DBST: a lightweight block cipher based on dynamic S-box

doi:10.1007/s11704-022-1677-5

Front. Comput. Sci.

2023, Vol. 17

Issue (3) : 173805 https://doi.org/10.1007/s11704-022-1677-5

RESEARCH ARTICLE

DBST: a lightweight block cipher based on dynamic S-box

Liuyan YAN^1,², Lang LI^1,²(

), Ying GUO^1,²

¹. College of Computer Science and Technology, Hengyang Normal University, Hengyang 421002, China
². Hunan Provincial Key Laboratory of Intelligent Information Processing and Application, Hengyang Normal University, Hengyang 421002, China

Download: PDF(6943 KB) HTML
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks

Abstract

IoT devices have been widely used with the advent of 5G. These devices contain a large amount of private data during transmission. It is primely important for ensuring their security. Therefore, we proposed a lightweight block cipher based on dynamic S-box named DBST. It is introduced for devices with limited hardware resources and high throughput requirements. DBST is a 128-bit block cipher supporting 64-bit key, which is based on a new generalized Feistel variant structure. It retains the consistency and significantly boosts the diffusion of the traditional Feistel structure. The SubColumns of round function is implemented by combining bit-slice technology with subkeys. The S-box is dynamically associated with the key. It has been demonstrated that DBST has a good avalanche effect, low hardware area, and high throughput. Our S-box has been proven to have fewer differential features than RECTANGLE S-box. The security analysis of DBST reveals that it can against impossible differential attack, differential attack, linear attack, and other types of attacks.

Keywords internet of things 5G dynamic S-box bit-slice technology lightweight block cipher

Corresponding Author(s): Lang LI

About author:

Tongcan Cui and Yizhe Hou contributed equally to this work.

Just Accepted Date: 25 March 2022 Issue Date: 19 October 2022

Cite this article:

Liuyan YAN,Lang LI,Ying GUO. DBST: a lightweight block cipher based on dynamic S-box[J]. Front. Comput. Sci., 2023, 17(3): 173805.

URL:

https://academic.hep.com.cn/fcs/EN/10.1007/s11704-022-1677-5
https://academic.hep.com.cn/fcs/EN/Y2023/V17/I3/173805

Notations	Descriptions
P:	The 128-bit plaintext
C:	The 128-bit ciphertext
K:	The 64-bit master key
$r k e y i$ :	The 32-bit round subkey in i round
$F 1$ , $F 2$ :	The function F₁, the function F₂
Nr:	The round number
$X [j] i$ :	The 32-bit data in i round $(j = 0, 1, 2, 3)$
Sub:	SubColumns
\|\|:	Concatenation of two binary strings
\|:	Bitwise OR operation
~:	Bitwise negation operation
&:	Bitwise AND operation
$⊕ :$	Bitwise exclusive-OR operation

Tab.1 Notations of DBST

Fig.1 The encryption of DBST

Alogrithm 1 DBST encryption foutine
Input: $P (128), K (64)$
Output: $C (128)$
1: $P (128) → X [0] (32) 0 \| \| X [1] (32) 0 \| \| X [2] (32) 0 \| \| X [3] (32) 0$
2: $G e t r a t e K e y (K (64), r k e y 0)$
3: $f o r i = 0 t o N r ? 1 d o t h e f o l l o w i n g$
4: $M i d i ← S u b ((X [1] (32) i ⊕ X [2] (32) i), r k e y i)$
5: $X [0] (32) i + 1 ← X [2] (32) i$
$X [1] (32) i + 1 ← X [3] (32) i ⊕ F 1 (M i d i, r k e y i)$
$X [2] (32) i + 1 ← X [0] (32) i ⊕ F 2 (M i d i, r k e y i)$
$X [3] (32) i + 1 ← X [1] (32) i$
6: end for
7: $C (128) ← X [2] (32) i \| \| X [3] (32) i \| \| X [0] (32) i \| \| X [1] (32) i$

Tab.2 The encryption routine of DBST

Fig.2 A 32-bit intermediate calculation data

Fig.3 A 32-bit subkey state

Fig.4 Two-dimensional ways

$T 0 =～ W 1$	$T 1 = W 2 ⊕ W 3$
$B 1 = T 1 ⊕ (W 0 & T 0)$	$T 2 = W 0 ⊕ (W 3 \| T 0)$
$B 0 = W 2 ⊕ T 2$	$B 2 = (W 1 ⊕ W 2) ⊕ (T 1 & T 2)$
$T 3 =～ W 3$	$T 4 =～ (W 2 \| W 1)$
$T 5 =～ (W 1 \| W 0) & W 3$	$T 6 =～ (W 3 \| W 1) & W 0$
$T 7 = T 3 & W 2 & W 1$	$T 8 = R 1 & R 0$
$T 9 = T 8 & (T 4 \| T 5 \| T 6 \| T 7)$	$T 10 =～ (W 2 \| W 0)$
$T 11 = T 10 & W 1$	$T 12 = W 3 & W 1 & W 0$
$T 13 =～ W 2 & W 3$	$T 14 = R 3 ⊕ R 2$
$T 15 =～ R 0$	$T 16 = T 14 & T 15$
$T 17 = T 16 & (T 6 \| T 11 \| T 12 \| T 13)$	$T 18 =～ (W 3 \| W 1 \| W 0)$
$T 19 = W 3 & T 4$	$T 20 = T 3 & W 1 & W 0$
$T 21 =～ T 14 & T 15$	$T 22 = T 21 & (T 10 \| T 18 \| T 19 \| T 20)$
$T 23 =～ W 0 & W 1 & W 2$	$T 24 = W 3 & W 2$
$T 25 =～ R 1 & R 0$	$T 26 = T 25 & (T 6 \| T 12 \| T 23 \| T 24)$
$B 3 = T 9 \| T 17 \| T 22 \| T 26$

Tab.3 Logical expressions of the SubColumns

Fig.5 A 64-bit state key and its two-dimensional representation

Fig.6 The result after the SubColumns

Round	2	3	4	32
$d a$	0.999023	0.999450	0.999859	0.999093
$d s a$	0.999878	0.999946	0.999995	0.999083
$d c$	1.000000	1.000000	1.000000	1.000000

Tab.4 Avalanche effect test results of DBST

Round	7	8	9	31
$d a$	0.998103	0.998881	0.999166	0.999037
$d s a$	0.991738	0.992044	0.992029	0.992019
$d c$	1.000000	1.000000	1.000000	1.000000

Tab.5 Avalanche effect test results of PRESENT

Probability interval	Probability number	Probability interval	Probability number
$(2 ? 175, 2 ? 170]$	48	$(2 ? 180, 2 ? 175]$	48
$(2 ? 190, 2 ? 185]$	24	$(2 ? 205, 2 ? 200]$	24
$(2 ? 210, 2 ? 205]$	8	$(2 ? 220, 2 ? 215]$	8
$(2 ? 245, 2 ? 240]$	16	$(2 ? 255, 2 ? 250]$	16
$(2 ? 265, 2 ? 260]$	8	$(2 ? 270, 2 ? 265]$	8
$(2 ? 280, 2 ? 275]$	12	$(2 ? 285, 2 ? 280]$	44
$(2 ? 290, 2 ? 285]$	4	$(2 ? 300, 2 ? 295]$	4
$(2 ? 510, 2 ? 300]$	88

Tab.6 Differential feature probability distribution table

Probability interval	Probability number	Probability interval	Probability number
$(2 ? 170, 2 ? 165]$	4	$(2 ? 175, 2 ? 170]$	4
$(2 ? 180, 2 ? 175]$	32	$(2 ? 185, 2 ? 180]$	12
$(2 ? 190, 2 ? 185]$	36	$(2 ? 205, 2 ? 200]$	20
$(2 ? 210, 2 ? 205]$	28	$(2 ? 215, 2 ? 210]$	16
$(2 ? 220, 2 ? 215]$	20	$(2 ? 225, 2 ? 220]$	12
$(2 ? 230, 2 ? 225]$	16	$(2 ? 235, 2 ? 230]$	32
$(2 ? 250, 2 ? 245]$	12	$(2 ? 255, 2 ? 250]$	4
$(2 ? 310, 2 ? 255]$	112

Tab.7 Linear feature probability distribution table

Tab.8 DBST 6-round impossible differential tail

Fig.7 The datapath of the round-based DBST

Tab.9 Area requirement of DBST

Tab.10 Comparison of lightweight block cipher implementations

Table A1 The test vectors of DBST

Fig.A1 32-bit data

Fig.A2 32-bit subkey

Fig.A3 Two-dimensional way

Table A2 4-bit S-boxes associated with the key in hexadecimal form

Fig.A4 The SubColumns operates on the columns of the state

x	0	1	2	3	4	5	6	7	8	9	A	B	C	D	E	F
$S 1 (x)$	9	2	C	D	A	5	3	E	F	8	B	6	4	7	0	1
$S 2 (x)$	1	A	4	5	2	D	B	6	7	0	3	E	C	F	8	9
$S 3 (x)$	9	A	4	5	2	D	B	E	F	8	3	6	C	7	0	1
$S 4 (x)$	1	A	C	5	2	D	3	6	F	8	B	E	4	7	0	9

Table A3 The 4 S-boxes of DBST

Table A4 The differential distribution table of

S 1 (x)

and

S 2 (x)

Table A5 The differential distribution table of

S 3 (x)

Table A6 The differential distribution table of

S 4 (x)

x	0	1	2	3	4	5	6	7	8	9	A	B	C	D	E	F
$S (x)$	6	5	C	A	1	E	7	9	B	0	3	D	8	F	4	2

Table A7 The RECTANGLE S-box

Table A8 The differential distribution table of RECTANGLE

S (x)

1	A, Bogdanov L R, Knudsen G, Leander C, Paar A, Poschmann M J B, Robshaw Y, Seurin C Vikkelsoe . PRESENT: an ultra-lightweight block cipher. In: Proceedings of the 9th International Workshop on Cryptographic Hardware and Embedded Systems. 2007, 450–466
2	J, Feng L Li . SCENERY: a lightweight block cipher based on Feistel structure. Frontiers of Computer Science, 2022, 16( 3): 163813
3	S, Banik Z, Bao T, Isobe H, Kubo F, Liu K, Minematsu K, Sakamoto N, Shibata M Shigeri . WARP: revisiting GFN for lightweight 128-bit block cipher. In: Proceedings of the 27th International Conference on Selected Areas in Cryptography. 2020, 535–564
4	R, Beaulieu D, Shors J, Smith S, Treatman-Clark B, Weeks L Wingers . The SIMON and SPECK lightweight block ciphers. In: Proceedings of the 52nd Annual Design Automation Conference. 2015, 175
5	Y, Guo L, Li B Liu . Shadow: a lightweight block cipher for IoT nodes. IEEE Internet of Things Journal, 2021, 8( 16): 13014–13023
6	X, Dai Y, Huang L, Chen T, Lu F Su . VH: a lightweight block cipher based on dual pseudo-random transformation. In: Proceedings of the 1st International Conference on Cloud Computing and Security. 2015, 3–13
7	G, Bansod N, Pisharoty A Patil . BORON: an ultra-lightweight and low power encryption design for pervasive computing. Frontiers of Information Technology & Electronic Engineering, 2017, 18( 3): 317–331
8	B, Koo D, Roh H, Kim Y, Jung D G, Lee D Kwon . CHAM: a family of lightweight block ciphers for resource-constrained devices. In: Proceedings of the 20th International Conference on Information Security and Cryptology. 2017, 3–25
9	J, Zhang Y, Zhao J, Wu B Chen . LVPDA: a lightweight and verifiable privacy-preserving data aggregation scheme for edge-enabled IoT. IEEE Internet of Things Journal, 2020, 7( 5): 4016–4027
10	S, Banik S K, Pandey T, Peyrin Y, Sasaki S M, Sim Y Todo . GIFT: a small present: towards reaching the limit of lightweight encryption. In: Proceedings of the 19th International Conference on Cryptographic Hardware and Embedded Systems. 2017, 321–345
11	L, Li B, Liu H Wang . QTL: a new ultra-lightweight block cipher. Microprocessors and Microsystems, 2016, 45: 45–55
12	J, Kwon B, Lee J, Lee D Moon . FPL: white-box secure block cipher using parallel table look-ups. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2020, 106–128
13	L, Li B, Liu Y, Zhou Y Zou . SFN: a new lightweight block cipher. Microprocessors and Microsystems, 2018, 60: 138–150
14	W, Zhang Z, Bao D, Lin V, Rijmen B, Yang I Verbauwhede . RECTANGLE: a bit-slice lightweight block cipher suitable for multiple platforms. Science China Information Sciences, 2015, 58( 12): 1–15
15	E Biham . A fast new DES implementation in software. In: Proceedings of the 4th International Workshop on Fast Software Encryption. 1997, 260–272
16	L K, Chen R T Zhang . Novel software block cipher using dynamic s-box and p-box. Computer Science, 2009, 36( 2): 78–81
17	F, Chabaud S Vaudenay . Links between differential and linear cryptanalysis. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques. 1994, 356–365
18	J B, Kam G I Davida . Structured design of substitution-permutation encryption networks. IEEE Transactions on Computers, 1979, C-28( 10): 747–753
19	H Feistel . Cryptography and computer privacy. Scientific American, 1973, 228( 5): 15–23
20	A F, Webster S E Tavares . On the design of S-boxes. In: Williams H C, ed. Advances in Cryptology — CRYPTO ’85 Proceedings. Berlin: Springer, 1985, 523–534
21	Y H, Huang X J, Dai Y Y, Shi N Z, Liu Q X, Zeng F Su . Ultra-lightweight block cipher algorithm (PFP) based on feistel structure. Computer Science, 2017, 44( 3): 163–167
22	V, Tiwari A, Singh A N Tentu . Differential cryptanalysis on DES cryptosystem up to eight rounds. International Journal of Information Privacy, Security and Integrity, 2019, 4( 1): 1–29
23	T, Ashur O, Dunkelman N Masalha . Linear cryptanalysis reduced round of piccolo-80. In: Proceedings of the 3rd International Symposium on Cyber Security Cryptography and Machine Learning. 2019, 16–32
24	M, Tolba A, Abdelkhalek A M Youssef . Impossible differential cryptanalysis of reduced-round SKINNY. In: Proceedings of the 9th International Conference on Cryptology in Africa. 2017, 117–134
25	N T, Courtois J Pieprzyk . Cryptanalysis of block ciphers with overdefined systems of equations. In: Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security. 2002, 267–287

[1]	Xingxing CHEN, Qingfeng CHENG, Weidong YANG, Xiangyang LUO. An anonymous authentication and secure data transmission scheme for the Internet of Things based on blockchain[J]. Front. Comput. Sci., 2024, 18(3): 183807-.
[2]	Ningning CHEN, Huibiao ZHU. A proof system of the CaIT calculus[J]. Front. Comput. Sci., 2024, 18(2): 182401-.
[3]	Jingya FENG, Lang LI. SCENERY: a lightweight block cipher based on Feistel structure[J]. Front. Comput. Sci., 2022, 16(3): 163813-.
[4]	Xinyu TONG, Ziao YU, Xiaohua TIAN, Houdong GE, Xinbing WANG. Improving accuracy of automatic optical inspection with machine learning[J]. Front. Comput. Sci., 2022, 16(1): 161310-.
[5]	Yuanrun FANG, Fu XIAO, Biyun SHENG, Letian SHA, Lijuan SUN. Cross-scene passive human activity recognition using commodity WiFi[J]. Front. Comput. Sci., 2022, 16(1): 161502-.
[6]	Edje E. ABEL, Muhammad Shafie Abd LATIFF. The utilization of algorithms for cloud internet of things application domains: a review[J]. Front. Comput. Sci., 2021, 15(3): 153502-.
[7]	Hao LIN, Guannan LIU, Fengzhi LI, Yuan ZUO. Where to go? Predicting next location in IoT environment[J]. Front. Comput. Sci., 2021, 15(1): 151306-.
[8]	Yu ZHANG, Yuxing HAN, Jiangtao WEN. SMER: a secure method of exchanging resources in heterogeneous internet of things[J]. Front. Comput. Sci., 2019, 13(6): 1198-1209.
[9]	Xuan LI, Jin LI, Siuming YIU, Chongzhi GAO, Jinbo XIONG. Privacy-preserving edge-assisted image retrieval and classification in IoT[J]. Front. Comput. Sci., 2019, 13(5): 1136-1147.
[10]	Chunjie ZHOU, Xiaoling WANG, Zhiwang ZHANG, Zhenxing ZHANG, Haiping QU. The time model for event processing in internet of things[J]. Front. Comput. Sci., 2019, 13(3): 471-488.
[11]	Zheng HE, Kunpeng BAI, Dongdai LIN, Chuankun WU. Unification of identifiers in the Sea-Cloud system[J]. Front. Comput. Sci., 2018, 12(4): 749-762.
[12]	Lei CHEN, Mitchell TSENG, Xiang LIAN, . Development of foundation models for Internet of Things[J]. Front. Comput. Sci., 2010, 4(3): 376-385.

Viewed

Full text

Abstract

Cited

Shared

Discussed