A New Dynamic Substitution Box for Data Security using an Innovative Chaotic Map

As the motivations and capabilities of threat actors continue to evolve, providing data security has become more important than ever. For this purpose, different ciphers using various techniques are being developed. Currently, chaotic maps are designed and applied in the development of these ciphers. Modern ciphers utilize a substitution box (S-Box) as a core module to provide data security. In this article, an innovative chaotic map is suggested for the design of new and dynamic S-Box. Criteria like Bijectiveness, Nonlinearity (NL), Strict Avalanche Criterion (SAC), Bit Independence Criterion (BIC), Linear Approximation Probability (LP), and Differential Approximation Probability (DP) are used to critically analyze and evaluate the proposed S-Box performance against various attacks. The cryptanalytic strength of the proposed S-Box is equated with freshly designed S-Boxes for its customization in real-life security applications. The comparative analysis gratifies the true potential of the proposed S-Box for its solicitation in data security domain.


I. INTRODUCTION
Data and information communication performs a very active part in this era for everyone. Businesses must share data and information online for their working and day-to-day operations. Secure communication in the public network is the primary concern of every business in the modern era. It has become very necessary to make the data and information resources protected from unauthorized access. Recently, a sudden rise in security incidents on the networks and web has been seen [1]. The need to protect systems, data, and information becomes more critical and evident when data is resident on shared networks [2]. As sensitive data and information are increasingly being communicated over the networks, it requires cryptographic algorithms to ensure the security of these assets. Using encryption, users share their data securely over an insecure network. Attackers try to break the security, and hence different cryptographic algorithms have been designed and implemented to protect the data and information [3], [4]. Cryptanalysis techniques compromise this security and attack the ciphertext to get the original data from it. Systems that use encryption techniques must prevent cryptanalysis. Modern block ciphers having permutation and substitution operations in encryption and decryption phases. A substitution operation replaces the characters of plaintext with other characters to create meaningless data (ciphertext).
This transformation of given data into new data is done in a nonlinear way. With the help of the permutation operation, character positions are changed. A substitution box is a core component of an encryption algorithm and has a key role in encryption of data. It helps in performing confusion of bits using nonlinear transformation [5]. A block cipher based on static S-Box(es) uses the same S-Box(es) every time for the input data. A static S-Box is weak in characteristics that allows attackers to inspect the properties of the captured ciphertext. A dynamic S-Box depends on the key and is stronger and more effective in terms of confusion as compared to a static S-Box [6], [7]. Over the years, cryptography researchers developed many S-Boxes which have used different models like dynamic random growth technique [8], DNA computing [9], [10], optimization techniques [11]- [14], linear fractional transformation (LFT) [15]- [17], cellular automata [18], elliptic curve [19]- [22], etc. Recently, chaotic maps have become extensively pragmatic in the design of novel S-boxes for secure communication [23]- [25]. In [26], authors proposed a new chaos dependent method which is based on affine transformation and rotation of matrices for the construction of sturdy S-Boxes. In [27], an algorithm has been designed consisting of two stages; design of a static S-Box and then dynamic S-Box optimization. The fitness function and the chaotic map are combined to design a robust S-box. Using a chaotic system, a static S-box is generated while using fitness function, it is transformed to a dynamic S-box. Qing et al. [28] proposed a Logistic Sine System (LSS) chaotic map-based S-Box for a secure and efficient image encryption algorithm. This chaotic map provides a wider range of chaos and better properties of the chaotic map. Abdullah et al. [29] projected a S-Box which is built on a continuous chaotic system and quantum chaotic map. For improving data randomness efficiency, the quantum logistic map and Rossler chaotic system have been used. Hongjun et al. [30] anticipated a new chaotic map using an improved coupling quadratic map (ICQM) and backtracking for the design of an S-Box. An improved coupling quadratic map has been designed for good ergodicity and randomness which is tested by using a bifurcation diagram. Fozia et al. [31] proposed an improved chaotic range with a golden ratio for designing an efficient S-Box. The proposed algorithm consists of two functions of a chaotic map with initial parameters and is used for image encryption. Erkan et al. [32] proposed a method using a one-dimensional chaotic map for the production of S-Box. Although, the chaotic maps are being intensively used in the S-box design methodologies, these maps have associated drawbacks too [33]. The quantity of generated S-boxes and performance can be enhanced by transformation methods and optimization algorithms. Zahid et al. [34]- [35] proposed innovative polynomial techniques along with the novel permutation processes for the development of resilient S-Boxes. These permutation techniques are very simple and efficient. There is always a need to design new substitution boxes with better and more robust performance. This research article presents the design of a new substitution box for data security to encounter the security attacks using an innovative chaotic map.
The key contributions of this research article are as trails: • An algorithm based on an innovative chaotic map has been designed to develop an initial substitution-box. • A new dynamic permutation operation is applied on the initial S-Box for further confusion and better security. Consequently, the permutation process strengthens the security of the encrypted text. • The cryptographical vigor of the projected S-Box is compared with the cryptographical vigor of the bestknown substitution boxes to justify its suitability in modern ciphers.
The rest of the research paper has the description in the following sequence. Section II defines the proposed chaotic map approach for the design of S-Box. Section III narrates a comparison of S-Boxes based on different constructions and respective security analysis. Section IV narrates the limitations of the proposed chaotic map. Section V clarifies the conclusion part.

II. PROPOSED APPROACH FOR S-BOX DESIGN
Recently, chaotic maps have been extensively pragmatic in designing novel S-boxes with good cryptographic characteristics. The main features of a chaotic map are sensitivity of initial conditions, random-like behavior, and non-periodicity. These properties confirm the confusion and diffusion which are the main requirements of cryptographic security. Here, we design an innovative chaotic map for the production of dynamic S-boxes that can be employed in the development of new ciphers. The overall procedure for generating the proposed dynamic and key-dependent S-boxes consists of following three modest steps: • Ingenious Chaotic Map Design • Preliminary S-Box Development • Novel Heuristic Method for Final S-Box Generation These steps are explained in the following section.

A. INGENIOUS CHAOTIC MAP DESIGN
For the creation of n × n S-boxes, an ingenious chaotic map named as MAZa (Malik, Atif, and Zahid) is designed that is mathematically stated in Equation (1). Cipher key is used to provide the values of the variables Xn and Z as described in Eq. (1). The proposed chaotic map (MAZa) uses these variables as parameters to maximize the power of S-box to minimize the security attacks and is sensitive to initial condition (initial values of variables). Performance of the proposed chaotic map is equated with those of the logistic map and the sine map. We verified that the projected chaotic map has tremendous chaotic complexity using subsequent exploration and comparison.

1) BIFURCATION
Bifurcation is the study of the qualitative and topological change of a system's phase space that arises because of parameters variations and has serious threshold. Stable values are denoted by a solid line and the dotted line shows unstable values. Most of the time, a slight change in parameters origins a severe variation in system performance with phase space topologically altered [36]. Logistic map (LM) is a commonly used 1-D chaotic map that shows bifurcation and chaos. It is defined in Equation (2) as: This article has been accepted for publication in IEEE Access. This is the author's version which has not been fully edited and content may change prior to final publication. Citation information: DOI 10.1109/ACCESS.2022.3184012 Here, n counts the number of iterations, and the control parameter is r with a limit between [0,4]. Similarly, Sine map (SM) is a one-dimensional chaotic map that also shows bifurcation and is defined in Equation (3) as: Here, α is the control parameter in the sine map having a range of [0, 4]. The bifurcation results of all three chaotic maps (LM, SM, and proposed chaotic map) are compared and shown in Figure 1. It is discovered that the bifurcation behavior of the proposed chaotic map is multifaceted and insurances more regions of space than the Logistic and Sine maps.

2) LYAPUNOV EXPONENT
The Lyapunov-Exponent (LE) is an analytical metric that helps to characterize chaos. A system is in a chaotic state if the Lyapunov Exponent of the chaotic map of that system is greater than 0. The larger the value of LE is, the more chaotic behaviour that system exhibits. LE tells us about the rate of convergence or separation of invisibly close trajectories [37], [38]. The Lyapunov Exponent of a chaotic map is calculated using Equation (4).
The derivative equation of the proposed chaotic map as described above is given in Equation (5). Where: The proposed chaotic mop is more sensitive as compared to the Logistic-map and Sine-map because a minor variation in initial values of the proposed chaotic map has better unpredictability. The Lyapunov Exponent of the proposed chaotic map grows better with an escalation in parameters. It may be observed that LE of the proposed chaotic map is superior to those of the Logistic and Sine maps as shown in Figure 2.

B. PRELIMINARY S-BOX DEVELOPMENT
Algorithm 1, presented below, based on Eq. (1) produces a preliminary S-Box.

Algorithm 1 : Construction of an Initial S-Box
Input Parameters: Output:

S , B // Arrays of size 256 each
Initializations: Loc ← 0 Procedure: Figure 3 depicts the flowchart for construction of an initial S-Box. An example initial S-Box is given in Table 1.

C. NOVEL HEURISTIC METHOD FOR FINAL S-BOX GENERATION
An initial S-Box produced through Algorithm 1 and Figure 3 is processed through a novel heuristic approach presented in Algorithm 2 is used to produce the concluding S-Box. The proposed heuristic approach is dynamic and depends on the parameters' values provided through the cipher key. For the purpose of calculation and demonstration, A = 53591, B = 13555, C = 11379, and D = 46328 are chosen. Using the heuristic process, initial result of S-box is permuted, and the final S-Box is obtained. Algorithm 2 is used for the permutation process for the construction of the final S-Box as given in Table 2.

III. SECURITY ANALYSIS OF PROPOSED S-BOX
A major research contribution in data and information security field revolves around the design of new S-boxes. Once an Sbox is designed, it is analyzed to check its capabilities to decides its strength against different attacks (linear and differential).
Evaluation tests for the cryptanalytic of an S-Box is calculated with the predefined criteria that include:

• Bijectiveness • Nonlinearity (NL) • Fixed Points (FP) • Strict Avalanche Criterion (SAC) • Bit Independence Criterion (BIC) • Linear Approximation Probability (LP) • Differential Approximation Probability (DP)
The description of these tests and results for the projected S-Box is as follows.

A. BIJECTIVENESS
This property has the requirement of mapping an input of 8 bits to a unique output of 8 bits for an 8 × 8 S-Box. There must be a one-to-one mapping in the structure of S-Box [39]. There

B. NONLINEARITY (NL)
Nonlinearity is a core parameter in evaluating the performance of substitution boxes [40], [41]. An S-Box is a nonlinear module of any cryptographic algorithm. If an S-Box is constructed in which the relationship amongst plaintext and ciphertext is linear then the S-Box strength against different attacks (linear and differential) is weak. Nonlinearity value must be high for strong confrontation against such attacks [42].
The nonlinearity value of any Boolean function R is calculated using the Equation (5) below.
Here, Wmax (R) represents the Walsh-Hadamard transformation spectrum of an n-bit Boolean function R. Boolean functions and nonlinearities values of the projected S-Box are mentioned in Table 3.   Results of nonlinearity test show that NLMIN = 108, NLMAX = 112, and NLAVG = 110 are attained. Table 4 equates NL values of the projected S-Box and recently designed S-Boxes. It can be observed that the average NL value (NLAVG) of the proposed S-Box is higher than the average NL values of most of the other S-Boxes and hence provides a strong defense against the linear cryptanalytic attacks.

C. FIXED POINTS (FP)
An attacker may get the secret data from the captured ciphertext in case of the existence of any fixed point in a substitution box. As a result, fixed points must not be found in the ultimate S-Box [56]. For security purposes, the proposed S-Box was tested against fixed points criterion. Table 2 shows none of the fixed points in the proposed S-Box.

D. STRICT AVALANCHE CRITERION (SAC)
Strict Avalanche Criterion (SAC) was first introduced by Tavares and Webster [57]. To meet this standard, if one input bit of any cryptographic function is changed, then 50% of the output bits must change. SAC value of SBox can be calculated by the dependence matrix. The dependency matrix of the proposed S-Box is specified in Table 5. The 0.5 is the ideal SAC value for better cryptographic uncertainty. The SAC value of the proposed S-Box is 0.5034 is near to 0.5. Table 7 compares the SAC values of other S-Boxes with the SAC values of the proposed S-Box. It may be observed from Table  7 that the SAC Offset value of our S-box is 0.003 that is very small and hence authenticates the use of the proposed S-box in security related applications.

E. BIT INDEPENDENCE CRITERION (BIC)
Another principle for S-Box performance evaluation is the Bit Independence Criterion (BIC) that was formulated by Tavares and Webster [57]. According to this criterion, if any change occurs in input bits, then output bits should change independently. Table 6 demonstrates BIC-NL results of the proposed S-Box. The proposed S-Box average BIC-NL value is 103.5. A comparison of SAC and BIC-NL values of different S-Boxes is given in Table 7.

F. LINEAR APPROXIMATION PROBABILITY (LP)
In 1993, Matsui proposed linear cryptanalysis as a theoretical attack against Data Encryption Standard (DES) [58]. This is a cryptanalysis technique pragmatic to the symmetric-key block ciphers. This method provides a linear approximate expression for a given cipher. Advanced Encryption Standard (AES) was designed by the National Institute of Standards and Technology (NIST) to inhibit linear and such other attacks [59]. If the linear probability (LP) value of an S-Box is found to be low, it indicates that the respective S-Box is resilient to linear cryptanalysis attacks, and vice versa. Linear Probability (LP) value related to a Substitution box is computed by Equation (6). LP value of the proposed S-Box is very low, and hence shows its effectiveness against linear attacks. Table 9 gives a comparison of LP values of different S-Boxes.

G. DIFFERENTIAL APROXIMATION PROBABILITY (DP)
Differential cryptanalysis was revealed by Biham and Shamir in 1990 as a new type of attack on the Data Encryption Standard (DES) [60]. This attack applies to all the ciphers which use DES like substitution and permutation. Differential uniformity (DU) and differential probability (DP) values are used for evaluation of strength of an S-Box against this attack. Equation (7) calculates the differential uniformity (DU) of a given S-Box. DU = Max ∆g≠0,∆y [#{g ∈ N|S(g) ⊕ S(g ⊕ ∆g) = ∆y}] (7) Where 'N' denotes all the possible inputs.
Results of DU of given S-Box are enumerated in Table 8. Proposed S-Box DU value is 0.039 which indicates that the proposed S-Box offers high confrontation against cryptanalysis attacks. A comparison of DP values of different S-Boxes is given in Table 9.

H. EFFICIENCY ANALYSIS
To spectate the computational efficiency of the proposed Sbox technique, simulation was done in Visual C# on a system running Windows 8, having 4GB RAM, and 2.2 GHz Intel core i7 CPU (2.2 GHz). Computational efficiency of the proposed method was spectated for both the S-boxes (initial and final). Erection of the final S-box depends on an innovative and heuristic approach to extemporize cryptographic strength of an S-box that is generated initially. 100000 different initial S-boxes were generated to measure their time complexity and the time taken to produce final Sboxes using different initial values of the parameters. Average time complexity of these initial and final S-box constructions is quantified in Table 10. It may be observed from Table 10 that the construction time of preliminary S-box is handsomely inspirational. However, the final S-box construction time by the proposed technique is a bit higher. Heuristic technique employed in the suggested method has significant contribution to boost the cryptographic strength of the resultant S-box. The protection of one's data is really imperative and a real concern, this requirement of safeguarding data should not be compromised sighting modern-day CPUs' speed. Figure 5 portrays the enrichment in nonlinearity of preliminary S-box by employing innovative heuristic technique against computational time.

I. KEY SPACE
As our proposed technique is key dependent and dynamic, the selection of different initial values of the parameters helps in the generation of new S-box each time. Parameters used in our technique along with their respective range are described in Table 11. Key space for each parameter is also mentioned. It may be observed that the overall key space of the proposed method is ~1.7x10 49~2164 which is a huge space for any attacker. Consequently, our proposed technique is very much resistant to brute force attempts by invaders.

IV. LIMITATIONS OF PROPOSED CHAOTIC MAP
An innovative chaotic map has been designed for the production of dynamic S-boxes to be employed in the development of new ciphers. One limitation of this chaotic map is that the dimensionality of the map is static (i.e., 1). Consequently, no inferences are made about the scalability of the impacts of chaotic maps on recital with respect to more dimensions. Similarly, a comparison of the proposed chaotic map has been made only with Logistic and Sine maps. A detailed comparison with other chaotic maps may lead to an improvement in this map to yield better results.

V. CONCLUSION
In this paper, a dynamic and key-dependent substitution box has been proposed using an innovative chaotic map and permutation process. Both the chaotic map and the permutation processes are introduced first time and are dynamic in nature. Different parameters used in these processes take their values from the cipher key. A minute change in the set of values always generates a new S-Box. We verified that the proposed chaotic map has tremendous chaotic complexity using subsequent exploration and comparison. The designed S-Box has been evaluated for its cryptographic strength using typical criteria. Along with it, proposed S-box performance is equated with newly developed S-Boxes based on chaotic maps. The comparison ensures that the designed S-Box is suitable for cryptographic applications.