On the Pentanomial Power Mapping Classification of 8-bit to 8-bit S-Boxes

Abstract

Substitution boxes, or S-boxes, are one of the most important mathematical primitives in modern symmetric cryptographic algorithms. Given their importance, in the past decades, they have been thoroughly analyzed and evaluated by the academic world. Thus, a lot of desirable characteristics a given S-box should possess have been found. This includes, as much as possible, higher nonlinearity and algebraic degrees as well as, as much as possible, lower values of differential uniformity, autocorrelation and sum of squares indicator values. In this work, we use power mappings over GF(28) to generate, enumerate and evaluate all bijective S-boxes yielded by pentanomials of the form f(x)=xa+xb+xc+xd+xe given 0<a<b<c<d<e<256. We find a total of 152,320 different bijective S-boxes, which are further classified into 41,458 different groups in terms of the aforementioned characteristics as well as the number of their fixed points. Having this data, an S-box designer can easily generate a bijective substitution S-box with parameters of their choice. By using pentanomials, we show how we can easily construct S-boxes with cryptographic properties similar to those found in some popular S-boxes like the Kuznyechik S-box proposed by the Russian Federation’s standardization agency as well as the Skipjack S-box proposed by the National Security Agency of the USA.