A Novel Method for Generation of Strong Substitution-Boxes Based on Coset Graphs and Symmetric Groups

The success of AES encryption standard created challenges for the cryptographers to construct strong substitution-boxes using different underlying approaches. It is because they are solely responsible to decide the robustness of cryptosystem against linear and differential cryptanalyses. With an aim to fulfill the mentioned requirement of robustness, a novel group theoretic and graphical method is proposed to construct S-box with optimal features. Firstly, a strong S-box is generated with the help of orbits of coset graphs and the action of proposed powerful permutation of symmetric group $S_{256}$ . In addition, a specific group is designed the action of whose pairs of permutations has the ability to generate as many as 462422016 strong S-boxes. Few of such proposed S-boxes are reported and assessed against standard performance parameters to validate the effectiveness of proposed findings. The features of proposed S-boxes are compared with most of the recent S-boxes to validate the superior performance. Moreover, they are also applied for image encryption to demonstrate their suitability for multimedia security applications.


I. INTRODUCTION
Recent developments in technology and their productive use in daily life have led to a significant increase in the amount of information being imparted. The security of information transmitted over the Internet is the main concern of the public. The sensitivity of the data requires the development of techniques and protective measures. Before transmitting, a user's data must be converted to a format that makes no sense to an unauthorized user [1]. Cryptography has been regarded as a developed scientific discipline over the past several decades. It is used to send data covertly at the recipient end while constructing reverse key or algorithm to retrieve The associate editor coordinating the review of this manuscript and approving it for publication was Wei Huang . the information at the transmitter end. Different mathematical and computational techniques are used to change important information into illegible and irrational forms.
In practice, cryptosystems are categorized into two main branches, symmetric and asymmetric cryptosystems. The symmetric cryptosystems are further partitioned into stream ciphers and block ciphers. In block encryption techniques, the plaintext data is scattered on blocks of the same size as the key and enciphering is performed over the entire block. Usually, a number of transformation operations on plaintext data bytes such as permutation, substitution, adding key and mixing are used in modern block ciphers [2]- [8]. Symmetric block ciphers are among the most broadly utilized systems because they are easy to implement and provide essential cryptographic strength [9], [10]. The block ciphers make VOLUME 8, 2020 This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ use of substitution and permutation operations. The input information (plaintext) is converted into an absurd output data (ciphertext) by utilizing a symmetric key and diverse number of rounds are applied for better encryption effects and quality. Where, each round performs substitution and permutation processes on the input block of binary data. A substitution process replaces an input block with another output block using substitution box (S-box) [11]. Advanced Encryption Standard (AES), as an example, is most commonly used symmetric block cipher. The S-boxes are the key components in block ciphers to create uncertainty and nonlinearity. Because of the efficient utilization of the 8 × 8 substitution box for the AES block cipher, development of robust and strong S-boxes, particularly of the size 8 × 8 attracted the attention of cryptographers worldwide. The improvement on information security standard is the primary objective of the cryptographers. The design of strong S-boxes has become a vital area of research for cryptographers.
In the recent past, various approaches and methods for the construction of S-boxes have been introduced. In [12], the authors introduced I-Ching operators and used them to construct an S-box. The designed S-Box was evaluated through various tests. The outcomes indicate that it has very good cryptographic properties. A technique to generate key dependent substitution box is presented in [13]. The authors claimed to expand the security level of the AES block encryption. In [14] a new S-box is designed with the help of quantum map. The suggested S-box is found to be strong enough to meet the requirements of secure encryption process. Zahid et al. [15] proposed an S-box formation method based on cubic fractional transformation. They used static values of transformation to generate the S-box. In [16], an efficient method for designing S-boxes is proposed by using Intertwining logistic map and bacterial foraging optimization. Zhu et al. proposed a novel chaotic system and constructed a secure double chaotic S-Box [17]. Further, they utilized newly generated S-box in image encryption applications. An efficient method for the generation of strong S-boxes with the help of innovative compound chaotic system is proposed in [18]. Lu et al. [19] utilized a newly generated strong chaotic S-Box to propose an efficient image encryption algorithm. Another recent secure S-box based on Cubic-Logistic function is generated in [20]. Lambić [21] constructed a novel discrete-space chaotic map by means of multiplication of integers and utilized it to generate an efficient S-box. In [22] an S-box with decent properties is proposed based on symmetric group and novel chaotic system. Yousaf et al. [23] used the action of finite Abelian group to construct an S-box with almost optimal features. An effective approach based on optimize linear fractional transformation is presented in [24]. Jamal et al. in [25] presented a novel technique based on the LFT and improved chaotic Tent-Sine system (TSS) to construct an S-box. Shuai et al. used cayley graph for the Symmetric group to generate a high quality S-box [26]. Machowski and Niemiec used key-dependent substitution boxes to design symmetric block cipher [27].
They also proposed a method to construct a large number of S-boxes with reasonable cryptographic features to counter various attacks. Iqtadar et al. claimed [28] that if we convert the entries of an S-box into 8 bits and interchange the position each bit by using a permutation from symmetric group S 8 , the resulting new S-box has the same algebraic features. Since the order of S 8 is 8! = 40320, so they were able to design 40320 S-boxes. The validity of the approach was analyzed by creating some copies of Liu J S-box.
The procedures and techniques of the S-boxes construction, presented in the literature are either feasible for the static S-boxes or complex and monotonous. Static S-boxes have their own deficiencies that can affect the safety of the cipher. The static S-boxes may help attacker in the cryptanalysis of the captured ciphertext. Also, the algorithms that form dynamic and key-dependent S-boxes are confusing and less productive. This requires a simple and effective methodology to develop dynamic and enormous collection of S-boxes. In this paper, we presented a novel method of strong S-boxes generation which has the following main highlights. 1. A novel graphical S-box construction procedure based on the orbits of coset graphs of symmetric group S 4 is proposed. 2. A powerful permutation of symmetric group S 256 is suggested after rigorous experimental study which is incredibly productive to improve the features of obtained S-box. 3. We designed a specific group using three permutations of S 16 which is credible enough to generate as many as 462422016 copies of S-boxes with great ease. 4. We reported few of such proposed S-boxes and compared their features with many recent and state of the art S-boxes. 5. All the proposed copies of S-boxes have strength and features quite similar to AES S-box. 6. We also applied the proposed S-boxes for image encryption to validate its suitability and usage for multimedia encryption. The rest of article has the following structure. Some mathematical concepts of coset graphs and symmetric groups are described in section 2. The proposed method of S-boxes generation is explained and discussed in section 3. The performance assessment of proposed method and S-boxes is done section 4. We also presented the image encryption application of proposed S-boxes in section 5. At last, the contributions made in this paper are concluded in section 6.

II. MATHEMATICAL PRELIMINARIES
In this section, we briefly present some basic concepts of the coset graphs and symmetric groups to be used in the generation of the S-boxes.

A. COSET GRAPHS FOR MODULAR GROUP
The modular group PSL(2, Z ) is an infinite group generated by two mappings u and v such that (x)u = −1 x and [29]. It is the most significant infinite discrete group, through several associations with geometry, 75474 VOLUME 8, 2020 topology and number theory. There is a rich history of studying the actions of PSL(2, Z ), especially on finite sets, that goes back to before the turn of the 20th century. In 1978, Graham Higman gave the concept of coset graphs for the modular group. Since, the generators u and v of PSL(2, Z ) have order 2 and 3, respectively. Therefore, these graphs consist of triangles and lines connecting the vertices of the triangles. The vertices of triangles are permuted anti-clockwise by v. If a triangle T has the vertices a, b, and c, it means that If the line representing u joins two vertices d and e (which may be of same triangle), then (d)u = e. The readers are referred to [30], [31] for more on coset graphs.
Consider a set Z n = {0, 1, 2, . . . , n − 1} under multiplication modulo n. It is a known fact that if n is a prime number p, then Z n forms a field. The modular group acts on Z p ∪ {∞} and a finite coset graph emerges. Since (0)u = ∞, therefore, we adjoin ∞ with Z p to make the action possible. The permutation of v contains six cycles, therefore, the coset graph of Z 17 ∪ {∞} consists of six triangles. The cycle (0, ∞, 1) in the permutation of v represents a triangle of coset graph with vertices 0, ∞, and 1. In this way, 6 six triangles can be drawn. The permutations of u are utilized to join the vertices of this triangle. For example, by the cycle (2,8) in u, we mean a line joining 2 and 8. In Figure 1, the coset graph evolves by using above permutation representations of v and u is shown. The coset graph in Figure 1 arises from natural action PSL(2,Z) on Z p ∪ {∞}. These coset graphs always represent the group u, v : u 2 = v 3 = (uv) p = 1 . It can be seen that each vertex of the graph in Figure 1 is fixed by (vu) 17 .
Therefore, it is the graphical representation of u, v : In case of natural action, we obtain only one coset graph for each p. In [32], Mushtaq proved that a coset graphs for each element θ ∈ Z p can be drawn. He gave the procedure of drawing coset graphs known as parametrization method. Thus, p number of coset graphs can be composed for each field Z p . In the coset graphs, we can easily obtain the order of uv of own choice. Hence, we can make the coset graphs for different triangle groups. The Mushtaq's technique is briefed as follows (see [32] for complete proof and details). First, set u = ax+kc cx−a and v = dx+kf fx−d−1 . For each element θ ∈ Z p , the values of a, c, d, k and f can be computed by solving the following equations.
The Table 1 provides the existing relation between the order of uv and the element θ ∈ Z p . The values of θ for higher order of uv can be obtained by using parametrization method [32].

B. SYMMETRIC GROUP AND ITS RELATION WITH S-BOX
A collection of all bijective maps from a set , of k elements, to itself forms a group and is called symmetric group. It is denoted by S k . The bijective maps in S k are written in the form of cycles. For example, consider a bijective map from a set of 6 elements to itself such that 1, 2, 3, 4, 5 and 6 are mapped on 3, 4, 1, 6, 2 and 5 respectively. In cyclic form, it is written as (1, 3) (2, 4, 6, 5). An 8 × 8 substitution box has 256 unique elements arranged in a matrix of order 16.

VOLUME 8, 2020
By reshuffling the rows or columns in this matrix, a new S-box can be generated. Mathematically, this can be achieved using single permutation from S 16 . Similarly, the positions of all 256 elements of 8 × 8 S-box can also be re-arranged through a certain permutation of S 256 , so that a new S-box gets generated.

III. PROPOSED GENERATION OF STRONG S-BOXES
The proposed method of S-boxes generation explores the concepts of coset graphs, and symmetric groups. The procedure of their usage to achieve the task is described in this section.

A. COSET GRAPH BASED S-BOX FORMATION
The coset graph for the symmetric group u, v : u 2 = v 3 = (uv) 4 = 1 emerges as a result of the action of PSL(2, Z ) on Z 257 ∪ {∞}. An 8 × 8 substitution-box has 256 entries and 257 is the nearest prime number to 256, therefore, the field Z 257 is opted. First, solve the equations (1) to (5) to find the values of a, c, d, k and f . Since in S 4 the order of uv is 4, therefore, we have θ = 2 (see Table 1). Now we solve equations 1 to 5 to find the values of a, c, d, k and f . For equation (1), θ = r 2 , assume = 1 to obtain r = 60. As r 2 +ks 2 = 3, and we take k = 1, then s = 1 is obtained. By putting d = 0 in equation (3), f = 16 is gotten. By substituting r = 60, d = 0, k = 1, s = 1 and f = 16 in equation (4) and (5) This way, the computations of u(x) and v(x) for all x ∈ Z 257 are performed and write them in the form of permutations as follows: Since each vertex of the coset graph evolved from above permutation representation is fixed by u 2 ,v 3 and (uv) 4 . Therefore, it is the graphical representation of the symmetric group S 4 = u, v : u 2 = v 3 = (uv) 4 = 1 . It has 12 orbits (fragments) comprising 10 copies of γ j (each is having the same structure as shown in Figure 2), one copy of λ ( Figure 3) and δ (Figure 4) each.

B. PROPOSED S-BOX METHOD
The trivial sequence of 0, 1, 2,. . . , 255 is destroyed by using the vertices of the coset graphs for S 4 . Therefore, our first objective is to present the vertices of coset graph in a 16 × 16 matrix. The vertices 256 and ∞ are ignored as they only utilized to make the action of PSL(2, Z ) possible. The proposed method of generation of 462422016 strong 8 × 8 S-boxes contains three major steps.
Step A.
The coset graph of S 4 has 12 orbits as shown in Figure 2, 3, and 4.  step 1(a). This process continues until all the vertices of the selected orbit are exhausted. 2. Now, pick the next orbit that has the smallest element of Z 257 − {256} − γ 1 and repeat step 1.
Step 1 is considered completed once all the vertices of coset graph are terminated.
After step 2, we are able to form a 16 × 16 matrix having unique entries from {0, 1, 2, . . . , 255}. This matrix is considered as the initial 8 × 8 S-box (shown in Table 2) and it is found to have sufficient cryptographic performance. It has an average nonlinearity of 100.5. The next procedural step B is framed to improvise on the cryptographic strength of obtained S-box by using the action of symmetric group S 256 .
Step B.
After exhaustive research and analysis, we came through to find that a certain permutations of S 256 are incredibly productive to improve the quality of an 8 × 8 S-box. Theoretically, there are having 256! distinct permutations in S 256 . In this step, we applied around 10 million random permutations of the symmetric group S 256 on 16 × 16 S-box matrix obtained after step A (Table 2) and found a permutation σ (shown in Table 3) the most powerful to enhance the performance of the S-box. The permutation σ reshuffles all 256 elements of Table 2 and yields a strong S-box (shown in Table 4) as consequence of the action.
Step C. In this step, we construct a large number of S-boxes having the same algebraic properties as that of the S-box from step B. Proceed as follows to operate this step C. Consider the following three permutations of S 16 . It is verified that if we reshuffle the rows or columns of the generated S-box (Table 4) by using these three permutations, then resulting new S-boxes found to have the same properties. Let us denote the group generated by a, b, and c as G. Then each element of the group G is a product a, b, and c. Through GAP (Groups, Algorithms, Programming -a System for Computational Discrete Algebra, see https://www.gapsystem.org/index.html), it is found that there are 21504 distinct possible products of a, b, and c, which indicates that the order of proposed group G is 21504. Now, the finite presentation of this particular proposed group G is as follows: A GAP structural description of the formulated G is shown in Figure 5. For instance, if we reshuffle the rows of an S-box S 1 by using the generators of G (say using a) so that a new S-box S 2 emerges. Then S 1 and S 2 are found to have the same algebraic and cryptographic strength. We can also construct another S-box S 3 by the action of another generator b on rows of S 2 . Note that, element of G which generates S 3 is ab Hence, proceeding this way, 21504 distinct different S-boxes of the same properties can be created by applying all permutations of G on rows of the S-box S 1 . Next, corresponding to each S-box S i (where i = 1, 2, 3, . . . , 21504) obtained by reshuffling the rows of S 1, we can further create 21504 more S-boxes by reshuffling the columns of each S i using permutations from the proposed group G. Ultimately, we can generate a total of 21504 2 = 462422016 strong 8 × 8 S-boxes of the same algebraic and cryptographic strength using group G in this step C.
In this paper, we present four such S-boxes through the action of a specified pair of permutations of proposed group G to reshuffle the rows and columns of S-box in Table 4 which in turn generates three more S-boxes shown in Table 5 to 7.

IV. PERFORMANCE ANALYSIS AND COMPARISON
In this section, we analyze the performance of our proposed algebraic method for the generation of a large number of strong 8 × 8 S-boxes. All the generated S-boxes are bijective. The conducts of S-boxes are assessed against the well-established set of test criterions such as nonlinearity, strict avalanche criterion, output bits independence criterion, differential uniformity, linear approximation probability, and auto-correlation function for absolute indicator. The encryption process involves substitution by suggested S-boxes in two rounds. In the first round, the substitution is carried out in forward direction (from first to the last pixel) followed by substitution in backward direction (from last to the first pixel). We have used our S-boxes to encrypt plain images. Two standard gray images of Pepper and Baboon both having size 256 × 256 are used to perform MLC test. We have used MATLAB tool to execute all the computational experiments. A high satisfaction of any S-box for the mentioned test criterions entails its high credibility to mitigate the linear, differential and other types of attacks. The results obtained from various tests show the incredibly high cryptographic strength and capability of proposed generated S-boxes to resist different algebraic attacks is similar to that of AES S-box.

A. NONLINEARITY
Nonlinearity test, introduced by Pieprzyk and Finkelstein in 1988 [33], is the most important parameter to determine the efficiency of substitution boxes. An S-box is considered weak, if the mapping between the plaintext and the ciphertext is linear. In such scenarios, it is easier for the attacker to initiate a linear attack on the ciphertext to obtain the plaintext. This linear attack can be neutralized by designing an S-box with extremely nonlinear mapping between the plaintext and the ciphertext. The Mathematical formula to compute the nonlinearity of an n-bit Boolean function B is where, WS B is Walsh spectrum of function B and u, v belongs to {0, 1} n . The optimal value of nonlinearity for an n-variable Boolean function is 2 n−1 −2 n 2 −1 . But, such functions are bent functions and not balanced. The optimal score of nonlinearity exhibit by AES S-box (112) is still considered as the best value for the case of 8×8 S-boxes. The reason being, so far no 8 × 8 S-box has been reported which has more nonlinearity than AES S-box. The nonlinearity scores of eight balanced component Boolean functions for each proposed S-boxes are listed in Table 8. Whereas, the nonlinearities of initial S-box matrix (in Table 2) are 104, 100, 102, 106, 100, 102, 102, 88, which gives an average of 100.5.

B. STRICT AVALANCHE CRITERION
In [34] Webster and Tavares introduced this criterion. The SAC is said to be satisfied, if all output bits of a function change with a 0.5 probability by complementing a single VOLUME 8, 2020 input bit. Generally, the value of SAC of an S-box is calculated by using dependence matrix. The S-box is considered to meet this criterion, if the average value of the matrix is near to the optimal value of 1/2. In [34] the process of calculating the average value of dependence matrix is given. The SAC values for our four proposed S-boxes are 0.5017, 0.4995, 0.5019, and 0.4973, respectively. A comparison of the SAC values between generated S-boxes and different recently developed S-boxes is given in Table 9.

C. BITS INDEPENDENT CRITERION
Suppose h i denote a Boolean mapping and h j is a two bits output of a substitution box. If h i ⊕h j fulfills the requirements of SAC and has high value of nonlinearity, then by inverting a single input the value of correlation coefficient of each output bit pair is near to zero. In this way the BIC reading of an S-box can be calculated by verifying whether h i ⊕ h j (i = j) of any two output bits of the S-box satisfies the nonlinearity and SAC. This analysis is very important to know the confusion strength of any nonlinear algorithm. The requirement of this analysis is that all values should be approximately equal to 0.5 which has been experimentally verified for our S-boxes. The BIC for nonlinearity are found to have all 112 values for all four proposed S-boxes showing the same BIC strength as that of AES S-box.

D. DIFFERENTIAL UNIFORMITY
Differential uniformity is computed by examining the function from the input bits to the output bits. The insurance of differential uniformity is the main focus of this test. The input differential ϕ must be related with an output differential ψ in a unique way. The formula to calculate differential uniformity is given as The differential uniformity of all four proposed generated S-boxes (in Table 4 to 7) is same and it is just 4 with a differential approximation probability of 0. 015625 only, which verify its high resistance capability to mitigate the differential cryptanalysis like the AES.

E. LINEAR APPROXIMATION PROBABILITY
Like differential probability, the linear approximation probability (denoted by LAP) is also concerned with the highest value of the respective LAT Table. In this test, an imbalance of an event is examined, and its highest value is noted. The parity of the input bits selected by the mask χ x is exactly the same as the parity of the output bits selected by the mask χ y . This analysis was introduced by Matsui [35]. The mathematical formula to calculate linear approximation probability of a given S-box is given below.
where, d represents the collection of all possible inputs and 2 n is the total number of elements. The LAP readings of our proposed S-boxes are 0.0625 and this is again the equal to AES S-box value.

F. AUTO-CORRELATION FUNCTION
This test was introduced by L. D. Burnett in [36]. The auto-correlation function of a Boolean function f is computed as: where for all Boolean functions r(0) = 2 n and for all other possible inputs 2 −n ≤ r(d) ≤ 2 n . The highest value of ACF, known as absolute indicator of Boolean function f, is used to determine the cryptographic quality to achieve good diffusion characteristics [37]. It is denoted as: We can extend this cryptographic metric ACF of Boolean function to S-boxes : {0, 1} n → {0, 1} n by considering all 2 n -1 non-zero linear combinations F of its n component functions. This can be achieved by using the following equation [38].
The ACF of S-box should be as small as possible for cryptographic strength. The maximum ACF for both the AES S-box and generated S-boxes is 32 only. The score is confirming the great cryptographic quality and strength of the proposed S-boxes and the anticipated method. The quantified performance values of all four S-boxes from proposed method of generation are compared with some selectively picked most recent state-of-the-art S-boxes. Wherein, the concepts such as chaos, meta-heuristics, optimizations, algebraic techniques, etc., are applied to achieve best possible generated S-boxes. We maintained the Table 9 which compares the cryptographic features of these S-boxes. Firstly, the comparative study show that all proposed S-boxes have performance strength same as that of the famous AES S-box over all quality metrics and parameters. Secondly, the proposed S-boxes have optimal performance values for nonlinearities, strict avalanche criterion, bits independence criterion, differential uniformities, linear approximation probabilities, and auto-correlation functions to validate the effectiveness and credibility of not only the proposed S-boxes but also the proposed method of generation.  Thirdly, the proposed S-boxes have better parameter values compared to almost all available 8 × 8 S-boxes and they are more capable to offer resistance to differential and linear cryptanalyses. The comparative analysis unarguably portrays the reasonably good security performance of our all four S-boxes and proposed method.

V. APPLICATION IN DIGITAL IMAGE SECURITY
The encryption process distorts the image; these types of alterations determine the reliability of the scheme. So it is important to examine the statistical features through majority logic criterion (MLC). The MLC is a comprehensive exploration set of metrics which includes the entropy, contrast, correlation, energy, and homogeneity tests, as suggested in [60]. The statistical stability of the generated S-boxes is examined by this set of analyses.

A. ENTROPY
The value of randomness of encrypted image is measured by entropy analysis. The entropy is mathematically formulated as.
where, p(x) is the probability of symbol x. A greater value of entropy shows that the distribution of pixels gray values is more uniform. There would be a chance of predictability if the entropy of encrypted image is significantly less than 8, and it may threaten security of image.

B. CONTRAST
The difference in the brightness of an object relates to contrast. Contrast analysis enables the user to visualize objects to identify the underlying information. Therefore, the contrast and brightness of the images are properly adjusted during image processing for better visual effects and viewing. In encryption process, due to the nonlinear mapping of the S-box the contrast is directly proportional to the randomness  of image [47]. Mathematically, it is computed as: where, p(i, j) represents the position of pixels in gray level co-occurrence matrix (GLCM).

C. CORRELATION
Resemblance of pixels to their neighbors is measured through correlation. In the plain-images, there exists a strong correlation among neighboring pixels. The correlation between pixel values can be soften by encryption schemes. Therefore, in insecure channel the encrypted image with negligible correlated values is considered more robust.
Correlation has following formulation: where, p(i, j) indicates the pixel value and i represent the position of row and j indicates its column value of digital images. The parameters µ and σ are the variance and standard deviation, respectively.

D. ENERGY
The sum of squared members of gray level co-occurrence is calculated in energy analysis. In gray level co-occurrence matrix, high valued pixels are found in some places of plain-images; therefore, the energy value is high. Whereas,  compared to the plain-image energy, the energy of encrypted image is smaller because in encrypted image the values are distributed. Energy analysis involves the computation of its associated value which is defined as follows: where, p(i, j) is the number of GLCM matrices.

E. HOMOGENEITY
Homogeneity deals with the intimacy of distribution of elements in gray level co-occurrence matrix (GLCM) to its diagonal. Mainly, its value is dependent on the components presents on the diagonal of the gray level co-occurrence matrix. The small value of homogeneity in encryption reveals the strength of the encryption algorithm. Homogeneity is calculated as: To demonstrate that the proposed S-boxes can be used for encryption and multimedia security, we have used two standards plain-images Pepper and Baboon for MLC encryption performance analysis. The results of these analyses in VOLUME 8, 2020 comparison with the other well-known S-boxes are depicted in Table 10. Figure 6 shows the result of image encryption with proposed S-boxes and few others also. Majority logic criterion analysis results indicate that the proposed S-boxes are suitable for encryption applications and is adequate enough to a become part of algorithms meant for multimedia based safe communication between two legitimate parties.

VI. CONCLUSION
Generation of cryptographically robust and algebraically strong S-box is promising area of research these days. The available proposals either deals with construction of single S-box, which may or may not have the optimal features compared to AES S-box or deals construction of a small set of S-boxes with sufficient computation overheads. But, these two issues have been tackled in this paper quite comfortably. The proposed method explored the orbits of coset graphs to obtain the initial S-box matrix quite innovatively. The quality of the S-box is augmented up to the optimum level by the action of a powerful permutation of S 256 . We presented a novel method which is not only able to yield an S-box with features quite close to AES S-box but also provide a simple and powerful procedure of generating as much as 462422016 strong S-boxes. The features of proposed S-boxes are compared against a number of existing recent S-boxes. It is found that our S-boxes have excellent performance strength compared to almost all over all parameters. The proposed S-boxes are also used to encrypt some standard plain-images to evaluate their encryption performance; the results show that they are sufficiently suitable for use in secure multimedia applications.