Cryptography and Communications

, Volume 11, Issue 1, pp 41–62 | Cite as

Cellular automata based S-boxes

  • Luca MariotEmail author
  • Stjepan Picek
  • Alberto Leporati
  • Domagoj Jakobovic
Part of the following topical collections:
  1. Special Issue on Boolean Functions and Their Applications


Cellular Automata (CA) represent an interesting approach to design Substitution Boxes (S-boxes) having good cryptographic properties and low implementation costs. From the cryptographic perspective, up to now there have been only ad-hoc studies about specific kinds of CA, the best known example being the \(\chi \) nonlinear transformation used in Keccak. In this paper, we undertake a systematic investigation of the cryptographic properties of S-boxes defined by CA, proving some upper bounds on their nonlinearity and differential uniformity. Next, we extend some previous published results about the construction of CA-based S-boxes by means of a heuristic technique, namely Genetic Programming (GP). In particular, we propose a “reverse engineering” method based on De Bruijn graphs to determine whether a specific S-box is expressible through a single CA rule. Then, we use GP to assess if some CA-based S-box with optimal cryptographic properties can be described by a smaller CA. The results show that GP is able to find much smaller CA rules defining the same reference S-boxes up to the size \(7\times 7\), suggesting that our method could be used to find more efficient representations of CA-based S-boxes for hardware implementations. Finally, we classify up to affine equivalence all \(3\times 3\) and \(4\times 4\) CA-based S-boxes.


Cellular automata S-box Cryptographic properties Heuristics 

Mathematics Subject Classification 2010

94A60 68Q80 06E30 



This work has been supported in part by Croatian Science Foundation under the project IP-2014-09-4882.


  1. 1.
    Augot, D., Finiasz, M.: Direct construction of recursive MDS diffusion layers using shortened BCH codes. In: Fast Software Encryption—21st International Workshop, FSE 2014, London, UK, March 3–5, 2014. Revised Selected Papers, pp. 3–17 (2014)Google Scholar
  2. 2.
    Bäck, T., Fogel, D., Michalewicz, Z (eds.): Evolutionary Computation 1: Basic Algorithms and Operators. Institute of Physics Publishing, Bristol (2000)zbMATHGoogle Scholar
  3. 3.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: Radiogatún, a belt-and-mill hash function. IACR Cryptology ePrint Archive 2006, 369 (2006)Google Scholar
  4. 4.
    Bertoni, G., Daemen, J., Peeters, M., Assche, G.V.: The Keccak reference. (2011)
  5. 5.
    Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Proceedings of the 9th International Workshop on Cryptographic Hardware and Embedded Systems, CHES ’07, pp. 450–466. Springer, Berlin (2007)Google Scholar
  6. 6.
    Browning, K.A., Dillon, J.F., McQuistan, M.T., Wolfe, A.J.: An APN permutation in dimension six. Finite Fields: theory and applications, pp. 33–42 (2010)Google Scholar
  7. 7.
    Burnett, L., Carter, G., Dawson, E., Millan, W.: Efficient methods for generating MARS-Like S-boxes. In: Proceedings of the 7th International Workshop on Fast Software Encryption, FSE ’00, pp. 300–314. Springer, London (2001).
  8. 8.
    Canteaut, A., Duval, S., Leurent, G.: Construction of lightweight S-boxes using Feistel and MISTY structures. In: Dunkelman, O., Keliher, L. (eds.) Selected Areas in Cryptography - SAC 2015: 22nd International Conference, Sackville, NB, Canada, August 12–14, 2015, Revised Selected Papers, pp. 373–393. Springer International Publishing, Cham (2016)Google Scholar
  9. 9.
    Carlet, C.: Boolean functions for cryptography and error correcting codes. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, 1st edn, pp. 257–397. Cambridge University Press, New York (2010)Google Scholar
  10. 10.
    Carlet, C.: Vectorial Boolean functions for cryptography. In: Crama, Y., Hammer, P.L. (eds.) Boolean Models and Methods in Mathematics, Computer Science, and Engineering, 1st edn, pp. 398–469. Cambridge University Press, New York (2010)Google Scholar
  11. 11.
    Chabaud, F., Vaudenay, S.: Links between differential and linear cryptanalysis. In: De Santis, A. (ed.) Advances in Cryptology—EUROCRYPT ’94: Workshop on the Theory and Application of Cryptographic Techniques Perugia, Italy, 1994 Proceedings, pp. 356–365. Springer, Berlin (1995)Google Scholar
  12. 12.
    Claesen, L., Daemen, J., Genoe, M., Peeters, G.: Subterranean: a 600 Mbit/sec cryptographic VLSI chip. In: 1993 IEEE International Conference on Computer Design: VLSI in Computers and Processors, 1993. ICCD ’93. Proceedings, pp. 610–613 (1993)Google Scholar
  13. 13.
    Clark, J.A., Jacob, J.L., Stepney, S.: The design of S-boxes by simulated annealing. N. Gener. Comput. 23(3), 219–231 (2005). CrossRefzbMATHGoogle Scholar
  14. 14.
    Daemen, J., Clapp, C.S.K.: Fast hashing and stream encryption with PANAMA. In: Fast Software Encryption, 5th International Workshop, FSE ’98, Paris, France, March 23–25, 1998, Proceedings, pp. 60–74 (1998)Google Scholar
  15. 15.
    Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, New York, Secaucus (2002)Google Scholar
  16. 16.
    Daemen, J., Govaerts, R., Vandewalle, J.: Invertible shift-invariant transformations on binary arrays. Appl. Math. Comput. 62(2), 259–277 (1994). MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Daemen, J., Govaerts, R., Vandewalle, J.: A new approach to block cipher design. In: Anderson, R. (ed.) Fast Software Encryption: Cambridge Security Workshop Cambridge, U. K.,1993 Proceedings, pp. 18–32. Springer, Berlin (1994)Google Scholar
  18. 18.
    Dobraunig, C., Eichlseder, M., Schläffer, F.M., Ascon, M.: CAESAR submission, (2014)
  19. 19.
    Gutowitz, H.: Cryptography with dynamical systems. In: Cellular Automata and Cooperative Systems, pp. 237–274. Springer (1993)Google Scholar
  20. 20.
    Kavut, S.: Results on rotation-symmetric s-boxes. Inf. Sci. 201, 93–113 (2012). MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Knudsen, L.R., Robshaw, M.: The Block Cipher Companion. Information Security and Cryptography. Springer, Berlin (2011)Google Scholar
  22. 22.
    Koza, J.R.: Genetic Programming: On the Programming of Computers by Means of Natural Selection. MIT Press, Cambridge (1992)zbMATHGoogle Scholar
  23. 23.
    Leander, G., Poschmann, A.: On the classification of 4 bit s-boxes. In: Carlet, C., Sunar, B. (eds.) Arithmetic of Finite Fields, Lecture Notes in Computer Science, vol. 4547, pp. 159–176. Springer, Berlin (2007)Google Scholar
  24. 24.
    Mariot, L., Leporati, A.: A cryptographic and coding-theoretic perspective on the global rules of cellular automata. Nat. Comput. (2017)
  25. 25.
    McEliece, R.J.: Theory of Information and Coding, 2nd edn. Cambridge University Press, New York (2001)Google Scholar
  26. 26.
    Nyberg, K.: On the construction of highly nonlinear permutations. In: Rueppel, R. (ed.) Advances in Cryptology - EUROCRYPT’ 92, Lecture Notes in Computer Science, vol. 658, pp. 92–98. Springer, Berlin (1993)Google Scholar
  27. 27.
    Nyberg, K.: S-boxes and round functions with controllable linearity and differential uniformity. In: Fast Software Encryption: Second International Workshop. Leuven, Belgium, 14–16 December 1994, Proceedings, pp. 111–130 (1994)Google Scholar
  28. 28.
    Picek, S., Miller, J.F., Jakobovic, D., Batina, L.: Cartesian genetic programming approach for generating substitution boxes of different sizes. In: GECCO Companion ’15, pp. 1457–1458. ACM, New York (2015)Google Scholar
  29. 29.
    Picek, S., Cupic, M., Rotim, L.: A new cost function for evolution of S-boxes. Evol. Comput. 24(4), 695–718 (2016)CrossRefGoogle Scholar
  30. 30.
    Picek, S., Mariot, L., Leporati, A., Jakobovic, D.: Evolving S-boxes based on cellular automata with genetic programming. In: Proceedings of the Genetic and Evolutionary Computation Conference Companion, GECCO ’17, pp. 251–252. ACM, New York (2017)Google Scholar
  31. 31.
    Picek, S., Mariot, L., Yang, B., Jakobovic, D., Mentens, N.: Design of S-boxes defined with cellular automata rules. In: Proceedings of the Computing Frontiers Conference, CF’17, pp. 409–414. ACM, New York (2017)Google Scholar
  32. 32.
    Poli, R., Langdon, W.B., McPhee, N.F.: A Field Guide to Genetic Programming. Lulu Enterprises Ltd, UK (2008)Google Scholar
  33. 33.
    Poli, R., Langdon, W.B., McPhee, N.F.: A field guide to genetic programming. Published via and freely available at (With contributions by J. R. Koza) (2008)
  34. 34.
    Rijmen, V., Barreto, P.S.L.M., Filho, D.L.G.: Rotation symmetry in algebraically generated cryptographic substitution tables. Inf. Process. Lett. 106(6), 246–250 (2008). MathSciNetCrossRefzbMATHGoogle Scholar
  35. 35.
    Seredynski, M., Bouvry, P.: Block encryption using reversible cellular automata. In: Cellular Automata, 6th International Conference on Cellular Automata for Research and Industry, ACRI 2004, Amsterdam, The Netherlands, October 25–28, 2004, Proceedings, pp. 785–792 (2004)Google Scholar
  36. 36.
    Shannon, C.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28 (4), 656–715 (1949)MathSciNetCrossRefGoogle Scholar
  37. 37.
    Sutner, K.: De bruijn graphs and linear cellular automata. Complex Syst. 5(1), 19–30 (1991)MathSciNetzbMATHGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.DISCoUniversità degli Studi di Milano-BicoccaMilanoItaly
  2. 2.Cyber Security Research Group, Delft University of TechnologyDelftThe Netherlands
  3. 3.Université Paris XIII, LAGASaint-Denis CedexFrance
  4. 4.Faculty of Electrical Engineering and ComputingUniversity of ZagrebZagrebCroatia

Personalised recommendations