Substitution Box (S-Box) is employed in block ciphers to ensure non-linearity. An n-bit bijective S-Box is a member of the Symmetric Group \(\mathbb {S}_{2^{n}}\). Ideally, an S-Box must follow a stringent cryptographic profile. Designing an S-Box is a transparent and justified process. The concerning point for an evaluator is the presence of vulnerabilities in the design of an S-Box, i.e., Kuznyechick. If a malicious designer keeps the non-trivial subspaces secret, it leads to sophisticated cryptanalytic attacks. This article investigates the behaviour of non-trivial subspaces in an S-Box and its Affine, Extended Affine (EA) and Carlet-Charpin-Zinoviev (CCZ) equivalence classes. This paper presents a novel algorithm for finding preservable quotient spaces in an S-Box, thus leveraging a way for shortlisting the potential candidates for an S-Box with backdoors. The proposed work emphasizes checking whether a target S-Box is a potential backdoor candidate. The backdoored designs proposed by KG Paterson, Carlo Harpes and Bannier are being identified and validated with the help of the proposed algorithm. Our findings establish that the additive linear structures responsible for the non-trivial subspace are not invariant under the EA and CCZ. Moreover, the analysis of \(3{-}bit\) permutations reveals that almost 23% population of \(\mathbb {S}_{2^{3}}\) preserve the quotient subspaces. Irrespective of the linear structures in its non-linear layer, the NIST Lightweight competitors do not preserve the quotient spaces in both the input and output space.
The values in the S-0 table are given in Hexadecimal format, the lookup in S-0 is carried out similarly to DES [39].
Values are in Hexadecimal Format, S-1(0D) = 1C, S-2(28) = 1F.
References
Aoki K, Ichikawa T, Kanda M, Matsui M, Moriai S, Nakajima J, Tokita T (2000) Camellia: A 128-bit block cipher suitable for multiple platforms-design andanalysis. In: International workshop on selected areas in cryptography, pp 39–56. Springer
Banik S, Chakraborti A, Inoue A, Iwata T, Minematsu K, Nandi M, Peyrin T, Sasaki Y, Sim SM, Todo Y (2020) Gift-cofb. Cryptology ePrint Archive
Bannier A (2017) Combinatorial analysis of block ciphers with trapdoors. Ph.D. thesis, École Nationale Supérieure d’Arts et Métiers
Bannier A, Filiol E (2017) Mathematical backdoors in symmetric encryption systems-proposal for a backdoored aes-like block cipher. ar**v preprint ar**v:1702.06475
Bao Z, Chakraborti A, Datta N, Guo J, Nandi M, Peyrin T, Yasuda K (2019) Photon-beetle authenticated encryption and hash family. NIST Lightweight Compet. Round 1, 115
Behera PK, Gangopadhyay S (2021) Evolving bijective s-boxes using hybrid adaptive genetic algorithm with optimal cryptographic properties. J Ambient Intell Human Comput, pp 1–18
Bernstein DJ, Lange T, Niederhagen R (2016) Dual ec: A standardized back door. In: The new codebreakers, pp 256–281. Springer
Bolufé-Röhler A, Tamayo-Vera D (2020) Machine learning based metaheuristic hybrids for s-box optimization. J Ambient Intell Human Comput 11(11):5139–5152
Makarim RH, Tezcan C (2014) Relating undisturbed bits to other properties of substitution boxes. In: International workshop on lightweight cryptography for security and privacy, pp 109–125. Springer
Matsui M (1994) On correlation between the order of s-boxes and the strength of des. In: Workshop on the theory and application of of cryptographic techniques, pp 366–375. Springer
Ohkuma K, Muratani H, Sano F, Kawamura S (2000) The block cipher hierocrypt. In: International workshop on selected areas in cryptography, pp 72–88. Springer
Paterson KG (1999) Imprimitive permutation groups and trapdoors in iterated block ciphers. In: International workshop on fast software encryption, pp 201–214. Springer
Perrin L (2019) Partitions in the s-box of streebog and kuznyechik. IACR Trans Symmetric Cryptol, pp 302–329
Perrin L (2019) Streebog and kuznyechik: inconsistencies in the claims of their designers. In: IETF 105
Peyrin T, Wang H (2020) The malicious framework: embedding backdoors into tweakable block ciphers. In: Annual international cryptology conference, pp 249–278. Springer
Posteuca R, Ashur T (2021) How to backdoor a cipher. IACR Cryptol ePrint Arch 2021:442
Ragab AAM, Madani A, Wahdan A, Selim GM (2021) Design, analysis, and implementation of a new lightweight block cipher for protecting iot smart devices. J Ambient Intell Human Comput, pp 1–18
Rijmen V, Daemen J (2001) Advanced encryption standard. In: Proceedings of federal information processing standards publications. National Institute of Standards and Technology 19:22
Rijmen V, Preneel B (1997) A family of trapdoor ciphers. In: International workshop on fast software encryption, pp 139–148. Springer
Roth RL (2001) A history of Lagrange’s theorem on groups. Math Mag 74(2):99–108
Schuster F (2014) Reverse engineering of chiasmus from gstool. In: Presentation at the HGI-Kolloquium, January 2014
Sevin A, Mohammed AAO (2021) A survey on software implementation of lightweight block ciphers for iot devices. J Ambient Intell Human Comput, pp 1–15
Shirai T, Shibutani K, Akishita T, Moriai S, Iwata T (2007) The 128-bit blockcipher clefia. In: International workshop on fast software encryption, pp 181–195. Springer
Standard DE et al. (1999) Data encryption standard. Federal Inf Process Stand Publ, 112
Tezcan C (2014) Improbable differential attacks on present using undisturbed bits. J Comput Appl Math 259:503–511
Turan MS, McKay KA, Çalik Ç, Chang D, Bassham L et al. (2019) Status report on the first round of the nist lightweight cryptography standardization process. National Institute of Standards and Technology, Gaithersburg, MD, NIST Interagency/Internal Rep.(NISTIR)
Zhang XM, Zheng Y, Imai H (2000) Relating differential distribution tables to other properties of of substitution boxes. Des Codes Cryptogr 19(1):45–63
We would like to express our sincere gratitude to the anonymous reviewers, who provided invaluable feedback and insightful comments on our manuscript. Their careful attention and constructive criticism helped us improve our work’s quality and clarity. We are grateful for their time and effort in reviewing our paper and for their commitment to maintaining the high standards of this journal. Without their contributions, this paper would not have been possible.
Author information
Authors and Affiliations
Department of Information Security, National University of Sciences and Technology (NUST), Islamabad, 44000, Pakistan
Shah Fahd, Mehreen Afzal, Waseem Iqbal & Yawar Abbas
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
Fahd, S., Afzal, M., Shah, D. et al. Detection of non-trivial preservable quotient spaces in S-Box(es).
Neural Comput & Applic35, 18343–18355 (2023). https://doi.org/10.1007/s00521-023-08654-2