Construction of Cryptographic S-Boxes Based on Mobius Transformation and Chaotic Tent-Sine System

Over the last few decades, different mediums of secure communication use chaos which is demonstrated by some nonlinear dynamical systems. Chaos shows unpredictable behavior and this characteristic is quite helpful in different encryption techniques and for multimedia security. In this work, the chaotic behavior of the improved Tent-Sine map is conferred and ultimately a new method to construct substitution-boxes is proposed. This new method explores the features of chaos through TSS map and algebraic Mobius transformation to generate strong S-boxes. The S-boxes are assessed using standard tests suit which includes nonlinearity, strict avalanche criterion, bit independence criterion, linear approximation probability and differential uniformity. Moreover, the proposed S-boxes show excellent statistical properties under majority logic criterions such as correlation, homogeneity, energy, entropy, contrast. The statistical encryption results are demonstrate the better performance of the proposed S-boxes when compared with some of state of the art S-boxes including AES, Gray, APA S8 AES, Skipjack and validate the suitability of anticipated method.


I. INTRODUCTION
The rapid increase in international networking provides many new options for the design and presentation in the form of digital data. This easy access and disposal to digital data which includes audio, video, electronic libraries, electronic advertising, web designing, and digital repositories develop the concern of security. The protection while transferring or saving data is indispensably important. For ensuring the security of such digital data and information, a specific field which is named as secure communication plays its vital role to counter this major problem. Secure communication can further be categorized into three main categories which include cryptography, watermarking and steganography. The basic purpose of both steganography and cryptography is similar The associate editor coordinating the review of this manuscript and approving it for publication was Aneel Rahim . but the difference lies in applying different methods. In these two methods, the basic purpose is to obscure the original information. Interestingly, the method adopted in both multimedia security techniques, steganography and watermarking is the same but they vary in purposes. Hiding of digital content in images is the goal of steganography whereas watermarking helps in declaring right ownership [1]- [4]. In symmetrickey cryptography, block cipher has a very important role to play in encrypting the information. By keeping the same dimensions, block cipher converts plaintext data into ciphertext data with the assistance of a user-provided an undisclosed key [5], [6], [29]. By following the reverse pattern on ciphertext data, decryption of the whole process is performed provided that secret keys of the process remain unchanged. The above-mentioned procedure is adopted in Advanced Encryption Standards (AES) [7]. It is considered as one of the strong cryptosystems which encrypt the plaintext and ensure  secure communication. The whole procedure consists of four steps. In the very first step byte substitution which is also named as substitution step, is done with the help of the substitution-box (S-box). This is the step that actually highlights the importance of S-box in the encryption procedure. It is the only nonlinear component and this byte substitution step creates confusion in the plaintext data that can be seen in encrypted data. Different applications of substitution  (7), (c) equation (8), and (d) equation (9), respectively. and permutation process on plain text data provide encrypted ciphertext data [8]- [10]. The value and capability of producing confusion are measured by variations in the output bit pattern. The selected S-box must be robust and shows opposition against any attempt of cryptanalysis. Nonlinearity is considered as the foremost performing criterion of the S-box in any encryption method. Over the years, researchers are keen to get algebraically strong and cryptographically robust S-boxes. In addition to this, chaos-based S-boxes also have their importance for secure communication of data. These S-boxes exhibit different striking properties and offer interesting results to various ciphers. But the main focus is to improve the nonlinearity of these S-boxes [11], [12]. Mathematically, an S-box can be represented as: S-box holds one to one and onto relations which makes it a bijection mapping and hence its inverse is possible. A message symbol is replaced with one element of S-box. By equation (1), it is evident that an a × b S-box takes a bits as the input information and gives b bits as the output [13].
Due to the success of AES S-box, a number of proposals have been put forward for the design of strong S-boxes using Galois field based algebraic techniques. In [14], Cui et al. proposed an affine-power-affine (APA) structure in which same AES algebraic operations are performed but with modified affine transformation cycle. The obtained S-box found to have good cryptographic and algebraic features. Subsequently, M-T Tran et al. utilized the gray codes to improvise the S-box over algebraic coefficients in [15]. They added a preprocessing step to the structure of AES S-box by performing a gray-code transformation. In [16], Hussain et al. applied the algebraic permutation group S 8 on the elements of AES S-box which enables them to construct sequentially as much as 40320 S-boxes with similar performance strength as that of AES S-box. The same researcher proposed another algebraic method for S-box by applying the action of projective linear group on Galois field with a particular type of linear fractional transformation in [17]. In [18], a powerful algebraic method is suggested to construct 16 strong S-boxes built on the concept of Galois field extensions of order 256. The technique is purely algebraic and has ability to construct 8 × 8 S-boxes of high cryptographic strengths. Farwa et al. in [19] used multiplicative cyclic group of associated Galois field for the construction of algebraic S-box. They carefully formulated a bijective nonlinear iterative algebraic map defined on GF (2 8 ) and the algebraic S-box provided acceptable properties for application in image encryption. A new S-box generation method based on both the algebraic and chaotic structures is proposed in [20]. Wherein, chaotic Chebyshev map and a special class of permutation subgroups of symmetric group S 16 are explored for S-box construction.
The available literature makes it evident that the S-box generation using any random approach, using chaos or some other pseudo-random source, doesn't found to have good cryptographic strengths compared to S-boxes generated via algebraic methods. The only merit with random S-boxes is that it is quite easy to get a large quantity of S-boxes. However, cryptographically strong S-boxes are found to be easily obtainable through algebraic techniques [21]. But, many of them are keyless techniques and yields static S-boxes. In literature, some of the well-known S-boxes are AES [7], APA [14], Gray [15], S8 AES [16], S8-APA [22], [23]. The performance of optimization based S-box methods lies in between the random-based and algebraic methods. With the applied heuristics, many of the researchers have obtained S-boxes better than random or chaotic S-boxes. But, the associated demerit is that they are time consuming as the optimization process takes significant time to get notable configuration of optimized S-box [24].
In this work, combination of two 1D chaotic maps to improve their chaotic range is used to construct different S-boxes. In addition, the group action of a projective general linear group is also performed on the elements of GF(2 8 ). Hence, an improved chaos-assisted search for strong S-boxes construction using the algebraic Mobius transformation is put forward. The proposed method is key-dependent, means it also has its own set of key space. Our method is a blend of chaos-based random and algebraic techniques. Therefore, it holds the advantages of ease of constructing S-boxes with cryptographic strengths similar to AES and key-dependent. The exhaustive comparison of S-boxes performance with a number of chaos-based., algebraic-based, and optimizationbased methods is also done to reflect the superiority of our method over many of the standing methods. Moreover, an image encryption application of proposed S-boxes is also carried out to show their suitability to multimedia security.

II. REVIEW OF VARIOUS CHAOTIC MAPS
In the literature, various chaotic maps have been applied for encryption, watermarking and steganography techniques. Here, two chaotic maps i.e., Tent map and Sine map will be discussed and analyzed. The combination of these maps form a Tent-Sine system (TSS) which is used for the proposed chaotic S-box method.

A. CHAOTIC TENT MAP
The Tent map is expressed as [25]: where, the range of parameter τ lies in the interval 0 < τ ≤ 4, and state variable y n ∈ [0, 1]. It is obvious from bifurcation diagram of chaotic tent map; the map name is due to its tent map like shape. The interval of chaotic behavior of tent map is [2,4]. The bifurcation diagram and lyapunov exponent are shown in Fig 1(a). The behavior of Tent map is chaotic for VOLUME 7, 2019  (9), β = 10/9. the specific interval only as clear from Fig. 1(a) which shows the limitations of this chaotic map.

B. CHAOTIC SINE MAP
The chaotic behaviour of well-known Logistic map and Sine map is somewhat similar to each other. This can be seen in both bifurcation and lyapunov exponent diagrams of Sine map given in Fig 1(b). The Sine map has following governing equation [26].
Like Tent map, the state variable y n ∈ [0, 1] and α is system parameter. Both the Tent map and Sine map have almost identical behavior and they have common problems as well. The range of chaos in Sine map is also limited as depicted in bifurcation diagram. Moreover, the non-uniformity of its trajectory-points combine with limited chaotic range makes the application of Sine map limited.

C. CHAOTIC TENT-SINE SYSTEM
The short chaotic spread of both Tent map and Sine map demands a chaotic map whose chaotic spread is bigger than two seed maps. A unique nonlinear combination of these two maps gives a chaotic Tent-Sine system (TSS). This arrangement of chaotic maps plays an extremely complicated chaotic role [27]. The mod1 operator is required to keep the output range lies in between 0 to 1. The assimilation of parameters of both the chaotic maps, the expression is given in equation (4).
where 0 < σ ≤ 4, β > 0 are two parameters and y n ∈ [0, 1] is the state variable of the TSS chaotic system. The chaotic limit of the TSS system is increased remarkably well and the output sequences are distributed uniformly which can be seen from its bifurcation and lyapunov exponent diagrams shown in Figure 1(c) for β = 1.

III. PROPOSED METHOD A. MOBIUS TRANSFORMATION BASED CONSTRUCTION OF CHAOTIC S-BOX
The important step in any cryptographic technique is the appropriate selection of S-box. This careful selection also restricts the linear and differential attacks. With a higher chaotic range and complex properties, Tent-Sine system is considered for the structuring proposed S-boxes. The flow chart in Fig. 2 shows that the primary input for the structure of S-box is taken from chaotic Tent-Sine map. Moreover, the mathematical foundation of the proposed method is defined by the concept of group action of a projective general linear group over a Galois finite field GF(2 8 ) with the help of Mobius transformation. The group action and Mobius transformation is expressed as follows:     The scheme proceeds further only if u 3 × m + u 4 = 0, else the scheme needs to loop back to avoid the possibility of this discontinuity. The choice of four u 1 , u 2 , u 3 , and u 4 values, allocated to Mobius transformation is selected from chaotic Tent-Sine system. The products of the proposed method are chaotic S-boxes. The algorithm depicts that loop applied in it takes values of u 1 , u 2 , u 3 , u 4 and m from interval 0-255. The algorithm goes to the next step once it satisfies the condition of u 1 × u 4 − u 2 × u 3 is not equal to zero. This condition makes the transformation preclude the possibility that Mobius transformation g(m) reduces to a constant. The operational steps of proposed method are the following.
Step II: The four values u i are calculated out of chaotic w i for i = 1,2,3,4 obtained in Step I as: If the resulting value of u 1 × u 4 − u 2 × u 3 is any number other than zero, we will go to the next Step else we need to start from Step I again.
Step III: Here,we generate a sequence m of length 256 from different entries of the finite field GF (2 8 ). This sequence of 256 entries will be in ascending order.  Step IV: We need to go back to step III provided that u 3 × m + u 4 is equal to zero. If the result of the expression is non-zero then we would take group action of the projective general linear group PGL(2,GF(2 8 )) on the elements of m. This group action is defined in equation (5).
Step V: Lastly, by iterating the above-mentioned four steps will provide us the sequence S having 256 different entries. Transform its elements into 16 × 16 matrix. This matrix S is the proposed S-box.
The flowchart of the proposed method using the TSS chaotic map and Mobius transformation is shown in Fig. 2.

B. PROPOSED S-BOXES
S-boxes are constructed by using various powers β of chaotic TSS map F(y 0 , σ, β). The initial values for y 0 = 0.7 and σ = 3 with specified β is taken for simulation. The detailed description of the map relates to the first S-box for β = 1 is specified in equation (4) and the maps of rest of the four S-boxes are given in equations (8) to (11). The bifurcation diagrams of different forms of TSS maps having different exponents are shown in Figure 3. The exponent β of TSS map is used as a parameter for constructing different S-boxes. The tabular form of proposed chaotic S-boxes for β = 1, β = 8/9, β = 4/5, β = 6/7, and β = 10/9 are provided in Tables (1) to (5), respectively. The exponents used for the construction of these S-boxes are mentioned with Tables.

IV. SUBSTITUTION BOXES ANALYSIS
The assessment of the S-box defines its further application in various cryptographic schemes and multimedia security [28]- [30]. For this purpose, different theoretic and statistical performance measures are being utilized to evaluate the strength of S-boxes [31]. A comprehensive demonstration of such measures, involving differential characteristics of the block cipher is discussed in [32]. These types of attacks are used in block cipher-based S-boxes like DES and AES. The cipher can be scrutinized by using information theory approach [31]. Different tests like nonlinearity score, strict avalanche criteria (SAC), bit independent criterion (BIC), linear and differential approximation probabilities. The all eight nonlinearity scores of proposed five S-boxes are given in Table 6. The minimal score of nonlinearity is also shown to highlight that proposed S-boxes have high score of minimal nonlinearity and capable to mitigate the minimal nonlinearity based attack. Moreover, the cryptographic performance features of proposed five S-boxes are also compared with an exhaustive list of state of the art S-boxes in Table 7.
We selected those S-boxes whose average nonlinearity score is about 106 for comparison in Table 7. From comparison Table, it is clear that the proposed S-boxes (preferably the S-box-3, Sbox-4 and S-box-5) have remarkably better performance compared to almost all of the S-boxes (including recent ones) listed in the comparison Table. They show exhibits similar strengths and features as that of AES, APA, Gray, S8-AES S-boxes.

V. STATISTICAL ANALYSIS
To analyze the quality of the S-box constructed with the help of chaotic tent-sine system, the Lena plaintext image is substituted with five different proposed S-boxes. Moreover, we used our proposed S-boxes in the encryption technique (encryption technique of AES is followed). Fig. 4 gives the pictorial representation of the Lena plain-image and substituted images using proposed S-boxes. While Fig. 5 shows the corresponding histograms of plain-image and substituted images. The plain-image Lena and its encrypted images using proposed S-boxes in the AES encryption scheme are shown in Fig. 6. The histograms of the original and encrypted images are given in Fig. 7. To show the strength of our technique, some statistical analyses under Majority Logic Criteria (MLC) [56] are described below.

A. CORRELATION
Correlation is considered as one of the basic methods to calculate the similarity between two images. The correlation is given by: where, p(i, j) indicates the pixel value and i represent the position of row and j indicates its column value of digital images. The parameters µ and σ are the variance and standard deviation respectively.

B. ENTROPY
The magnitude of the improbability of a random variable to become the part of a random process is done in entropy. This analysis is used to depict the randomness of digital images. It can be defined as: where, probability of random variable is given by p(xi ).

C. CONTRAST
Contrast analysis facilitates the user to see objects vividly to identify the texture of an image. The general value of contrast is given by:

D. HOMOGENEITY
The nearness of the distribution in the gray level co-occurrence matrix (GLCM) to GLCM diagonal is measured in homogeneity analysis. This matrix shows the calculations of combinations of pixel brightness outcomes in tabular form. It can be given as:

E. ENERGY
In a digital image, squaring and taking the sum of gray pixels give the energy of the image. It is defined as: These different MLC analyses are performed to assess the best suited S-box for encryption techniques and multimedia security purposes. The comparison of the results of these analyses on the proposed technique with S-boxes such as AES, APA, S8 AES, Gray, and Skipjack are also performed. The MLC results after performing substitution operation are listed in Table 8 for proposed S-boxes and AES, APA, S8-AES, Gray and Skipjack S-boxes as well. The results VOLUME 7, 2019 indicate that the proposed S-box offers better statistical visual distortion effect than conventional S-boxes. The value of entropy is same for plain-image and all substituted images due to the same distribution of pixels. Whereas, Table 9 is maintained to provide the results of entropy, correlation, homogeneity, energy, contrast for plain-image and encrypted images. Here, the encryption is performed by AES algorithm using mentioned S-boxes. Again, the encryption results show the strength of our proposed S-boxes compared to others. The encryption outcomes of our proposed S-boxes are sufficiently satisfactory for secure communication applications.

VI. CONCLUSION
The most crucial components in the block encryption algorithms are substitution-boxes. They play vital role in the substitution-permutation network to offer sufficient nonlinearity and confusion. In this paper, a chaotic Tent-Sine system is applied for the construction of strong S-boxes. The Mobius transformation is applied to random values obtained through the chaotic map and provides 256 unique elements of the generated S-box. The randomness produced due to the inclusion of improved chaos increases the unpredictability of the cipher. The algebraic transformation fetches strength for the S-boxes. The results of the different statistical analyses indicate the extremely good cryptographic performance of our new S-boxes. The generated S-boxes show good results as compared to some well-known S-boxes, as apparent from the different statistical analyses. His areas of research interests include multimedia security, chaos-based cryptography, cryptanalysis, and optimization techniques.

VII. ACKNOWLEDGMENT
MUHAMMAD FAHAD KHAN is currently an Assistant Professor with Foundation University, and also a Ph.D. Scholar with the Department of Computer Science, Quaid-i-Azam University Islamabad. He is the author of more than 30 research articles. His research interests include steganography, cryptograph, and multimedia communication.
IQTADAR HUSSAIN received the Ph.D. degree in mathematics, specializing in the area of algebraic cryptography, in 2014. He is currently an Assistant Professor with Qatar University. His current research interests include the applications of mathematical concepts in the field of secure communication and cybersecurity, where he has published 63 articles in well-known journals. His H-index score is 23 and i-10 index score is 34. His articles have 1320 Google scholar citations. VOLUME 7, 2019