Generation of Affine-Shifted S-Boxes with Constant Confusion Coefficient Variance and Application in the Partitioning of the S-Box Space

Ismel Martínez-Díaz; Carlos Miguel Legón-Pérez; Sosa-Gómez, Guillermo

doi:10.3390/cryptography9020045

Generation of Affine-Shifted S-Boxes with Constant Confusion Coefficient Variance and Application in the Partitioning of the S-Box Space

Journal

Cryptography

ISSN

2410-387X

Publisher

MDPI AG

Date Issued

2025-06-14

Author(s)

Ismel Martínez-Díaz

Carlos Miguel Legón-Pérez

Type

text::journal::journal article

DOI

10.3390/cryptography9020045

URL

https://scripta.up.edu.mx/handle/20.500.12552/12236

Abstract

Among the multiple important properties that characterize strong S-boxes for symmetric cryptography and are used in their designs, this study focuses on two: the non-linearity property, a classical security metric, and the confusion coefficient variance property, a statistical proxy for side channel resistance under the Hamming weight leakage model. Given an S-box, two sets can be created: the set of affine-shifted S-boxes, where S-boxes have the same non-linearity value, and the set of Hamming weight classes, where S-boxes have the same confusion coefficient variance value. The inherent values of these two properties ensure resistance to cryptographic attacks; however, if the value of one property increases, it will imply a decrease in the value of the other property. In view of the aforementioned fact, attaining a trade-off becomes a complex undertaking. The impetus for this research stems from the following hypothesis: if an initial S-box already exhibits a trade-off, it would be advantageous to employ a method that generates new S-boxes while preserving the balance. A thorough review of the extant literature reveals the absence of any methodology that encompasses the aforementioned elements. The present paper proposes a novel methodology for generating an affine-shifted subset of S-boxes, ensuring that the resulting subset possesses the same confusion coefficient variance value. We provide insights on the optimal search strategy to optimize non-linearity and confusion coefficient variance. The proposed methodology guarantees the preservation of constant values on the designated. It is possible to incorporate these properties into a comprehensive design scheme, in which case the remaining S-box properties are to be examined. We also demonstrate that, despite the fact that this subset contains S-boxes with the theoretical resistance to side channel attacks under the Hamming weight model, the S-boxes are in different Hamming weight classes.