ 4 . In [90, 91], and [92], certain specific results of the nonlinearity were presented which are indicated by N₁, N₂ and N₃ for convenience that are much improved than their bounds. The contrast table is along with our proposed new bound is offered in the following table.

Our function has better nonlinearity than the newly suggested Boolean function, which has the finest nonlinearity with all known bent Boolean function constructions. This benchmark is through the mixed behaviour of our proposed S-boxes which is mainly at the same time dependent on balanced and non-balanced Boolean functions.

4.3 Strict Avalanche Criterion (SAC) Analytically

The strict avalanche criterion (SAC) investigates the behaviour of the output bits when the nonlinear S-box transformation is changed. Roughly one-half of the resultant bits should variate value in reaction to a single input change. The variation in output bit designs causes an avalanche of changes in the SP-network. The magnitude of these variations aids in estimating cryptanalysis resistance and cipher strength. The SAC of suggested S-box is given as follows: $SAC = [\begin{matrix} D_{1} & D_{2} \\ D_{3} & D_{4} \\ D_{5} & D_{6} \\ D_{7} & D_{8} \end{matrix}],$ where $D_{1} = {\begin{matrix} 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \\ 0 . 5391 & 0 . 5078 & 0 . 5156 & 0 . 5000 & 0 . 4688 & 0 . 5000 \end{matrix}},$ $D_{2} = {\begin{matrix} 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \\ 0 . 5000 & 0 . 5313 & 0 . 4609 & 0 . 5234 & 0 . 4688 & 0 . 5391 \end{matrix}}$ $D_{3} = {\begin{matrix} 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \\ 0 . 5000 & 0 . 4688 & 0 . 5156 & 0 . 5000 & 0 . 5234 & 0 . 5547 \end{matrix}}$ $D_{4} = {\begin{matrix} 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \\ 0 . 5000 & 0 . 4531 & 0 . 5469 & 0 . 5000 & 0 . 4922 & 0 . 5391 \end{matrix}}$ $D_{5} = {\begin{matrix} 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4766 \\ 0 . 5000 & 0 . 4688 & 0 . 4922 & 0 . 5000 & 0 . 4531 & 0 . 4609 \end{matrix}}$ $D_{6} = {\begin{matrix} 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 4609 & 0 . 5078 & 0 . 5000 & 0 . 4688 \end{matrix}}$

$D_{7} = {\begin{matrix} 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \\ 0 . 5156 & 0 . 4922 & 0 . 4922 & 0 . 5000 & 0 . 4688 & 0 . 4609 \end{matrix}}$ $D_{8} = {\begin{matrix} 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \\ 0 . 5000 & 0 . 4453 & 0 . 5469 & 0 . 5156 & 0 . 5156 & 0 . 4688 \end{matrix}} .$

The comparative analyses of our proposed methods with other available multivalued nonlinear Boolean function are available in Tables 6-7.

Table 5
Assessment of the nonlinearity of nonbalanaced and balanced Boolean function (neven)

Balanced Boolean Functions NonBalanced Boolean Functions

n N₁ = N₃ [90, 92] N₂ [91] N₄ [93] Bent Boolean Functions Proposed N_F

4 4 4 4 6 –

6 24 24 26 28 –

8 112 116 116 120 124

10 478 490 492 496 –

12 1970 2008 2010 2016 –

14 8036 8118 8120 8128 –

16 32530 32624 32628 32640 32748

18 130442 130792 130800 130816 –

24 – – – 8386560 8388588

Balanced Boolean Functions	NonBalanced Boolean Functions
4	4	4	4	6	–
6	24	24	26	28	–
8	112	116	116	120	124
10	478	490	492	496	–
12	1970	2008	2010	2016	–
14	8036	8118	8120	8128	–
16	32530	32624	32628	32640	32748
18	130442	130792	130800	130816	–
24	–	–	–	8386560	8388588

Table 6

Contrast of SAC assessment of offered S-boxes with chaotic S-boxes

S-boxes	SAC values
Suggested S-box	0.49990
Wang [71]	0.48500
Chen [69]	0.49990
Tang [73]	0.49930
Jakimoski [74]	0.49720

Table 7

Contrast of SAC assessment of offered S-box with some well-known S-boxes

S-boxes	Min	Max	Avg.
Suggested S-box	0.445300	0.539100	0.499900
AES	0.453125	0.562500	0.504883
APA	0.437500	0.562500	0.437500
Gray	0.437500	0.562500	0.499756

4.4 Bit Independent criterion

Changes in input bits and features of pair-wise input/output variables of avalanche vectors also play a role in the Bit Independence Criterion (BIC) [80]. Changing a single input bit in plaintext allows us to test this requirement.

5 Results and Discussions

S-boxes with strong encryption capabilities have been compared to the performance of the suggested S-box and found to be equivalent or even superior. As can be seen from the nonlinearity analysis, these qualities are on par with the S-boxes that were used as a standard in this study. The comparison of nonlinearity bounds is listed in Table 4. The results for each nonlinearity bounds are given in Table 5. The thorough investigations of Table 5, clearly justify the claim of being highly nonlinear Boolean functions are obtained that have yet not been devised in literature which is a central point of the proposed construction technique. The results are shown in Table 5. We have also drawn a comparison of SAC among the chaotic and some well-known S-boxes (see Tables 6-7). Our suggested S-box satisfies the SAC and is quite comparable with the SAC of already existing S-boxes. In Table 8, a contrast of bit independent criteria is presented among the suggested S-box and prime, AES, Gray, APA, S-boxes. The outcomes agree with the desired range. In these tests, it is reflected that the recital of the offered S-box is equivalent to the present eminent S-boxes utilized as standards in this article.

Table 8
Contrast of SAC of BIC of offered S-box

SAC of BIC

S-boxes Min Max Avg

Proposed S-box 0.487400 0.509200 0.500000

AES 0.480469 0.525391 0.504604

APA 0.472656 0.515625 0.499651

Gray 0.478516 0.515625 0.502581

	SAC of BIC
Proposed S-box	0.487400	0.509200	0.500000
AES	0.480469	0.525391	0.504604
APA	0.472656	0.515625	0.499651
Gray	0.478516	0.515625	0.502581

6 Conclusion

In this work, we mainly provide an innovative construction method for the maximal cyclic subgroup of the Galois ring based nonlinear component of block cipher namely S-box. Additionally, we have studied the three cryptographic assets of Boolean functions including nonlinearity, SAC, and BIC. An innovative technique has been displayed to build S-boxes that comprise Boolean functions whose nonlinearity is much higher than accomplished by any beforehand known development. Also, a comparison with already existing results in the literature has been drawn to verify the significance of the suggested construction scheme. This opens a conceivable new parkway for advanced investigation that is to develop the outcomes do that they consider other cryptographic components, for example, algebraic degree, autocorrelation, algebraic immunity, correlation immunity, linear structures, global avalanche characteristics (GAC), transparency order, linear and differential approximation probabilities of proposed S-boxes to resist against the linear and differential attacks.

Footnotes

Acknowledgments

This research was funded by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number (PNURSP2022R87), Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia.

Funding

This research was funded by Princess Nourah bint Abdulrahman University Researchers Supporting Project Number (PNURSP2022R87), Princess Nourah bint Abdulrahman University, Riyadh, Saudi Arabia.

References

Andrade

A.A.

and Palazzo

Jr., , Construction and decoding of BCH codes over finite rings, Linear Algebra Appl 286 (1999), 69–85.

Interlando

J.C.

, Palazzo

Jr. and Elia

, On the decoding of Reed-Solomon and BCH codes over integer residue rings, IEEE Trans Inform Theory IT-43 (1997), 1013–1021.

Shah

, Qamar

and Andrade

A.A.

, Construction and decoding of BCH codes over chain of commutative rings, Mathematical Sciences 6 (2012), 51.

Shah

, Qamar

and Hussain

, Substitution Box on Maximal Cyclic Subgroup of units of a Galois Ring, Z Naturforsch A 68a (2013), 567–572.

Shah

, Mehmood

, Andrade

A.A.

and Palazzo

Jr., , Maximal cyclic subgroups of the groups of units of Galois rings: A computational approach, Computational and Applied Mathematics- (40314/CAM) DOI 10.1007/s40314-015-0281-9

Shankar

, On BCH codes over arbitrary integer rings, IEEE Trans Inform Theory IT-25(4) (1979), 480–483.

Preneel’

, Leekwijck

W.V.

, Linden

L.V.

, Govaerts

and Vandewalle

, Propagation characteristics of Boolean functions, Advances in Cryptology - EUROCRYPT ’90, LNCS 473, pp. 161–173, 1991. 0 Springer-Verlag Berlin Heidelberg 1991.

Meier

and Staffelbach

, Nonlinearity criteria for cryptographic functions, Advances in Cryptology — EUROCRYPT ’89, Volume 434 of the series Lecture Notes in Computer Science pp. 549–562.

Zhang

X.-M.

and Zheng

, Auto-correlations and new bounds on the nonlinearity of Boolean functions. Advances in Cryptology –EUROCRYPT, 96, no. 1070 in Lecture Notes in Computer Science, Springer-Verlag, (1996), pp. 294–306.

10.

Olejar

and Stanek

, On cryptographic properties of random Boolean functions, Journal of Universal Computer Science 4(8) (1998), 705–717.

11.

Zheng

, Zhang

X.-M.

and Imai

, Restriction, terms and nonlinearity of Boolean functions, Theoretical Computer Science 226(1-2) (1999), pp. 207–223.

12.

Sarkar

and Maitra

, Nonlinearity Bounds and Constructions of Resilient Boolean Functions, CRYPTO 2000, LNCS, vol. 1880, ed. Mihir Bellare, (2000), pp. 515–532.

13.

Sarkar

and Maitra

, Construction of nonlinear Boolean functions with important cryptographic properties. Advances in Cryptology - EUROCRYPT 2000, no. 1807 in Lecture Notes in Computer Science, Springer Verlag, (2000), pp. 485–506.

14.

Canteaut

, Carlet

, Charpin

and Fontaine.

, Propagation characteristics and correlation-immunity of highly nonlinear Boolean functions, Proceedings of EURO-CRYPT’2000, Advances in Cryptology, Lecture Notes in Computer Science (187) (2000), 507–522.

15.

Pasalic

, Johansson

, Maitra

and Sarkar

, New constructions of resilient and correlation immune Boolean functions achieving upper bounds on nonlinearity, Proceedings of the Workshop on Coding and Cryptography 2001, published by Electronic Notes in Discrete Mathematics, Elsevier, vo. 6 (2001), pp. 425–434.

16.

Maitra

, Highly nonlinear balanced Boolean functions with very good autocorrelation property, Proceedings of the Workshop on Coding and Cryptography 2001 published by Electronic Notes in Discrete Mathematics, Elsevier 6 (2001), pp. 355–364.

17.

Clark

, Jacob

, Stepney

, Maitra

and Millan

, Evolving Boolean functions satisfying multiple criteria, in: INDOCRYPT 2002, Lecture Notes in Computer Science 2551 (2002), Springer, Berlin, pp. 246–259.

18.

Carlet

, A larger Class of Cryptographic Boolean Functions via a Study of the Maiorana-McFarland Construction. Advances in Cryptology - CRYPT0 2002, no. 2442 in Lecture Notes in Computer Science, (2002), pp. 549–564.

19.

Charpin

, Normal Boolean functions, Journal of Complexity 20 (2004), pp. 245–265.

20.

Dobbertin

, Construction of bent functions and balanced Boolean functions with high nonlinearity, Fast Software Encryption, Second International Workshop, Lecture Notes in Computer Science 1008 (1995), pp. 61–74.

21.

Canteaut

and Videau

, Symmetric Boolean functions, IEEE Transactions on Information Theory 51(8) (2005), 2791–2811.

22.

Dalai

D. K.

, Gupta

K.C.

and Maitra

, Cryptographically Significant Boolean functions: Construction and Analysis in terms of Algebraic Immunity, Fast Software Encryption 2005, Lecture Notes in Computer Science 3557 (2005), 98–111.

23.

Braeken

and Preneel

, On the algebraic immunity of symmetric Boolean functions, in INDOCRYPT 2005, Lecture Notes in Computer Science. Berlin, Germany: Springer-Verlag, (2005), pp. 35–48.

24.

Carlet

, Dalai

, Gupta

and Maitra

, Algebraic Immunity for Cryptographically Significant Boolean Functions: Analysis and Construction, IEEE Transactions on Information Theory 52(7) (2006), pp. 3105–3121.

25.

and Qi

W.-Q.

, Construction and analysis of Boolean functions of 2t + 1 variables with maximum algebraic immunity. In: Lai, X., Chen, K. (eds.) ASIACRYPT 2006. LNCS, vol. 4284, pp. 84–98. Springer, Heidelberg (2006).

26.

Mesnager

, Improving the Lower Bound on the Higher Order Nonlinearity of Boolean Functions With Prescribed Algebraic Immunity, AUGUST, IEEE TRANSACTIONS ON INFORMATION THEORY 54(8), 2008.

27.

Guo Zhang

, Member, IEEE, and GuoZhen Xiao, Constructions of Almost Optimal Resilient Boolean Functions on Large Even Number of Variables, IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 55, NO. 12, DECEMBER 2009

28.

Wang

, Peng

and Kan

, Member, Constructions of Cryptographically Significant Boolean Functions Using Primitive Polynomials, IEEE TRANSACTIONSON INFORMATION THEORY, VOL. 56, NO. 6, JUNE

29.

Pasalic

and Wei

, On the Construction of Cryptographically Significant Boolean Functions Using Objects in Projective Geometry Spaces, IEEE TRANSACTIONS ON INFORMATION THEORY, VOL. 58, NO. 10, OCTOBER 2012 6681

30.

Shannon

C. E.

, A mathematical theory of communication, Bell Labs Tech J 27 (1948), 379–423.

31.

Shannon

C. E.

, Communication theory of secrecy systems, Bell Labs Tech J 28 (1949), 656–715.

32.

Carlet

, Vectorial boolean functions for cryptography, Boolean Methods and Models, Cambridge Univ. Press, Cambridge.

33.

Carlet

, Partially-bent functions, Design Codes Cryptogr 3(2) (1993), 135–145.

34.

Carlet

, On the propagation criterion of degree l and order k, Lect Notes Comput Sc 1403 (1998), 462–474.

35.

Carlet

, A larger class of cryptographic Boolean functions via a study of the Maiorana-McFarland construction, Lect Notes Comput Sc 2442 (2002), 549–564.

36.

Chabaud

and Vaudenay

, Links between differential and linear cryptoanalysis, Lect Notes Comput Sc 950 (1995), 356–365.

37.

Chee

, Lee

and Sung

S.H.

, On the correlation immune functions and their nonlinearity, Lect Notes Comput Sc 1163 (1996), 232–243.

38.

Chor

, Goldreich

, Hastad

, Freidmann

, Rudich

and Smolensky

, The bit extraction problem or t-resilient functions, In Foundations of Computer Science, 1985, 26th Annual Symposium, 396–407.

39.

Dillon

J.F.

, A survey of bent functions, The NSA Technical Journal (1972), 191–215.

40.

Forre

, The strict avalanche criterion: Spectral properties of boolean functions and an extended definition, Lect Notes Comput Sc 403 (1990), 450–468.

41.

Gopalakrishnan

and Stinson

D.R.

, A short proof of the non-existence of certain cryptographic functions, J Combin Math Combin Comput 20 (1996), 129–137.

42.

Lechner

, Harmonic analysis of switching functions. In: Recent developments in switching theory, Academic Press, New York, 1971.

43.

Mann

H.B.

, Difference sets in elemantary abelian groups, Illinois J Math 9 (1965), 212–219.

44.

Matsui

, Linear cryptoanalysis method for DES cipher, Lect Notes Comput Sc 765 (1994), 386–397.

45.

McFarland

R.L.

, A discrete fourier theory for binary functions, R41 Technical paper, 1971.

46.

Meng

, Zhang

, Yang

and Cui

, On the degree of homogeneous bent functions, Discrete Appl Math 155(5) (2007), 665–669.

47.

Pieprzyk

and Finkelstein

, Towards effective nonlinear cryptosystem design, IEEE Proc Part E 35(6) (1988), 325–335.

48.

Leekwijk

Preneel V.

and Linden

, Govaerts and Vandewalle, Propagation characteristics of boolean functions, Lect Notes Comput Sc 473 (1991), 161–173.

49.

Preneel

, Govaerts

and Vandewalle

, Boolean functions satisfying higher order propagation criteria, Lect Notes Comput Sc 547 (1991), 141–152.

50.

Rothaus

O.S.

, On bent functions, J Combin Theory Ser A 20 (1976), 300–305.

51.

Sarkar

, A note on the spectral characterization of correlation immune boolean functions, Inform Process Lett 74 (2000), 191–195.

52.

Webster

A.F.

and Tavares

S.E.

, On the design of S-boxes, Lect Notes Comput Sc 218 (1986), 523–534.

53.

Zheng

and Zhang

X.M.

, Improved upper bound on the nonlinearity of high order correlation immune functions, Lect Notes Comput Sc 2012 (2001), 262–274.

54.

Zheng

and Zhang

X.M.

, On relationship among avalanche, nonlinearity, and correlation immunity, Lect Notes Comput Sc 1976 (2000), 470–482.

55.

Zheng

and Zhang

X.M.

, On plateaued functions, IEEE Trans Inf Theory 17(3) (2001), 1215–1223.

56.

Seberry

and Zhang

X.M.

, Constructions of bent functions from two known bent functions, Australas J Combin 9 (1994), 21–35.

57.

Carlet

, A construction of bent functions, Finite Fields Th App 233(4) (1996), 47–58.

58.

Chee

, Lee

and Kim

, Semi-bent functions, Lect Notes Comput Sc 917 (1995), 107–118.

59.

Zheng

and Zhang

X.M.

, Plateaued functions, Lect Notes Comput Sc 1726 (1999), 284–300.

60.

Carlet

and Prouf

, On plateaued functions and their constructions, Lect Notes Comput Sc 2887 (2003), 54–73.

61.

Zheng

and Zhang

, Improved upper bound on the nonlinearity of high order correlation immune functions, Lect Notes Comput Sc 2012 (2001), 262–274.

62.

Matsui

, The first experimental cryptanalysis of the Data Encryption Standard, Lect Notes Comput Sc 839 (1994), 1–11.

63.

Heys

H.M.

, A tutorial on linear and differential cryptanalysis, Technical Report CORR 2001-17, Centre for Applied Cryptographic Research, Department of Combinatorics and Optimization, University of Waterloo, March 2001.

64.

Biham

and Shamir

, Differential cryptanalysis of DES like cryptosystems, Lect Notes Comput Sc 537 (1991), 2–21.

65.

Siegenthaler

, Correlation-Immunity of Nonlinear Combining Functions for Cryptographic Applications, IEEE Transactions on Information Theory 30(5) (1984), 776–780.

66.

Bartosov

L.L.

, Linear and differential cryptanalysis of reduced-round AES, Tatra Mt Math Publ 50(1) (2011), 51–61.

67.

Aras

and Yucel

M.D.

, Performance Evaluation of Safer K–64 and S-boxes of the Safer Family, Turk J Electr Eng Co 9(2) (2001), 161–175.

68.

Kontak

and Szmidt

, Nonlinearity of the round function, Control Cybern 36(4) (2007), 1037–1044.

69.

Chen

, Chen

and Liao

, An extended method for obtaining S-boxes based on three-dimensional chaotic Baker maps, Chaos Solitons Fract 31(3) (2007), 571–577.

70.

Özkaynak

and Özer

A.B.

, A method for designing strong S-boxes based on chaotic Lorenz system, Phys Lett A 374(36) (2010), 3733–3738.

71.

Wang

, Wong

K.W.

, Liao

and Xiang

, A block cipher with dynamic S-boxes based on tent map, Commun Nonlinear Sci Numer Simul 14(7) (2009), 3089–3099.

72.

Chen

Y.G.

and Liao

, An extended method for obtaining S-boxes based on three-dimensional chaotic Baker maps, Chaos Solitons Fract 31(3) (2007), 571–577.

73.

Guoping

, Xiaofeng

and Yong

, A novel method for designing S-boxes based on chaotic maps, Chaos Solitons Fract 23(2) (2005), 413–419.

74.

Jakimoski

and Kocarev

, Chaos and cryptography: Block encryption ciphers based on chaotic maps, IEEE Trans Circuits Syst 48(2) (2001), 163–170.

75.

Adams

and Tavares

, Good S-boxes are easy to find, Lect Notes Comput Sc 89 (1989), 612–615.

76.

Webster

A.F.

and Tavares

, On the design of S-boxes, Lect Notes Comput Sc 85 (1986), 523–534.

77.

Detombe

and Tavares

, Constructing large cryptographically strong S-boxes, Lect Notes Comput Sc 718 (1993), 165–181.

78.

Dawson

and Tavares

, An Expanded Set of S-box Design Criteria Based on Information Theory and its Relation to Differential-Like Attacks, Lect Notes Comput Sc 91 (1991), 352–367.

79.

Pieprzyk

and Finkelsten

, Towards effective nonlinear cryptosystem design, IEEE Proc Comput Dig Tech 135(6) (1988), 325–335.

80.

Khan

, Shah

, Mahmood

and Gondal

M.A.

, An efficient method for the construction of block cipher with multi-chaotic systems, Nonlinear Dynam 71(3) (2013), 489–492.

81.

Courtois

and Pieprzyk

, Cryptanalysis of Block Ciphers with Overdefined Systems of Equations, Lect Notes Comput Sc 2501 (2002), 267–287.

82.

Courtois

, Fast algebraic attacks on stream ciphers with linear feedback, Lect Notes Comput Sc 2729 (2003), 176–194.

83.

Meier

, Pasalic

and Carlet

, Algebraic attacks and decomposition of Boolean functions, Lect Notes Comput Sc 3027 (2004), 474–491.

84.

Kocher

, Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and other Systems, Lect Notes Comput Sc 1109 (1996), 104–113.

85.

Prouff

, DPA Attacks And S-boxes, Lect Notes Comput Sc 3557 (2005), 424–441.

86.

Pieprzyk

J.P.

, Non-linearity of Exponent Permutations, Lect Notes Comput Sc 434 (1990), 80–92.

87.

Shah

, Qamar

and Hussain

, Substitution box on maximal cyclic subgroup of units of a Galois ring, Z Naturforsch A 68a(8-9) (2013), 567–572.

88.

Shah

, Qamar

and Andrade

A.A.

, Constructions and decoding of a sequence of BCH codes, Math Sci Res J 16(9) (2012), 234–250.

89.

Shah

, Qamar

and Andrade

A.A.

, Construction and decoding of BCH codes over chain of commutative rings, Math Sci 6(51) (2012), 1–14.

90.

Carlet

and Feng

, An infinite class of balanced functions with optimal algebraic immunity, good immunity to fast algebraic attacks and good nonlinearity,” in Advances in Cryptology-ASIACRYPT 2008 (Lecture Notes in Computer Science), Springer-Verlag, 2008, vol. 5350, pp. 425–440.

91.

and Deng

, /A conjecture on binary string and its applications on constructing boolean functions of optimal algebraic immunity,” Designs, Codes Cryptogr., 2010. Online First Articles. DOI 10.1007/s10623-010-9413-9

92.

Wang

, Peng

, Kan

and Xue

, Constructions of cryptographically significant Boolean functions using primitive polynomials, IEEE Trans Inf Theory 56(6) (2010), 3048–3053.

93.

Tang

, Tang

, Zeng

and Hu

, Balanced Boolean Functions with (Almost) Optimal Algebraic Immunity and Very High Nonlinearity.

94.

Stanica

, Nonlinearity, local and global avalanche characteristics of balanced Boolean functions, Discr Math 248 (2002), 181–193.

95.

Stanica

and Sung

S.H.

, Improving the nonlinearity of certain balanced Boolean functions with good local and global avalanche characteristics, Inf Process Lett 79 (2001), 167–172.

96.

Stanica

and Sung

S.H.

, Boolean functions with five controllable cryptographic properties, Des., Codes Cryptogr 31(2) (2004), 147–157.

0	1788455	11042196	4045249	8307629	138509972	13492179	3867691	2388624	1	4056	32711	16515649	5055040	15766774	6360831
8476208	15735539	12705991	5759658	1569714	4982088	154944	14057187	2277153	13573981	3290903	6078565	12653436	8364023	9865743	4054744
13377323	3044103	6561	10096583	7688352	11095475	4111028	8970141	6446203	7874787	2733574	5595885	15863154	15444768	13521166	5120547
15573222	2615534	6685770	16045024	5232571	2475019	3813612	15823333	3375473	14770440	3408562	1072832	16676803	8854689	5544855	8194239
2221680	4291754	8428145	8428145	3470847	2371385	13298502	16096794	1186479	12248807	12738842	5800098	13220536	15337709	2030017	8546457
1701026	5352681	9831086	10768608	7810179	6908502	5360178	7011884	929805	10541034	13355771	1544796	243650	8162637	7297144	2991123
3257582	3850861	585116	13644346	8044101	8485853	3065457	5692580	9165211	217163	363219	1123876	7633	14487495	2678896	16347194
2869113	36595077	11540917	16155847	8378584	2446091	700595	233693	938447	1130019	15935093	10130070	10595423	3255726	10933422	11612827
8662133	5285190	1898174	7336121	11603849	5714736	16034325	13819006	1835483	147520	393508	1047008	9532809	14403441	10850188	4194792
13995008	1380072	1656944	16364631	7419885	147573	348452	836275	4011644	4621749	1012696	3213201	4569904	6557997	10533255	15023997
1505589	10373401	403812	9688422	14082507	5291866	12461181	12028902	1419464	10020462	16587578	14388279	1156744	7960238	358641	9043505
7001577	15324763	8622699	11876815	16178229	159221051	904602	13533804	6540120	4773132	147579	373028	808237	4544003	3522227	13795885
808152	5113748	2413920	2021147	1665855	12292402	6702671	1370852	12256122	9136784	3350546	15724182	59850	10236602	12452741	8924768
7292166	16389716	9476199	365823	4827567	4916014	14803344	3861002	15384705	2449564	14925426	528205	15708544	3391117	14088781	16035433
16705980	10628314	3754918	10331060	11276270	6207296	3218845	10905847	16138850	5657572	14740387	14566586	9909604	13821461	12185498	5158185
1965213	13421737	367228	10615215	15127145	4484763	12337218	7765828	9848097	13617636	14315084	3457314	16418300	6985880	3444575	14556408

Balanced Boolean Functions			NonBalanced Boolean Functions
n	N₁ = N₃ [90, 92]	N₂ [91]	N₄ [93]	Bent Boolean Functions	Proposed N_F
4	4	4	4	6	–
6	24	24	26	28	–
8	112	116	116	120	124
10	478	490	492	496	–
12	1970	2008	2010	2016	–
14	8036	8118	8120	8128	–
16	32530	32624	32628	32640	32748
18	130442	130792	130800	130816	–
24	–	–	–	8386560	8388588

Nonlinearity of nonbalanced and nearly bent boolean functions based on Galois ring

Abstract

Keywords

1 Introduction

2 Boolean functions and cryptographic assets of substitution boxes

2.1 Properties of Boolean Functions

2.3 Some cryptographic assets of S-boxes

2.6.1 Mathematical formulation of GR (p k , s)

3 Formulation of new confusion component of block cipher over GR (23, 8)

3.1 Maximal Cyclic Subgroup of Group of Units of GR (23, 8)

Table 1 Maximal cyclic subgroup G255 elements of the group of units of GR(23,8) with polynomial φ (x) = x8 + x4 + x3 + x2 + 1 Exponent form Polynomial form 0 10000000 1 00001000 2 70777000 3 10110077 4 00112232 5 66321147 6 77370203 7 06035204 8 36351047 ⋮ ⋮ 254 02217011

4.1 Nonlinearity

4.3 Strict Avalanche Criterion (SAC) Analytically

5 Results and Discussions

Table 8 Contrast of SAC of BIC of offered S-box SAC of BIC S-boxes Min Max Avg Proposed S-box 0.487400 0.509200 0.500000 AES 0.480469 0.525391 0.504604 APA 0.472656 0.515625 0.499651 Gray 0.478516 0.515625 0.502581

Footnotes

Acknowledgments

Funding

References

2.6.1 Mathematical formulation of GR (p^k, s)

3 Formulation of new confusion component of block cipher over GR (2³, 8)

3.1 Maximal Cyclic Subgroup of Group of Units of GR (2³, 8)

Table 8
Contrast of SAC of BIC of offered S-box

SAC of BIC

S-boxes Min Max Avg

Proposed S-box 0.487400 0.509200 0.500000

AES 0.480469 0.525391 0.504604

APA 0.472656 0.515625 0.499651

Gray 0.478516 0.515625 0.502581